We have moved from cybersecurity strategy to cyber resilience strategy, said Fene Osakwe, a board member of the Forbes Technology Council. As a result, he said, we still start with identifying assets, but we keep going until we achieve recovery.
The number of organizations and individuals affected by the Clop ransomware group's data-stealing attack on MOVEit servers continues to rise. So far, at least 545 organizations have been affected and data from 38 million individuals has been stolen.
Why are so many fresh zero-day vulnerabilities being exploited in the wild? Google reported that attackers often discover variants of previously exploited flaws, which suggests that vendors aren't doing enough to fix the root cause of flaws - or to avoid introducing fresh ones with their fixes.
The latest generation of ransomware and phishing attacks is being designed to evade existing network security controls such as gateways and firewalls, said Menlo Security CEO Amir Ben-Efraim. Threat actors have taken the time to codify, register and customize URLs to impersonate a bank's help desk.
A security researcher recently found a database exposed to the internet containing sensitive information on independent school students and faculty including financial data, salary, professional details, health information and child abuse reports. The security lapse affected nearly 700,000 records.
Application journeys are fluid in practice because applications can live anywhere. Complex deployments with too many tools to configure and manage and overwhelmed IT teams lead to mistakes, so organizations should take a cybersecurity mesh platform approach to securing their application journeys.
SMB cybersecurity platform Coro purchased an early-stage Israeli startup to bring network connectivity to its SASE offering for midmarket organizations. Coro said its buy of Jerusalem-based Privatise will give Coro clients a secure way to connect, manage and filter out malicious content.
Adding former CIA Director Gen. David Petraeus to Semperis' strategic advisory board has given the identity vendor knowledge and insights into global threat activity, said CEO Mickey Bresman. Petraeus complements the firm's incident response arm company with perspectives on global threats.
This week, a Zenbleed flaw exposed AMD Ryzen CPUs, Facebook was fined AU$20 million in Australia, NATO's COI Portal was breached, Quinn Emanuel reported a cyberattack, VirusTotal apologized for a data leak, Wuhan Earthquake Monitoring Center had a cyberattack and Yamaha Canada had a data breach.
Practicing incident response procedures is as important as practicing fire drills, said CISO Nick Prescot of Norgine. But beyond regularly testing the plan, security leaders must foster a collaborative environment so their teams maintain a sense of calm in the heat of an incident.
The fallout from Clop group's data-grabbing attacks against MOVEit managed file transfer software users keeps mounting. In recent days, the extortionists have added 70 more organizations to their data leak site, taking the tally of known victims to over 515 organizations and 36 million individuals.
Is the Akira ransomware story coming to an end? Security researchers say the group was competing in a competition designed by Royal to give it a new cryptolocker - but lost. Even with a free decryptor now available for Akira victims, however, it's too soon to say if the group might be doomed.
A startup founded by two Israel Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced negotiations to purchase Silicon Valley-based application security posture management vendor Bionic.
The rapid adoption of cloud is a double-edged sword. While it offers organizations great opportunities for embracing innovation, it also outpaces security measures, leaving gaps for attackers to exploit. James Campbell, CEO of Cado Security, discussed the risks and vulnerabilities.
General cyber hygiene has gotten worse at small and midsized businesses, according to Simon Newman, CEO of the Cyber Resilience Center for London. "Businesses are less able to spot that they've been a victim than they perhaps have in previous years," he said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.