Infosecurity News
RSAC: How CISOs Should Protect Themselves Against Indictments
Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure
Infosecurity News
Three Battle-Tested Tips for Surviving a Cyber-Attack
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
The Cyber Express
Cyble Showcases Next-Gen Cybersecurity Technologies at RSA Conference 2024
San Francisco, May 6, 2024 — Cyble, the leading provider of AI-driven cybersecurity solutions, is excited to announce its participation
CyberSecurity Dive
CISA warned 1,750 organizations of ransomware vulnerabilities last year. Only half took action.
More than half of CISA's ransomware vulnerability warning pilot alerts were sent to government facilities, healthcare and public health organizations.
CyberSecurity Dive
Change Healthcare, compromised by stolen credentials, did not have MFA turned on
AlphV deployed ransomware nine days after it used access to a Citrix portal on Change’s network to move laterally within systems, CEO Andrew Witty said in testimony prepared for a House subcommittee hearing set for Wednesday.
CyberSecurity Dive
At Microsoft, years of security debt come crashing down
Critics say negligence, misguided investments and hubris have left the enterprise giant on its back foot.
The Cyber Express
Future-Proofing the Workforce: How Skilling is Cultivating Next-gen Tech Talent
By Lakshmi Mittra, SVP and Head, Clover Academy In the rapidly changing and dynamic tech environment of today, future-proofing the
The Cyber Express
TCE Cyberwatch: From Ransomware to Deepfakes, This Week’s Top Cybersecurity Threats
This week's TCE Cyberwatch delves into a range of pressing cybersecurity issues impacting the world today. From the rise of
CyberSecurity Dive
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.
CyberSecurity Dive
Palo Alto Networks quibbles over impact of exploited, compromised firewalls
The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.
The Cyber Express
PayPal Appoints Shaun Khalfan as Chief Information Security Officer
In today's digital age, where data breaches and cyber threats loom large, the role of Chief Information Security Officer (CISO)
CyberSecurity Dive
Mitre R&D network hit by Ivanti zero-day exploits
Exploits of Ivanti VPN products have hit roughly 1,700 organizations. To Mitre, guidance from the vendor and government fell short.
Infosecurity News
Quishing Attacks Jump Tenfold, Attachment Payloads Halve
The figures come from Egress’s latest report, which also suggests secure email gateways lag behind tech advancements
SecurityWeek
Cloud Threat Detection Firm Permiso Raises $18 million
With $18 million in a Series A funding, cloud security firm Permiso provides a detection platform that predicts the likely behavior of ‘bad’ identities.
Cyber Security News
Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest
The Leading Company for Securing Access Between Workloads Recognized for the Aembit Workload IAM Platform Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its platform that manages and secures access between critical software resources, like applications […]
HACKRead
Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest
Silver Spring, United States / Maryland, April 3rd, 2024, CyberNewsWire
Infosecurity News
Only 5% of Boards Have Cybersecurity Expertise
The Diligent and Bitsight report found that stronger cybersecurity measures equate to significantly higher financial performance for businesses
CyberSecurity Dive
Phishing remains top route to initial access
Tricking individuals to reveal sensitive information or grant access to systems doesn’t require technical expertise. These lures turn human behavior and trust into a weapon.
CSO
AI adoption by hackers pushed financial scams in 2023
Pig butchering, inheritance, and humanitarian relief scams jumped in 2023 aided by an AI-backed adversary toolset.
The Cyber Express
Empowering Excellence: The Cyber Express Celebrates the Top 100 Women in Cybersecurity
The world of cybersecurity has long been dominated by men, presenting women with numerous hurdles, from biases to systemic obstacles.
The Cyber Wire
Thoughts on International Women's Day 2024.
With March being Women's History Month, and March 8th the observance of International Women's Day, we assembled some thoughts and quotes with these themes in mind from women in our industry to share. Women make up about 25-26% of the cybersecurity workforce. You can read more about that in ISC2's Cyber Workforce Study 2023 here. Based on a recent survey here at N2K CyberWire, nearly a third of our responding audience is female which is up significantly from just a few years ago. We are very proud of the work we do at N2K Networks to support women in STEM. We recently published an encore of our Breaking Through: Securing the advancement of women in cybersecurity panel in honor of International Women's Day. In addition, we are highlighting the work of women in the industry throughout the month of March. We hope you enjoy this bonus content.
CyberSecurity Dive
Change Healthcare systems expected to come back online in mid-March
Insurer UnitedHealthcare said it would also advance payments to providers as the outage stretches into its third week.
The Cyber Express
Breaking Codes and Glass Ceilings: The Legacy of Women in Cybersecurity
In a recent homage to Women's History Month, the US Cyber Command cast a spotlight on Judy Parsons and the
CyberSecurity Dive
Change Healthcare cyberattack having ‘far-reaching’ effects on providers
Providers said the outage at the UnitedHealth-owned technology company has affected billing, eligibility checks, prior authorization requests and prescription fulfillment.
