402 matches found
How to Do Micro-Segmentation the Right Way
Micro-segmentation is the central IT security best practice response to overly-permissive policies. Learn how to do it right...
SOC 2 Compliance During Covid-19 Times
A lot of IT Security Officers responsible for driving the SOC 2 certification in their companies are probably wondering how the switch to mostly remote workspaces will affect their SOC 2 landscape. I would say that there are two types of companies affected or not affected by the coronavirus:...
New Skill Testing Platform For 6 Most In-Demand Cybersecurity Jobs
Building a security team is a necessity for organizations of all industries and sizes. It makes selecting the right person for the job a critical task in which testing candidates' domain knowledge is a core component of the hiring process. A common practice is for each organization to put togethe...
Texas Courts Won't Pay Up in Ransomware Attack
A ransomware attack has hit the information technology office that supports Texas appellate courts and judicial agencies, leading to their websites and computer servers being shut down. The office said that it will not pay the ransom requested by the cybercriminals. Specifically affected is the...
Top 10 Routinely Exploited Vulnerabilities
Summary The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the broader U.S. Government are providing this technical guidance to advise IT security professionals at public and private sector organizations to place an increased priority on patchi...
Teaming up with INTERPOL to combat COVID-19 threats
If the past couple of months have taught us anything, it’s that partnerships matter in times of crisis. We’re better, stronger and more resilient when we work together. Specifically, public-private partnerships matter in cybersecurity, which is why Trend Micro is always happy to reach out across...
my.uj.edu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1152968 Security Researcher Papix2020 Helped patch 18 vulnerabilities Received 1 Coordinated Disclosure badges Received 2 recommendations , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting my.uj.edu website and its...
SAS@Home Virtual Summit Showcases New Threat Intel, Industry Changes
As the COVID-19 pandemic continues to force in-person cybersecurity event cancellations, Kaspersky is forging ahead with a virtual security summit, SAS@home. Topics on the agenda include threat intel on advanced persistent threats APTs, new vulnerability research, and topics related to a...
What Worries CISOs Most
From acquisitions to GDPR compliance, we interviewed a group of CISOs and IT security leaders to find out just what’s been keeping you and your peers up at night...
Travelex Pays $2.3M in Bitcoin to Hackers Who Hijacked Network in January
Travelex has paid out $2.3 million in Bitcoin to hackers to regain access to its global network after a malware attack at the new year knocked the global currency exchange offline and crippled its business during the month of January. The move—reported by the Wall Street Journal—may seem...
Riding another wave of success for our multi-layered detection and response approach
The corporate endpoint is a constant battle between cybersecurity white hats and criminal attackers. According to one study from the Ponemon Institute, 68% of organizations were victims of an attack on the endpoint in 2019. The risks and costs associated with undetected threats are immeasurable...
Surge in online traffic increases risk to businesses
Imperva Research Labs has been monitoring the data across our thousands of customers since the outbreak of COVID-19. In reviewing anonymized data from our CyberThreat Index, we see new risks and several initial security implications from this pandemic for our customers and global businesses. We...
What’s Coming in 2020: An RSA Recap
VMWare Carbon Black recently published our Outlook 2020 Threat Report largely fueled by the work of our amazing Threat Analysis Unit. Greg Foss @Heinzarelli and Andrew Costis @0x4143 did some in-depth research on Malware samples seen in 2019. As part of RSA, Greg and I had the chance to present o...
Hunting APTs with YARA
For the past few years, we have been spreading our knowledge and experience of using YARA, often called a pattern matching swiss knife for malware researchers and everyone else. Most of the time, this took the form of the Kaspersky training course titled, "Hunting APTs with YARA Like a GReAT...
Security in 2020: Revisited
Ten years ago, I wrote an essay: "Security in 2020." Well, it's finally 2020. I think I did pretty well. Here's what I said back then: There's really no such thing as security in the abstract. Security can only be defined in relation to something else. You're secure from something or against...
What Worries CISOs Most In 2019
We recently held a valuable conversation and a great dinner with about a dozen senior IT security leaders in Atlanta, Georgia. I was fortunate to attend and discuss what plagues them most. Here are some of their concerns. Many face considerable change in their business environments – one third of...
Security Firms, Nonprofits Team to Fight Stalkerware
The scourge of so-called “stalkerware” has accelerated as mobile cyberattacks in general have become more common, and it’s something that’s being addressed through a security industry collaboration that launched this week. The term “stalkerware” refers to both surreptitious spyware available on t...
Celebrate Cybersecurity Awareness Month with These Tips From a Survey of 1,200 Security Pros
Held every October, National Cybersecurity Awareness Month NCSAM is a collaborative effort between government and industry meant to raise awareness about the importance of cybersecurity. NCSAM is focused largely on consumer awareness, but for cybersecurity leaders, it is also a great opportunity ...
Intimate Details on Healthcare Workers Exposed as Cloud Security Lags
Yet another non-password protected cloud database has come to light, this time exposing a raft of highly personal information on healthcare workers and traveling nurses – including drug tests and arrest records. The incident showcases the unfortunate reality that cloud data security remains a...
New malware records screen activity as victim watches porn
By Uzair Amir The IT security researchers at ESET have discovered a nasty new malware that not only steals users' private and financial data but also keeps an eye on their browsing activities including recording their screen whenever they watch pornographic videos. This is a post from HackRead.co...