In the evolving threat landscape, small-time threat actors are entering the ransomware space and targeting small and medium-sized businesses. These organizations must adopt a defense-in-depth approach to defend themselves, said Nick Biasini, head of outreach at Cisco Talos.
What's behind the profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business models and at least one case of a ransomware group leader with poor morale-building skills.
The number of major health data breaches is decreasing, but a recent disturbing trend reflects the vulnerability of critical vendors and the tenacity of cybercriminals, say John Delano, a vice president of Christus Health, and Mike Hamilton, CISO and co-founder of security firm Critical Insight.
Chinese espionage hackers behind an eight-month campaign to hack Barracuda email security appliances intensified their focus on high-priority targets around the time the company moved to fix the zero-day flaw behind the campaign. A custom backdoor suggests China was prepared for remediation efforts.
Two organizations that operate clinics and hospitals in the Midwest are the latest medical care providers struggling with an enterprisewide IT outage affecting clinical and administrative applications. The incident appears similar to recent attacks on several other regional entities.
In today's evolving digital landscape, application security is crucial. That’s why it is increasingly important to normalize the use of two-factor authentication in the developer community to the point that it is "effectively ubiquitous," said John Swanson, director of security strategy at GitHub.
Government agencies are recognizing that the seven pillars of zero trust, as outlined by U.S. federal agencies such as CISA and the DOD, should be strategically applied across various elements, including data and identity management, said Manuel Acosta, senior director and security analyst, Gartner.
Citrix NetScaler defenders are being warned to not just patch a critical flaw but also review logs from before mid-July for signs of compromise, since attackers - including "a known threat actor specializing in ransomware attacks" - have been dropping web shells that survive patching and rebooting.
In the post-digital transformation world - and in advance of the coming of quantum computing - it's time to future-proof cybersecurity by nurturing a culture of security. Dean Coclin of DigiCert discusses how banking institutions can embrace this change.
U.S. authorities Tuesday said they permanently dismantled the notorious Qakbot botnet in an international operation that seized 52 servers and nearly $9 million worth of cryptocurrency. Law enforcement identified more than 700,000 computers infected with the Qakbot malware.
How can you tackle mobile app security and solve user concerns about usability? No-code cyber defense automation can be used to achieve security outcomes in seconds, build desired protections and prevent fraud and malware directly inside the CI/CD pipeline, said Appdome CEO Tom Tovar.
Large language models have revolutionized various industries by automating language-related tasks, enhancing user experiences and enabling machines to communicate more naturally with human beings, according to Rodrigo Liang, CEO of SambaNova Systems.
Ransomware groups, like legitimate businesses, must adapt and change as they grow, in response to external pressures and trends. To survive, many large ransomware groups have adopted decentralized structures, said Yelisey Bohuslavskiy, chief research officer and partner with Red Sense.
Insider threats continue to pose significant concerns in today's digital landscape. While malicious insiders have garnered attention due to harmful intent, negligent users often make unintentional mistakes, contributing to potential cybersecurity risks.
Public-private cybersecurity councils urged the healthcare industry to be more expansive in sharing signs of hacking, warning that traditional indicators aren't enough. Fending off hackers requires additional shared data, such as SIEM rules and automated response playbooks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.