In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.
As the Russia-Ukraine war continues, many commentators continue to highlight the lack of Russian cyberattacks. But The Chertoff Group's Chad Sweet says Russian cyberattacks remain fast and furious, although Moscow continues to publicly downplay both the attacks and their relative failure.
The U.S. Department of Defense is seeking attorneys who are cybersecurity subject matter experts and can embed inside each agency and work closely with each other, says Lt. Col. Kurt Sanger, an attorney and deputy staff judge advocate of U.S. Cyber Command.
The discovery and subsequent exploitation of a critical zero-day vulnerability in Apache's Log4j open-source library has highlighted the importance of code security in today's threat landscape, says Steve Wilson, security chief product officer at Contrast.
Threat watch: The ongoing Russia-Ukraine war continues to pose both direct and indirect risks to enterprise networks, says Michael Baker, vice president and IT CISO of IT services and consulting firm DXC Technology. He also discusses recruiting and retaining new talent.
The public-private Ransomware Task Force last year issued numerous recommendations for battling ransomware, and task force member Marc Rogers of Okta says that while the problem persists, better mechanisms are helping to blunt such criminal activity.
Ransomware continues to pummel organizations, with the average ransom payment reaching $925,000 so far this year, but the aggregate financial impact of business email compromise attacks is even worse, says Wendi Whitmore, head of Unit 42 at Palo Alto Networks.
Ransomware groups such as Conti are beginning to move away from encrypting systems. Instead, they are stealing data, especially from public companies, and threatening to leak it publicly to extort ransom payments, says cybercrime expert Vitali Kremez, CEO of AdvIntel.
As Russia's invasion of Ukraine continues, it's notable that Ukraine's government - and much of the country - has remained connected to the internet. That's happening despite fierce Russian cyberattacks, says cybersecurity expert Mikko Hypponen, who highlights Ukraine's defensive mojo.
Business-critical applications, the crown jewels of the modern enterprise, are increasingly targeted due to their significant value, and many organizations are struggling to secure them. These systems must be properly deployed, monitored and maintained, says Onapsis CEO Mariano Nunez.
Microsoft’s June rollout of security flaw fixes includes patching Follina, a zero-day exploit launched via malicious Office documents which has been spotted being exploited in the wild. From July users with E3 licenses and above will have the option of automatic updates instead of manual Patch Tuesday fixes.
The latest edition of the ISMG Security Report includes highlights and observations from RSA Conference 2022, including a key message from RSA CEO Rohit Ghai. It also discusses the value of automation and the Cybersecurity and Infrastructure Security Agency's mission to grow cyber talent.
Critical infrastructure providers face a unique set of challenges when it comes to securing their environment from the cruciality of uptime to complying with new federal directives, according to Mark Cristiano, commercial director for Rockwell Automation's global services business.
The disruption of the Netwalker ransomware group in January 2021 by U.S. and Bulgarian authorities highlights how blockchain can be an Achilles' heel for cryptocurrency-using criminals, says Jackie Burns Koven, cyberthreat intelligence lead at Chainalysis.
The dangers associated with compromising critical infrastructure assets burst into public view with the May 2021 Colonial Pipeline ransomware attack, prompting significant investment from both the government and the private sector, according to Claroty Chief Product Officer Grant Geyer.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.