.webp)
Cyber Security News
RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients
Stellar Cyber, the innovator of Open XDR, today announced that RSM US – the leading provider of professional services to the middle market – is leveraging the Stellar Cyber Open XDR platform to unify, expand and control the cybersecurity defenses across its Global MSSP Client Network. RSM US runs a global managed security operations service called RSM Defense. […]
SecurityWeek
Cyber Insights 2024: Artificial Intelligence
AI's progress in 2024 and beyond: 2023 was a year of hype, 2024 brings the beginning of AI reality, and 2025 likely to be its delivery.
SecurityWeek
Cyber Insights 2024: Ransomware
The ransomware threat will continue to grow and expand. It is the quintessential business plan for cybercriminals.
.webp)
Cyber Security News
How to Interpret the MITRE Engenuity ATT&CK® Evaluations For Enterprise
Independent tests are a vital resource as cybersecurity leaders and their teams evaluate vendors’ abilities to guard against increasingly.
The Cyber Express
Celebrating Republic Day: Honoring Top 26 Indian CISOs and Their Pioneering Cybersecurity Leadership
In an era where cybersecurity has become an integral part of organizations, the role of Chief Information Security Officers (CISOs)
CyberSecurity Dive
Microsoft to overhaul internal security practices after Midnight Blizzard attack
After Microsoft disclosed a state-sponsored actor stole data from senior executives, experts are raising questions about its security capabilities and practices.
Infosecurity News
NCSC Builds New “Cyber League” Threat Tracking Community
The UK’s National Cyber Security Centre has launched a Cyber League to monitor emerging cyber-threats
CyberSecurity Dive
Wealthy countries boast superior cyber defenses
A nation’s economic prosperity is directly linked to greater defense capabilities, but no country is overachieving in cyber defense, according to SecurityScorecard.
SecurityWeek
Brad Arkin is New Chief Trust Officer at Salesforce
Veteran cybersecurity leader Brad Arkin has left Cisco and is joining Salesforce as SVP and Chief Trust Officer.
CyberSecurity Dive
Merck reaches settlement in closely watched NotPetya insurance case
The pharmaceutical giant previously won a New Jersey court decision involving $700 million of a $1.4 billion dispute over war-exclusions language related to the attack.
CyberSecurity Dive
Cisco to buy open source multicloud security vendor Isovalent
The deal for the company behind eBPF and Cilium follows Cisco’s blockbuster $28 billion agreement to acquire Splunk.
The Cyber Wire
The ALPHV/BlackCat takedown shuffle.
It's up, maybe it's down, no, for sure it's down, then up again, and finally down. For now.
Infosecurity News
Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to
The FBI has developed a decryption key it believes will save over 500 victims around $68m
SecurityWeek
Microsoft Hires New CISO in Major Security Shakeup
Microsoft announced a major shakeup of its security leadership and the hiring of a new Chief Information Security Officer.
The Cyber Express
InsureMO Partners with Cyble to Revolutionize Cyber Insurance with Real-Time Threat Intelligence
Atlanta, Georgia – InsureMO has partnered with the Cyble Partner Network's Technology Alliance Partnership (TAP), heralding a new era in
The Cyber Wire
Ransomware attacks against healthcare organizations.
Why criminals find healthcare organizations attractive targets.
CyberSecurity Dive
Clorox CISO departs months after cyberattack
The C-suite change comes in the aftermath of a cyberattack that damaged IT infrastructure, led to widespread disruption and negatively impacted earnings.
CyberSecurity Dive
Palo Alto Networks’ largest customers get no-cost incident response
Available through January, the response program comes at a time of heightened demand for rapid forensic services, particularly in light of the coming SEC incident response enforcement.
The Hacker News
Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally
Discover how predictive AI is shaping the future of cybersecurity. Learn how BlackBerry's Cylance AI is outperforming the competition in malware.
Cyber Security News
ChatGPT for Vulnerability Detection - Prompts Used and their Responses
Language models like CodeBERT, GraphCodeBERT, and CodeT5 can identify, explain, assess, and suggest patches for vulnerabilities.
CyberSecurity Dive
Johnson Controls hit by ‘severe’ cyberattack
The manufacturer of industrial control systems, security systems and HVAC equipment, said it’s still assessing what information was impacted.
