Top

Category: Cybersecurity


Cybersecurity

Disney suffers massive internal communications data leak after cyberattack

July 16, 2024

Via: CSO Online

Walt Disney’s internal communications on Slack have been leaked online, exposing sensitive details about ad campaigns, studio technology, and interview candidates, according to a Wall Street Journal report. The hacker group NullBulge claimed responsibility, stating in a blog post that they […]


Cybersecurity

AT&T’s massive breach of metadata is a criminal treasure trove — as spy agencies know

July 15, 2024

Via: CSO Online

There is plenty of intelligence that can be gathered from call data records if you know where to look. Spy agencies have been doing it effectively for years. Last week we learned via an SEC 8K filing that data has […]


Cybersecurity

6 tips for consolidating your IT security tool set

July 11, 2024

Via: CSO Online

Spending sprees, acquisitions, siloed departments, and escalating security concerns have many CISOs drowning in security solutions. Here’s how to rein in the tool sprawl and ensure enhanced security as you streamline your security stack. Organizations have been on a spending […]


Cybersecurity

Evolve data breach impacted upward of 7.64 million consumers

July 10, 2024

Via: CSO Online

Ransomware attack saw LockBit group access and download critical customer information. The number of persons affected by a recent data breach at Evolve Bank & Trust exceeds 7.64 million, a document submitted to the Office of the Maine Attorney General this week […]


Cybersecurity

Legacy systems are the Achilles’ heel of critical infrastructure cybersecurity

July 8, 2024

Via: CSO Online

China and other nation-state bad actors are probing the defenses of critical infrastructure worldwide and legacy or outdated systems are prime targets. The time to mitigate that risk is now. Rare is the element of critical infrastructure ecosystem that doesn’t […]


Cybersecurity

Understanding APIs and how attackers abuse them to steal data

June 24, 2024

Via: CSO Online

Properly securing APIs will help your organization defend against cyberattacks, drive operational efficiencies, satisfy audit and compliance requirements and enable innovation. Simply put, APIs (short for application programming interface) are how machines, cloud workloads, automation and other non-human entities communicate […]


Cybersecurity, Federal, Policy

US bans Kaspersky Labs over national security concerns

June 21, 2024

Via: CSO Online

The popular antivirus software vendor will be prohibited from selling its software within the US or providing updates to software already in use. The Biden administration has reached a decision to block all new sales of Kaspersky Labs’ products and […]


Cybersecurity

How Cybersecurity Can Steer Organizations Toward Sustainability

June 19, 2024

Via: Dark Reading

Inadequate cybersecurity architecture can cause irreparable damage to an organization, which is why boards and C-suite executives are heeding recommendations to implement policies and procedures to mitigate risk. In addition, boardrooms are also paying attention to other hot topics, including […]


Cybersecurity

Three ways AI is raising the stakes around endpoint security

June 18, 2024

Via: CIO

Over the last few years, AI adoption has grown exponentially. But with it comes a number of risks around endpoint security. Learn what they are and how you can protect against these new threats. AI has made endpoint security even […]


Cybersecurity

What Is a Zero-Trust Network and How Does it Work?

June 14, 2024

Via: InformationWeek

A zero-trust network is true to its namesake: zero trust. Zero-trust networks provide continuous authentication of users and activities on the network. This is in contrast to what traditional network authorization schemes do: authenticate users once, at the time that they initially […]


Cybersecurity, Hardware & Software, Tech

Nvidia Patches High-Severity Flaws in GPU Drivers

June 13, 2024

Via: Dark Reading

Nvidia has issued 10 security alerts detailing vulnerabilities in the company’s GPU drivers and virtualization software. The vulnerabilities, if successfully exploited, could allow attackers to steal or tamper with data, execute arbitrary code, or take control of programs, the company […]


Cybersecurity

China state hackers infected 20,000 Fortinet VPNs, Dutch spy service says

June 12, 2024

Via: ArsTechnica

Hackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after fixing it, Netherlands government officials said. The vulnerability, tracked […]


Cybersecurity

Making Choices for Stronger Vulnerability Management

June 10, 2024

Via: Dark Reading

According to Coalition’s research, Common Vulnerabilities and Exposures (CVEs) are expected to increase by 25% in 2024 to a shocking height of 34,888 vulnerabilities, or roughly 2,900 per month. As attack surfaces continue to expand rapidly, business leaders face mission-critical […]


Cybersecurity

Arctic Wolf sniffs out new ransomware variant

June 5, 2024

Via: CSO Online

The ransomware payload is designed for an easy and quicker payday over a deep, double-extortive infection. Arctic Wolf’s incident response team has identified a new ransomware variant, referred to as Fog — targeting the education and recreation sectors in the […]


Cybersecurity

Long-running Chinese cyberespionage operation targeted Southeast Asian government

June 5, 2024

Via: CSO Online

Several intrusions employing diverse and sophisticated tools sought to exfiltrate sensitive military and technical information of the unnamed government, according to a report by Sophos. Researchers have uncovered a long-running cyberespionage operation by a possibly state-run Chinese threat actor against […]


Cybersecurity

Breach and attack simulation tools: Top vendors, key features, how to choose

June 4, 2024

Via: CSO Online

BAS products simulate attacks to test a company’s defenses against threat vectors. The following guide can help you make the right choice for your organization. Breach and attack simulation (BAS) products help organizations understand their security posture by automating the […]


Cybersecurity

3 reasons users can’t stop making security mistakes — unless you address them

May 31, 2024

Via: CSO Online

Understanding what’s behind employee security mistakes can help CISOs make meaningful adjustments to their security awareness training strategies. Risks associated with cybersecurity continue to evolve, but one challenge remains a constant for CISOs: managing human error. Even with advanced solutions […]


Cybersecurity

The SEC’s New Take on Cybersecurity Risk Management

May 28, 2024

Via: Dark Reading

The advent of generative AI is surfacing new risks, significantly raising the stakes for businesses around the globe and for marketplace stability. In reaction to the logarithmic growth of cybercrime, the guidance and regulatory landscape is changing rapidly. While historically, […]


Cybersecurity, Energy & Environment, Industry

Hijack of monitoring devices highlights cyber threat to solar power infrastructure

May 23, 2024

Via: CSO Online

An attack on remote monitoring devices in Japan underscores an emerging cybersecurity threat to the rapidly growing solar component of the power grid. Inverters used with solar panels could pose a more significant risk. In what might be the first […]


Cybersecurity

Rise of zero-day exploits reshape security recommendations

May 22, 2024

Via: CSO Online

Research from Rapid7 shows a spike in zero-days contributing to quicker exploit timelines, leaving IT security teams under strain with a greater need for post-incident response. With zero-day attacks rapidly eclipsing exploits of known flaws, CISOs face the specter of […]