Since 2019, the Global Cyber Alliance has been using a custom IoT honeypot solution that identifies global attack risks and collects data about IoT attacks. Leslie Daigle discusses its findings about how threats have evolved and offers advice on how to better secure IoT devices and tech.
Anyone trying to make sense of data breach trends faces a transparency challenge. Too often, a lack of detail undercuts consumers' ability to assess their identity theft risk and businesses' ability to block emerging attacks or ensure that their supply chains remain secure.
CISA and the FBI issued a joint advisory pointing to Russian state-sponsored activity using WhisperGate and HermeticWiper malware to target Ukrainian organizations. CISA also updated the Shields Up webpage to include new recommendations for corporate leaders and actions to protect critical assets.
As the Russian invasion of Ukraine escalates, organizations in the U.S. and Western Europe wonder: What is the potential blowback if the U.S. strikes back at Russia? Sam Curry, veteran CSO of Cybereason, reviews the possibilities and advises about how best to approach risk and preparedness.
Grant Schneider of Venable and three ISMG editors discuss preparedness, response and resilience in light of the Ukraine-Russia crisis; the White House and allies’ efforts to counter ransomware; and future guidance to expect from the Biden administration's cybersecurity executive order.
As fresh wiper malware attacks target Ukrainian government and financial services organizations and contractors, security experts are urging organizations outside the country to avoid catastrophizing and stay focused on maintaining basic, essential cybersecurity defenses.
NBC News reports that President Joe Biden has been given a menu of options for conducting offensive cyber strikes again Russia. But the White House's press secretary says the report is "off base and does not reflect what is actually being discussed in any shape or form."
The ISMG Security Report analyzes the latest updates on the Ukraine-Russia crisis and offers cyber resiliency tips for organizations. It also describes how the Conti ransomware group has hired TrickBot malware developers and revisits one of the largest ransomware attacks ever in the U.S.
On this week's "Sound Off," attorney Lisa Sotto demonstrates how Colonial Pipeline did "a lot right" in its response to the DarkSide ransomware attack that led the firm to shut down operations for nearly a week last May. She shares best practices for enterprises to improve incident response plans.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
Are data breaches getting worse? So far for 2021, the number of records that were reportedly exposed declined slightly, while the total number of reported data breaches increased both in the U.S. and globally.
In the latest weekly update, four ISMG editors discuss how ransomware attacks got worse in 2021, the backlash from privacy experts sparked by the IRS' decision - now changed - to use facial recognition technology on American taxpayers, and why cybersecurity fosters competitive advantage.
Things are not always what they seem, says incident response expert Joseph Carson, pointing to a case involving ransomware that infected a company in Ukraine, but for which there was no external attack path. Ultimately, his investigation found that ransomware had been used to hide internal fraud.
By almost every measure, ransomware continues to get worse, not least in the average amount criminals receive when a victim chooses to pay a ransom. So say new reports assessing the volume and severity of ransomware attacks, the flow of cryptocurrency, attackers' target selection and more.
"All too often we hear that our industrial control systems have no security. That's not true," says Kevin Jones, group CISO of Airbus. In fact, he states, "some of these systems have been designed with security encapsulating them and security around them." He discusses enhancing cyber resilience.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.asia, you agree to our use of cookies.
