Threat actors are on a phishing spree targeting users of Zimbra Collaboration email suite, in particular small and medium businesses and government agencies. Security firm Eset on Thursday revealed the ongoing campaign, writing that the hackers behind it have been active since at least April.
The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically to reduce risk exposure.
Browser security and microsegmentation play critical roles in stemming the bleeding from ransomware attacks, as "almost always the attacks come from a point-based browser vector," said Spencer Tall, managing director, AllegisCyber Capital. He shared two approaches to ensure secure browser adoption.
Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category. Leading threat intelligence providers have expanded into adjacent use cases such as brand protection and vulnerability management.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
Calling all network defenders: Flag or block the unapproved use of legitimate cloud services in your enterprise, since malware-wielding nation-state attackers and cybercrime groups are both using them to hide their malicious activities, researchers warn.
North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurrency this year, far less than the country's banner year of cryptocurrency theft in 2022.
Next-gen solutions are a key component of zero trust security strategy to help mitigate zero-day malware attacks. Imran Bashir, director of technical marketing at Palo Alto Networks, discussed countering evolving threats, securing access and leveraging AI/ML to strengthen cybersecurity.
The C-suite and boards are more involved in cybersecurity decisions than ever before, but executive leaders still have a huge disconnect between perceptions and operational realities. This gap leads to miscommunication and missed expectations that could pose great risks to the enterprise.
The democratization of AI has proved to be a double-edged sword - both enabling cyberattacks and defending against them. Generative AI can help organizations effectively correlate signals, identify threats and deploy countermeasures before attacks escalate, said Fleming Shi, CTO at Barracuda.
Threat clusters can be used to identify patterns of malicious behavior that traditional attribution in cybersecurity strategies could miss. These patterns can be used to develop early warning systems and prioritize resources for investigation and response, said John Shier, field CTO at Sophos.
DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.
The advent of generative AI has increased the importance of enterprise browsers as the interface through which users interact with this technology. Enterprise browsers have gained prominence with their role in organizational workflows, which had been somewhat overlooked in the past.
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Oliver Tavakoli, CTO at Vectra AI, discusses ways that discriminative AI technology can filter out all of the noise from the massive volume of alerts from a portfolio of cybersecurity tools.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.