13 matches found
Cyber Threat Exposure Management: A 5-Step Guide
Attackers don’t care about your long list of CVEs. They look for the path of least resistance to your most valuable assets. So, why are we still managing security from a defender’s checklist instead of an attacker’s playbook? A modern security program needs to see the entire attack surface throug...
#StopRansomware: Blacksuit (Royal) Ransomware
Actions for Organizations to Take Today to Mitigate Cyber Threats Related to BlackSuit Ransomware Activity 1. Prioritize remediating known exploited vulnerabilities. 2. Train users to recognize and report phishing attempts. 3. Enable and enforce multifactor authentication...
Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing
Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...
Why Defenders Should Embrace a Hacker Mindset
Today's security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have intern...
Prioritizing the Pharmaceutical Supply Chain for Healthcare Resiliency
...
Webinar: Bridging digital transformation & cybersecurity
Digital transformation may be revolutionizing businesses and the way we operate, but it also presents notable challenge: How can organizations stay secure amidst the ceaseless tide of change? Our latest Byte Into Security webinar has the answers. Meet the Experts Marcin Kleczynski, CEO of...
Florida hospital takes entire IT systems offline after 'ransomware attack'
Tallahassee Memorial Healthcare TMH, a major hospital system in northern Florida, has reportedly been experiencing an "IT security issue" since Thursday evening, which impacted some of its IT systems. When TMH learned of the issue, it took its entire IT systems offline as a precaution and contact...
CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Note: To view the newly adde...
CISA Adds 15 Known Exploited Vulnerabilities to Catalog
CISA has added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence that threat actors are actively exploiting the vulnerabilities listed in the table below. These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and...
Patch Tuesday - December 2020
We close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than our typical December months high thirties, it's still a nice breath of fresh air given how the past year has been. We do, however, get to celebrate that none of the reported...
Attack Analytics Now Include Actionable Insights
The number and sophistication of attacks on enterprise networks, applications, and APIs has increased as intruders gain technical acumen and advanced tool kits. Many attackers are now able to maintain and sustain determined efforts to steal data and disrupt business. With such a high number of...
Webcast Q&A: Automating the CIS Critical Security Controls
Qualys Product Management Director Tim White and SANS Institute Analyst John Pescatore did a deep dive into the Center for Internet Security’s Critical Security Controls during a recent webcast, and answered questions from audience members about these 20 foundational security practices, and about...
Microsoft's New Security Update Guides Get Mixed Reviews
Microsoft is receiving mixed reviews for its shift to delivering security update information via its newly launched Security Update Guides. The change was official in April, with Microsoft explaining it would allow system administrators to effectively pair specific patches with vulnerabilities, a...