17 matches found
Are Forgotten AD Service Accounts Leaving You at Risk?
For many organizations, Active Directory AD service accounts are quiet afterthoughts, persisting in the background long after their original purpose has been forgotten. To make matters worse, these orphaned service accounts created for legacy applications, scheduled tasks, automation scripts, or...
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Surge and More
Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps — but in job offers, hardware, and cloud services we rely on every day. Hackers don't need sophisticated...
17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.
Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with...
Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question: What is the true financial impact of a cyberattack? According to researc...
An Easy and Effective Strategy To Shield Your Business From Ransomware
Ransomware continues to make headlines and remains a top concern 2022 was a breakout year for ransomware as it wreaked havoc on individuals and organizations around the world. The numbers are staggering: Ransomware attacks surged dramatically in 2022 and were involved in 25% of all breaches,...
Why Telecoms Struggle with SaaS Security
The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive information allows cybercriminals to inflict maximum damage through minimal effort. It's the breaches in telecom companies that tend to have a...
Improve supply chain security and resiliency with Microsoft
Let’s start with the bad news. Cybersecurity breaches can be particularly devastating for supply chains, which involve multiple parties and sensitive information. As operational technology OT devices become increasingly connected, blurring the gap between IT and OT environments, the risk of hacke...
Improve supply chain security and resiliency with Microsoft
Let’s start with the bad news. Cybersecurity breaches can be particularly devastating for supply chains, which involve multiple parties and sensitive information. As operational technology OT devices become increasingly connected, blurring the gap between IT and OT environments, the risk of hacke...
Third-party application patching: Everything you need to know for your business
Patch management that is consistent and efficient has never been more critical in keeping your security infrastructure up to date and secure. Although todays endpoint management solutions include patch management functionalities, third-party patching is an area that shouldnt be forgotten. In this...
Securing the software supply chain, with Kim Lewandowski: Lock and Code S03E13
At the start of the global coronavirus pandemic, nearly everyone was forced to learn about the "supply chain." Immediate stockpiling by an alarmed and from a smaller share, opportunistic public led to an almost overnight disappearance of hand sanitizer, bottled water, toilet paper, and face masks...
Most Email Security Approaches Fail to Block Common Threats
On overwhelming number of security teams believe their email security systems to be ineffective against the most serious inbound threats, including ransomware. That’s according to a survey of business customers using Microsoft 365 for email commissioned by Cyren and conducted by Osterman Research...
10 Phishing Stats That’ll Make Your C-Suite Think
Wanting to run a phishing simulation is one thing, but persuading colleagues of the importance of doing so is another. You need to keep your organization safe, not just satisfy basic compliance requirements. You need to improve security awareness and colleague behaviors, throughout your...
Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks
Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019. As part of an international operation between the National Police of Ukraine and authoriti...
Rob Joyce to Take Over as NSA Cybersecurity Director
As the incoming Biden administration continues to shake up federal leadership, the National Security Agency announced Friday that Rob Joyce, who is currently serving at the U.S. Embassy in London, was named to lead its cybersecurity division. Joyce will inherit the job from Anne Neuberger, who wi...
US Congress proposes comprehensive federal data privacy legislation—finally
The United States might be the only country of its size—both in economy and population—to lack a comprehensive data privacy law protecting its citizens’ online lives. That could change this year. Never-ending cybersecurity breaches, recently-enacted international privacy laws, public outrage, and...
An Argument that Cybersecurity Is Basically Okay
Andrew Odlyzko's new essay is worth reading -- "Cybersecurity is not very important": Abstract: There is a rising tide of security breaches. There is an even faster rising tide of hysteria over the ostensible reason for these breaches, namely the deficient state of our information infrastructure...
Proposed NIST Password Guidelines Soften Length, Complexity Focus
A comment period has closed on NIST’s new password guidelines for federal agencies that challenge the effectiveness of traditional behaviors around authentication such as an insistence on complex passwords and scheduled resets. As more tech companies move away from passwords and toward multistep...