11 matches found
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene
Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it's not just data at risk — it's the care of patients...
On the Cyber Safety Review Board
When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrikes faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to t...
Patch me if you can: Cyberattack Series
Many organizations utilize third-party apps for identity security solutions to automate and unburden overtaxed IT admins from tedious tasks that employees can perform via self-service without IT assistance. But in September 2021, our researchers observed threat actors exploiting one such...
IoT forecast: Running antivirus on your smart device?
In 2016, threat actors pulled off a basic but devastating botnet attack that harnessed the power of the Internet of Things IoT. After gathering a list of 61 default username and password combinations for IoT devices, threat actors scanned the Internet for open Telnet ports and, when they found a...
The DoD Isn't Fixing Its Security Problems
It has produced several reports outlining what's wrong and what needs to be fixed. It's not fixing them: GAO looked at three DoD-designed initiatives to see whether the Pentagon is following through on its own goals. In a majority of cases, DoD has not completed the cybersecurity training and...
Patching as a social responsibility
In the wake of the devastating NotPetya attack, Microsoft set out to understand why some customers weren’t applying cybersecurity hygiene, such as security patches, which would have helped mitigate this threat. We were particularly concerned with why patches hadn’t been applied, as they had been...
How to avoid getting caught in a “Groundhog Day” loop of security issues
It’s Cyber Security Awareness Month and it made me think about one of my favorite movies, called Groundhog Day. Have you ever seen it? Bill Murray is the cynical weatherman, Phil Connors, who gets stuck in an endless loop where he repeats the same day over and over again until he “participates in...
CISO series: Strengthen your organizational immune system with cybersecurity hygiene
One of the things I love about my job is the time I get to spend with security professionals, learning firsthand about the challenges of managing security strategy and implementation day to day. There are certain themes that come up over and over in these conversations. My colleague Ken Malcolmso...
Carbon Black’s Predictive Security Cloud (PSC) To Help Power Newly Launched IBM X-Force Threat Management Services
Today is another exciting day for Carbon Black and IBM! This morning we announced Carbon Black has expanded its relationship with IBM Security as the Cb Predictive Security Cloud PSC™ will be part of the newly launched IBM X-Force Threat Management Services to further combat advanced threats acro...
The Critical Security Controls: Basic Cybersecurity Hygiene for your Organization
It’s a well-known fact that most successful cyber attacks are easily preventable. That’s because the majority are neither highly sophisticated nor carefully customized. Instead, they are of the “spray and pray” sort. They try to exploit known vulnerabilities for which patches are available, or to...
Poor Patching, Passwords Plague Government Computers
A damning report on the security of government computers paints an unflattering picture of lax or non-existent patching efforts, poor password policies, configuration errors and a general lack of confidence that exposes critical services and systems to attack. The report, “The Federal Government’...