Image: HHS HC3

Chinese, North Korean Nation-State Groups Target Health Data

Marianne Kolbasuk McGee • September 22, 2023

Chinese and North Korean nation-state groups continue to pose significant "unique threats" to the U.S. healthcare and public health sector, including data exfiltration attacks involving espionage and intellectual property theft, federal authorities warned Thursday in a brief naming the top groups.

Breach Notification

Feds Warn Healthcare Sector of Akira Ransomware Threats

Latest

Cloud Access Security Brokers (CASB)

Cato Networks Raises $238M on $3B Valuation to Move Upmarket

Michael Novinson • September 22, 2023

A late-stage SASE startup led by a serial entrepreneur hauled in a massive equity investment to address the feature and capability needs of large enterprises. The $238 million in funding will allow Cato Networks to more tightly align CASB and DLP with SASE to safeguard cloud apps and sensitive data.

Leadership & Executive Communication

Google CISO Phil Venables on Building Strong CIO-CISO Bonds

Michael Novinson • September 22, 2023

Increased engagement from boards on digital transformation initiatives around cloud and AI adoption has spurred greater investment in cybersecurity, said Google Cloud CISO Phil Venables. Systems built and designed decades ago have become increasingly difficult to secure, he said.

Cybercrime

Nation-State Actors Unleash Stealthy, LuaJIT-Based Malware

Jayant Chakravarti • September 22, 2023

SentinelOne observed suspected cyberespionage actors of unknown origin using modular backdoors and highly stealthy tactics in August to target telecommunication companies in the Middle East, Western Europe and South Asia. The group, tracked as Sandman, is using the novel backdoor LuaJIT.

Fraud Management & Cybercrime

Feds Warn About Snatch Ransomware

Prajeet Nair • September 21, 2023

The Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology sectors, according to a new alert issued by U.S. authorities. The group operates on a ransomware-as-a-service model.

Open XDR

Cisco to Bring XDR, SIEM Together With $28B Splunk Purchase

Michael Novinson • September 21, 2023

Cisco's proposed $28 billion buy of Splunk allows businesses to move from threat detection and response to threat prediction and prevention by combining XDR and SIEM. The deal brings together Cisco's newly released XDR platform with Splunk's long-standing SIEM technology.

Open XDR

Forecasts of SIEM Death Premature - Just Ask Cisco, Splunk

Michael Novinson • September 21, 2023

It turns out SIEM isn't on life support after all. Cisco is providing 28 billion reasons to believe enterprises aren't scrapping the security operations center staple anytime soon, even though rivals with other types of security technology have attempted to write SIEM's obituary for years.

Network Detection & Response

WatchGuard Buys CyGlass to Bring NDR to Midmarket Customers

Michael Novinson • September 20, 2023

WatchGuard purchased a Massachusetts company to extend network detection and response capabilities traditionally reserved for high-end enterprises to the midmarket through MSPs. The deal gives WatchGuard clients more visibility into east-west network traffic and activity taking place on the cloud.

Artificial Intelligence & Machine Learning

Don't Let AI Frenzy Lead to Overlooking Security Risks

Akshaya Asokan • September 20, 2023

The private sector's frenzy to incorporate generative AI into products is leading companies to overlook basic security practices, a Google executive warned Tuesday. "Most people are still struggling with the basics," said John Stone, whose title at Google Cloud is "chaos coordinator."

Artificial Intelligence & Machine Learning

ISMG Editors: London Summit - AI Tech and Incident Response

Anna Delaney • September 20, 2023

This week, ISMG editors covered the hot topics at ISMG's London Cybersecurity Summit 2023, including the technical landscape of AI, executive liability, incident response strategies in the face of a global ransomware attack and how to build personal resilience to avoid burnout.

Endpoint Security

Why Palo Alto Is Eyeing Secure Browser Firm Talon for $600M

Michael Novinson • September 20, 2023

Last year's winner of RSA Conference's prestigious Innovation Sandbox contest could soon be acquired by Palo Alto Networks, according to Calcalist. The platform security behemoth is in advanced negotiations to purchase enterprise browser startup Talon Cyber Security for $600 million, Calcalist said.

Artificial Intelligence & Machine Learning

Expert: Keep Calm, Avoid Overhyping China's AI Capabilities

Michael Novinson • September 19, 2023

A researcher advised lawmakers to "keep calm and avoid overhyping China's AI capabilities" since the authoritarian regime struggles to drive widespread adoption of new technology. He urged Congress to embrace an "open system of innovation" around AI even it that results in some IP leaking to China.

Critical Infrastructure Security

Cyber Experts Urge House Committee to Avoid Federal Shutdown

Marianne Kolbasuk McGee • September 19, 2023

Cybersecurity experts urged Congress to avoid a government shutdown on Oct. 1 - the start of the new federal fiscal year - telling a House panel that a lapse would damage efforts to keep the nation secure. Congress has yet to approve funding bills necessary to keep most federal agencies operational.