The Hacker News
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
How to Interpret the 2023 MITRE ATT&CK Evaluation Results | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
Infosecurity News
FBI Flags $40M Crypto Cash-Out Plot By North Korean Hackers
Between Monday and Tuesday, the FBI has traced approximately 1580 stolen Bitcoins
Infosecurity News
New NCUA Rule Requires Swift Cyber Incident Reporting
Credit unions will be obligated to notify the NCUA about any cyber incident within 72 hours
.webp)
Cyber Security News
Threat and Vulnerability Roundup for the week of August 13th to 19th
Welcome to Cyber Writes' weekly Threat and Vulnerability Roundup, where we provide the most recent information on cybersecurity news. Take advantage of our extensive coverage and keep yourself updated.
CyberSecurity Dive
SEC cyber rules ignite tension between reputation and security risk
The rules, which take effect Sept. 5, encountered mixed reactions. Some champion board-level cyber accountability. Others say the rules are too big of a lift.
SecurityWeek
Black Hat Preview: The Business of Cyber Takes Center Stage
The business of cybersecurity will take center stage a Black Hat 2023 as struggling startups jostle for attention with shiny booths and Las Vegas parties.
CyberSecurity Dive
Inside the most-commonly exploited CVEs of 2022
Delayed patching and unmet secure-by-design principles are aggravating the risk of compromise, the Five Eyes warned Thursday.
Infosecurity News
Cloud Firm Under Scrutiny For Suspected Support of APT Operations
Halcyon said that Cloudzy has been playing a pivotal role in facilitating cyber-criminal activities
CSO
AuditBoard launches new IT risk management offering
The new application is an extension to AuditBoard’s connected risk platform and its suite of IT risk and compliance solutions, designed for information security teams.
CyberSecurity Dive
SEC votes to overhaul disclosure rules for material cyber events
After a fierce debate, the agency voted to require companies to come clean on material breaches and attacks within four business days of determination.
CyberSecurity Dive
MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.
CyberSecurity Dive
IronNet restructures management in deal to go private
New CEO Linda Zecher will lead the cybersecurity firm as the company’s founder, retired Gen. Keith Alexander, will step down as CEO but remain on as chairman.
CyberSecurity Dive
What to do after a data breach
Long before a data breach, well-prepared companies set up incident response teams with workers from multiple departments.
Ars Technica
Apple avoids “AI” hype at WWDC keynote by baking ML into products
Apple prefers using "machine learning," or just having AI work in the background.
Bleeping Computer
GitHub reveals reason behind last week’s string of outages
GitHub's Chief Security Officer and SVP of Engineering shared more details today on a string of outages that hit the code hosting platform last week.
ZDNet
Google to expand dark web monitoring to all Gmail users in the U.S.
Currently available only to Google One subscribers, the option will soon help all Gmail users learn if their email address is discovered on the dark web.
Infosecurity News
Bad Bots Now Account For 30% of All Internet Traffic
Figure is highest since records began, says Imperva
Bleeping Computer
Google brings dark web monitoring to all U.S. Gmail users
Google announced today that all Gmail users in the United States will soon be able to use the dark web report security feature to discover if their email address has been found on the dark web.
Infosecurity News
NSA and Allies Uncover Russian Snake Malware Network in 50+ Countries
Cybercriminals used Snake to retrieve confidential documents related to international relations
Infosecurity News
NextGen Healthcare Data Breach: One Million Patient Records Affected
The breach reportedly affected a database accessed via stolen client credentials
CyberSecurity Dive
Threat actors can use ChatGPT to sharpen cyberthreats, but no need to panic yet
Startling dangers, such as autonomous attack mechanisms and sophisticated malware coding, have yet to materialize. For now, the threat is more specific.
Trend Micro
Trend Achieves AWS Level 1 MSSP Competency Status
Trend offers 24x7 fully managed security services uniquely designed in collaboration with AWS security experts to protect, monitor, and respond to security events of AWS environments.
CyberSecurity Dive
ChatGPT prompts experts to consider AI’s mark on cybersecurity
Previous AI advancements in cybersecurity tools and practices could be a precursor of what’s to come.
CyberSecurity Dive
ChatGPT at work: What’s the cyber risk for employers?
The use of ChatGPT could run afoul of company policy, copyright concerns, customer confidentiality or even international privacy laws, BlackBerry’s CISO writes. Here’s what businesses should consider.
Infosecurity News
Western Digital Hit By Network Security Breach
The incident involved an unauthorized third party gaining access to several systems
CyberSecurity Dive
Clop ransomware group triggers new attack spree, hitting household brands
A patch has been available for a vulnerability in GoAnywhere since early February, but a threat actor continues to claim additional victims.
The Hacker News
GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
GitHub replaces RSA SSH host key after brief exposure in public repository to prevent any bad actor from impersonating the service or eavesdropping on
Bleeping Computer
GitHub.com rotates its exposed private SSH key
GitHub has rotated its private SSH key for GitHub.com after the secret was was accidentally published in a public GitHub repository. The software development and version control service says, the private RSA key was only "briefly" exposed, but that it took action out of "an abundance of caution."
