The latest edition of the ISMG Security Report features highlights from interviews in 2021 and examines President Joe Biden's executive order on cybersecurity, ransomware response advice and assessing hidden business risks.
Ransomware-wielding attackers continue to hit businesses, demand a ransom payment and oftentimes dump stolen data if a victim chooses not to pay. But some attackers also appear to be keeping a closer eye on victims - at least after they have been infected - in case they bring unwanted attention.
As network defenders continue to patch or mitigate against the remote code execution vulnerability in the Java-based logging utility Log4j, several cybersecurity vendors - and the U.S. CISA - have issued scanning and assessment tools to speed up the identification process.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
ONUS, one of Vietnam's largest cryptocurrency platforms, has reportedly fallen victim to a ransomware attack that has been traced to Apache's remote code execution vulnerability, Log4j, via third-party payment software. CrowdStrike has also detected Chinese APT activity around the logging flaw.
In the U.S., three states now have disparate data privacy laws - and more are coming. Meanwhile, China has enacted a new law that has global enterprises scrambling. How will these and other actions shape privacy discussions in 2022? Noted attorney Lisa Sotto shares insights.
U.S. President Joe Biden on Monday signed into law the National Defense Authorization Act for fiscal year 2022, which contains $768 billion in defense spending - 5% more than 2021 - and several cybersecurity provisions, including expansion of the Cybersecurity and Infrastructure Security Agency.
As ransomware attacks continue to pose a significant threat to enterprises and individuals, "We will keep banging the message that basic cyber hygiene makes a big difference to lots of people," says Andy Bates of the Global Cyber Alliance. He also discusses the alliance's top priorities for 2022.
Lisa Sotto, partner and chair of the global privacy and cybersecurity practice at Hunton Andrews Kurth LLP, joins three ISMG editors to discuss important cybersecurity and privacy issues, including how U.S. enterprises are harmonizing three disparate privacy laws, and ransomware preparedness.
The latest edition of the ISMG Security Report features an analysis of the most recent developments in the Log4j security flaw crisis, ransomware-era incident response essentials and what to expect from cybersecurity in 2022.
What does the C-suite want to know about ransomware preparedness and response strategies? CEO of (ISC)² Clar Rosso shares findings from the company's new report that provides insights into the minds of C-suite executives and how they perceive their organizations’ readiness for ransomware attacks.
A federal grand jury has handed down a superseding indictment expanding the charges filed against Joe Sullivan, the former CSO of Uber, for his allegedly covering up a 2016 data breach at the ride-sharing service from authorities and paying "hush money" to two hackers. Sullivan denies the charges.
CISA, the FBI, the NSA and several of their international law enforcement partners have issued a joint advisory on the known vulnerabilities in the Apache Log4j software library urging "any organization using products with Log4j to mitigate and patch immediately."
An authentication bypass vulnerability in Zoho's widely used unified endpoint management tool, ManageEngine Desktop Central, is being used by advanced persistent threat actors to gain remote access permissions, the FBI says.
A week after announcing a new bug bounty program called "Hack DHS," U.S. Department of Homeland Security Secretary Alejandro Mayorkas announced that DHS is expanding the scope of the program to include finding and patching Log4j-related vulnerabilities in the systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.