Red Canary recently partnered with VMware and Kroll to conduct a State of Incident Response survey. Greg Bailey and Keith McCammon discuss the surprising findings – and how traditional IR programs are tested by the shifting threat landscape.
This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.
As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery.
Saudi Aramco, one of the world's largest oil and natural gas firms, has confirmed that company data was leaked after one of its suppliers was breached. Extortionists are reportedly demanding a $50 million ransom - payable in monero cryptocurrency - for a promise to delete the stolen data.
A bipartisan group of senators introduced a federal breach notification bill Wednesday that would require federal agencies, federal contractors and organizations that are considered critical to U.S. national security to report security incidents to CISA within 24 hours of discovery.
Cybereason, Rapid7 and Microsoft announced acquisitions this week designed to boost their security capabilities. Meanwhile, DevOps security firm Sysdig made a move to add infrastructure-as-code security to its portfolio.
A proposed $2.7 million settlement has been reached in a lawsuit filed against the University of Pittsburgh Medical Center in the wake of a 2014 data breach that exposed tens of thousands of employees' personal information and resulted in tax fraud.
The number of U.S. healthcare entities affected by a recent cyber incident targeting a Sweden-based provider of oncology radiation systems and related services is growing. Some security experts say this points to the additional risks offshore business associates can pose to their clients.
Two-factor authentication (2FA) is the simplest, most effective way to make sure users really are who they say they are. But, not every two-factor solution is the same. Some vendors only provide the bare minimum needed to meet compliance requirements – and some carry lots of hidden costs for deployment, operation...
Tech and security analysts predict enterprises will shift to passwordless authentication for users to enable modern digital transformation. This is mainly prompted by the problems that have plagued passwords: they’re costly and burdensome to manage; they cause poor user experiences; and they are easily compromised....
Remote access at massive scale brings with it new challenges. There are threats to users - like phishing, brute-force attacks and password-stealing malware. Devices are also targeted by exploit kits and known vulnerabilities affecting out-of-date software. VPN, RDP, third-party vendors, and cloud and web app access...
Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50 tactics, techniques and procedures that Chinese state-sponsored cyberattackers are using to target organizations in the U.S. and allied nations.
For the eighth time running, Splunk was named a "Leader" in Gartner's 2021 Magic Quadrant (MQ) for Security Information and Event Management (SIEM).
Thousands of organizations around the world use Splunk as their SIEM for security monitoring, advanced threat detection, incident investigation and forensics,...