CSO
Cybercriminals target SVB customers with BEC and cryptocurrency scams
Security researchers have found that threat actors have already registered suspicious domains and pages to carry out the attacks.
CyberSecurity Dive
How will the government enforce the national cyber strategy?
Efforts to enact laws and regulations that impose greater responsibility on the technology sector aren’t likely to come quick or easy.
CyberSecurity Dive
Attackers reduce complexity to catch more potential victims
Palo Alto Networks warns attackers are building economies of scale by conducting more efficient operations and complementing their skills with commercially available tools.
CyberSecurity Dive
Threat actors can use ChatGPT, too. Here’s what businesses should watch
While IT departments seek enterprise applications, cyber teams must be on the lookout for attacks using the generative AI technology.
Infosecurity News
US Warns Critical Sectors Against North Korean Ransomware Attacks
The latest iteration of the document is now analyzing activity by the Maui and H0lyGh0st groups
ZDNet
Phishing attacks are easy for criminals. This is how expensive they could be for you
Email is an easy target for cyber criminals. It can be lucrative for them, too - and costly for businesses.
Infosecurity News
US and UK Sanction Seven Russian Cyber-Criminals
The seven Russian nationals are members of the notorious Trickbot malware gang
CyberSecurity Dive
Hive takedown puts ‘small dent’ in ransomware problem
Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.
CyberSecurity Dive
A first-hand look inside Walmart’s robust security operations
The retail behemoth invited a handful of journalists to its tech offices in Bentonville, Arkansas. The scope of Walmart’s operations speaks to the lengths enterprises must go to remain secure.
CSO
FBI takes down Hive ransomware group in an undercover operation
FBI covertly infiltrated the Hive network—which has targeted more than 1,500 victims in over 80 countries around the world—and thwarted over $130 million in ransom demands.
Infosecurity News
Just Half of Firms Have Sufficient Cybersecurity Budget
One in 10 can only protect critical assets, says Neustar
CyberSecurity Dive
Only half of companies have the budgets necessary to mitigate cybersecurity risks: study
A report from Neustar shows macroeconomic pressures are leading to a squeeze on IT security spending.
CyberSecurity Dive
Experts question T-Mobile’s security culture as breach cycle churns
The gap between the threat actor’s intrusion and T-Mobile’s detection underscores multiple unresolved challenges.
Infosecurity News
Vice Society Claims Ransomware Attack Against University of Duisburg-Essen
The threat actor has also reportedly published some stolen data on the dark web
CSO
DigiCert releases Trust Lifecycle Manager to unify certificate management, PKI services
Digital security certificate firm says product sets a new standard for managing digital trust and reduces an organization’s attack surface to help prevent data breaches.
Infosecurity News
Customer and Employee Data the Top Prize for Hackers – Imperva
Customer and employee data accounts for almost half all stolen data while credit cards and password see a decline
CyberSecurity Dive
T-Mobile CSO: One wrong decision can wreak havoc
Adversaries attacked a T-Mobile honeypot 65 million times a day, Timothy Youngblood recalls.
CSO
NATO tests AI’s ability to protect critical infrastructure against cyberattacks
Cybersecurity experts experiment with autonomous intelligence to secure and defend against increasing cyberthreats posed to critical infrastructure.
CyberSecurity Dive
The cybersecurity talent shortage: The outlook for 2023
The available potential workforce isn’t keeping pace with demand, and experts blame a lack of interest from young people entering the job market.
Infosecurity News
Uber Hit By New Data Breach After Attack on Third-Party Vendor
Company information was stolen from third-party vendor Teqtivity and posted on a dark web forum
CSO
PCI Secure Software Standard version 1.2 sets out new payment security requirements
Changes include the Web Software Module to help payment software vendors and developers identify and implement security controls to protect against attacks.
Infosecurity News
NZ Privacy Commissioner Investigates Mercury IT Ransomware Attack
The watchdog also confirmed it plans on opening a compliance investigation into the incident
Infosecurity News
Prolific Chinese Hackers Stole US COVID funds
Secret Service says discovery may be the tip of the iceberg
Infosecurity News
Hackers Target Colombia's Healthcare System With Ransomware
The attack disrupted IT operations, websites and scheduling of medical appointments
Infosecurity News
PCI Council Launches Flexible Mobile Payments Standard
Announcement recognizes growing volume of smartphone payments
SecurityWeek
Ransomware Group Threatens to Leak Data Stolen From Car Parts Giant Continental
The LockBit ransomware group is threatening to publish files allegedly stolen from German car parts giant Continental
Infosecurity News
LockBit Claims Ransomware Attack on Continental
The ransomware gang made the announcement on its leak site
Loading more articles....