The ransomware threat has scaled up to
match the new remote workforce. But have
backup policies and incident recovery
procedures improved to keep pace?
Download this eBook to learn more about:
Ransomware recovery challenges;
Securing a remote file-sharing environment;
Business continuity successes in crisis...
Australian shipping giant Toll Group recently suffered its second ransomware outbreak of the year, with Thomas Knudsen, the company's managing director, branding the latest attack as being "serious and regrettable." But was it preventable?
Attacks targeting cloud-based data nearly doubled in 2019 as companies shifted more of their valuable information off-premises and misconfigurations and other issues made it more vulnerable, according to the 2020 Verizon Data Breach Investigations Report. Observers expect the trend to continue this year.
European budget airline EasyJet says it suffered a data breach that exposed 9 million customers' personal details. While no passport details were exposed, the company's ongoing investigation has also found that attackers "accessed" a small number - just 2,208 - of customers' payment card details.
Cryptocurrency-mining hackers appear to be behind a recent spate of supercomputer and high-performance computing system intrusions. But it's unclear if attackers might also have had data-stealing or espionage intentions.
To help prevent cyberattacks, Bangladesh is likely to launch a computer emergency response team, or CERT, for its financial sector this year, says Debdulal Roy, executive director of Bangladesh Bank. But the timing will depend on how long the COVID-19 crisis continues.
Web hosting giant GoDaddy confirms that a data breach has affected about 28,000 of its customers' web hosting accounts, according to a news report. The company has reset passwords and usernames for some customers as a precaution, although it says no data appears to have been altered.
A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
Attack simulations continuously mimic real-world threats to highlight gaps in security systems, and unlike traditional ad hoc testing, they provide an ongoing view of dynamic security environments. Can the insights from attack simulations be used to close gaps and strengthen security programs? They can, if integrated...
What should an enterprise do when someone reaches out and claims to have the company's data or information about a breach? Although it can be a delicate situation to manage, there are sound approaches enterprises can take, says data breach expert Troy Hunt.
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.
Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.
Hotel giant Marriott, which in 2018 disclosed that it had suffered one of the worst data breaches in history, is now warning that it suffered a new breach earlier this year that exposed personal details - although not payment card information - for 5.2 million customers.
Traditionally, security teams look to penetration tests and red teaming to test and build confidence in their security programs. These options are often costly, time-consuming, and limited in scope. There is a better way to gain confidence in security models: continuous attack simulations, which automate adversary...