A federal judge sided with Google in a bid to block online infrastructure behind an info stealer masquerading as legitimate versions of the Chrome browser and Google Earth Pro. Google estimates the CryptBot malware infected 670,000 computers last year.
As threats continue to increase in frequency and sophistication, managed detection and response or MDR is becoming an increasingly important component of any organization's cybersecurity strategy and can help organizations overcome a major challenge facing security teams - the skills shortage.
It's getting harder to distinguish between normal and unusual threat activity, with more sophisticated attacks exacerbated by hybrid work and, soon, AI attacks. Defenders need correlated rather than isolated telemetry to get more signal and less noise, say Jeetu Patel and Tom Gillis of Cisco.
The threat posed by cybercriminals and fraudsters creates shared risks across the financial services industry including fintech companies. But fintech firms can balance rapid innovation with security and work with each other and governments to repel attackers, said Razorpay CISO Hilal Lone.
The way we secure workloads today is vastly different due to remote work and the move to the cloud following the pandemic. More modern SASE solutions such as zero trust have been adopted, and organizations are moving from legacy such as MPLS to software-defined networking and cloud-based solutions.
Policy buzz around RSA Conference 2023 is centering on the new National Cybersecurity Strategy that seeks to hold software makers liable for security flaws. While federal officials say the industry will embrace the new rules, some are talking about the lobbying and legal challenges ahead.
Point32Health, which provides health plans to millions of New Englanders and is Massachusetts' second-largest health insurer, is still struggling to recover 10 days after it identified a ransomware attack that forced the company to take many of its IT systems and functions offline.
An affiliate of the Russian-speaking Clop ransomware-as-a-service gang and the LockBit cybercrime group are each exploiting vulnerabilities in popular print management software. PaperCut began urging customers to update their software earlier this month after customer reports of suspicious activity.
Federal authorities warn that hackers could take over genetic testing devices manufactured by Illumina, although neither the manufacturer nor the Food and Drug Administration has received reports of attacks. The vulnerabilities affect Illumina's Universal Copy Service software.
Everyone has their favorite threat intelligence feeds, and information sharing is a must between public and private sectors. But don't overlook the power of cyber human intelligence, says Michael DeBolt of Intel 471. In fact, HUMINT is an imperative, not an option, he says.
Between April 21 and 27, hackers stole $1.8 million from Merlin, $22,638 from Kucoin and $170,000 from Trust Wallet and attacked UniSat Wallet. The U.S. indicted two men for DPRK-linked money laundering, and a U.K. parliamentary panel heard plans to curb cybercrime with better crypto seizure skills.
Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. In the days between April 21 and April 27, the spotlight was on the arrest of a Ukrainian trafficker in stolen data, a U.S. Navy shipbuilder and incidents in Canada, India and Kenya.
The midsize market encounters many cybersecurity hurdles, including the increasing volume of information that needs to be protected, the shift to hybrid cloud, and limited skilled personnel to build and implement security programs. What does the SOC look like for these organizations?
Changes to FedRAMP regulations will have a major impact on cloud services providers, compliance and cybersecurity controls, said Tony Bai, director, federal practice lead, at A-LIGN. Bai offers insight on navigating the U.S government authorization requirements as well as the StateRAMP program.
Developers want to move quickly and they want security to be "a natural part" in every step of the software development life cycle. Generative AI can play a pervasive role in helping cybersecurity keep up the pace, according to Brian Roche, chief product officer at Veracode.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.