Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. More than ever, the onus is on potential victims to ensure they have essential defenses in place - and if possible, to proactively hunt for attackers who may already be inside their network.
Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies.
The latest edition of the ISMG Security Report features an analysis of a federal crackdown on ICO cryptocurrency scams. Also featured: An update on the SonicWall hack investigation and the use of digital IDs to verify COVID-19 testing.
The SolarWinds supply chain attack is another example of the damage that lateral movement by system intruders can cause. Tim Keeler of Remediant describes why detecting lateral movement is so challenging.
The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
At its core, Zero Trust aspires to eliminate persistent trust, and enforce continuous authentication, least privilege, and microsegmentation. This approach reduces the attack surface and minimizes the threat windows during which attackers can inflict damage, helping to protect against simple malware attacks to...
The CEOs of SolarWinds, Microsoft, FireEye and CrowdStrike rolled out a series of cybersecurity recommendations to a U.S. Senate panel Tuesday while detailing how foreign actors gained access into their firms' systems as a result of the SolarWinds supply chain attack.
All email, cloud, and compliance solutions are not created equal.
As organizations make the move to Microsoft 365, many assume that the platform's built-in or bundled features will keep users safe and compliant. But these "good enough" features may not be good enough for your organization.
Download this eBook from...
Cybersecurity awareness training is one of the most important things you can do to secure your organisation. But starting a new programme may seem daunting. Maintaining one that keeps your users engaged, changes their behaviour and reduces your organisation’s exposure to threats might be an even bigger challenge....
Software company Accellion has released preliminary findings around the security incident that stung customers using its 20-year-old File Transfer Appliance. The attackers swiftly stole data from compromised systems, and some of those organizations have subsequently been extorted.
As online activity increases and digital footprints expand, so too does the overall application attack surface. The recent shifts in consumer behaviours have greatly accelerated business digital transformation and compounded the associated application fraud and abuse.
In response, security, fraud and marketing...
F-Secure Cloud Protection for Salesforce
As organizations of all sizes, across different industries, increasingly embrace cloud services, attackers are switching their focus to exploit vulnerabilities in commonly used services. As a result, a growing number of businesses are suffering serious consequences such as...
Security firms Crowdstrike, Palo Alto Networks and Sailpoint are making acquisitions to bolster their product portfolios. Here's a rundown of the deals.
The "Cuba" ransomware gang has hit Seattle-based Automatic Funds Transfer Services, which processes data from California's Department of Motor Vehicles as well as many cities in Washington. Victim organizations say AFTS is investigating the incident and that an unknown amount of individuals' data was exposed.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.