This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Love it or hate it, email remains an essential business and productivity tool. Many organizations have now migrated to cloud-based Office 365 email for their employees. But while cloud-based approaches offer easier procurement, manageability and better cost savings, certain email facts of life won't change.
Moving...
As the Biden administration makes final preparations to respond to the attacks against SolarWinds, it's been confronted by a second major cyberthreat: the hacking of Microsoft Exchange servers throughout the U.S. The response to this incident, however, will likely be much different.
A report by analyst firm Research in Action reveals the importance of adopting a continuous application performance management (CAPM) solution that continuously identifies performance and availability issues to provide proactive detection and diagnosis. The firm’s report, 2019 Vendor Selection Matrix for Continuous...
Whether they result in fraudulent wire transfers, misdirected payments, diverted payrolls, supply-chain fraud or exposed personal data, business email compromise (BEC) and email account compromise (EAC) are growing.
BEC and EAC attacks subvert human trust and imperfect financial controls not technical...
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get?
Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
In financial services, there is a stark difference between defending against authorized versus unauthorized fraud incidents. James Hunt of Bottomline Technologies discusses the schemes and how to respond with a more dynamic prevention strategy.
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cyber-criminals have become thoughtful; taking time to maximize your organisation’s potential damage and their payoff. After achieving root access, the bad guys explore your network reading email, finding data troves and once...
Identity and access management
(IAM) securely connects employees
to the business resources required
to be productive.
With the sudden shift to remote work,
were businesses prepared to empower
their employees to securely work from anywhere?
Download this infographic to find out more...
80% of organizations are resorting to deploying data protection solutions from multiple vendors.
Compared to those working with a single data protection
vendor, on average, organizations using multiple data
protection vendors are likely to experience higher downtime
related costs, higher data
loss costs and are...
As organizations move along the path of digital transformation, enterprise cloud usage continues to evolve as well. While cloud-born applications still need the same data protection workflows as when they were on-premises, the native protection services offered by public
cloud providers often can’t deliver...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.