Attackers are hitting unpatched Pulse Secure VPN servers with Sodinokibi - aka REvil - ransomware, British security researcher Kevin Beaumont warns. Pulse Secure says that although many organizations have installed the critical April 2019 patch, holdouts persist.
Accenture plans to buy the former Symantec Cyber Security Services business from Broadcom for an undisclosed sum, the two companies announced Tuesday. The deal comes only five months after Broadcom paid $10.7 billion for Symantec's entire enterprise security division.
In the wake of the killing of an Iranian general in a U.S. drone attack last week, organizations - especially healthcare entities and units of government that have been vulnerable to ransomware attacks - need to be on guard against destructive "wiper" attacks, says Caleb Barlow of CynergisTek.
Adopting the policies in NIST 800-171 brings multiple security-related benefits, including best practices for data access policies, reduced risk of data breaches and insider threats, and a scalable approach to protecting sensitive data.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
Launching online attacks remains a potent tool in the Iranian government's geopolitical playbook. Security experts are urging U.S. businesses and government agencies to remember that as they anticipate reprisals from Tehran after President Donald Trump ordered the killing of an Iranian military leader.
The DHS says the defacement of a U.S. government website over the weekend is not linked to Iranian state-sponsored actors. Attackers posted a pro-Iran message with a photo of President Donald Trump being punched in the face. The website, belonging to the Federal Depository Library Program, is now offline.
Following the U.S. killing of Iran's Maj. Gen. Qasem Soleimani last week, security experts have warned of possible retaliatory cyber strikes. Tom Kellermann of VMware believes those attacks are imminent. "The period of mourning is over, and I think the holy war in American cyberspace is yet to begin."
From past roles at the Department of Justice, Department of Homeland Security, Microsoft and Sony, Phil Reitinger has learned more than a thing or two about nation-states and cyber threats. In this exclusive interview, the head of the Global Cyber Alliance discusses how to respond to potential new threats from Iran.
After an Iranian general was killed in a U.S. drone strike in Baghdad late Thursday night, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses.
The Maze gang crypto-locked Georgia cable and wire manufacturer Southwire's systems and publicly dumped stolen data to try to force it to pay a ransom. In response, Southwire has sued its attackers and obtained a court order in Ireland that knocks the gang's "name and shame" site offline.
E-commerce sites have been under siege from cybercriminals who seek to sneak malicious code into checkout processes. A researcher has now found two new methods that payment card number thieves are using to try to stay under the radar.
The latest edition of the ISMG Security Report discusses countering the threat of nation-state cyberattacks in 2020. Also featured: an update on France's experiment with facial recognition technology and sorting out what "zero trust" really means.