Since threats are becoming increasingly hard to find, it's crucial that your cybersecurity practice adopts a strategy focused on proactive preparedness and takes actions - in advance of an attack - that harden and reduce the threat surfaces that hackers exploit. Adam Mansour of ActZero offers tips.
Identity management company Okta and Microsoft have confirmed breaches by the Lapsus$ group, which has been on a high-profile hacking spree. Okta is facing increasing pressure to more fully describe the impact of its incident, as Okta's identity systems are widely used across enterprises.
In the new "Proof of Concept," John Kindervag, Zero Trust creator and senior vice president of cybersecurity strategy at ON2IT, and Jeremy Grant, managing director of technology business strategy at Venable, join ISMG's Anna Delaney and Tom Field to discuss trending Zero Trust and identity issues.
The Lapsus$ ransomware group says it has released some of the data trove stolen from chipmaker Nvidia. Leaked data contains proprietary source code, drivers and documentation on Nvidia's Falcon and LHR products. Experts discuss the impact on Nvidia, the stolen data's worth and remediation measures.
Four ISMG editors discuss important cybersecurity issues, including misconceptions around Zero Trust implementation, lessons learned from the crippling NotPetya malware attack of 2017 that nearly sank logistics giant Maersk and how a Russian cyberwar in Ukraine could move beyond its borders.
Despite Western governments' increased focus on disrupting ransomware, the quantity of new victims doesn't appear to have declined, at least so far. But multiple experts say that nation-state efforts to combat cybercrime syndicates are still picking up speed and may well yet have an impact.
OpenSubtitles, a website providing free movie subtitles, confirmed to its users today that it had been hacked last August and the hacker had demanded a ransom to remain silent about the attack and to delete the leaked data. This data breach affected 6,783,158 users.
ISMG's global editorial team reflects on the top cybersecurity news and analysis from 2021 and looks ahead to the trends already shaping 2022. From ransomware to Log4j, here is a compilation of major news events, impacts and discussions with leading cybersecurity experts on what to expect in the new year.
LastPass says none of its users accounts have been compromised, although multiple users of the password manager reported receiving email warnings that are normally sent to users who log in from different devices and locations, causing them to think their master passwords had been compromised.
Jeremy Grant, coordinator of the Better Identity Coalition, joins three ISMG editors to discuss important cybersecurity issues, including how the Biden administration’s executive order will advance the identity cause, and whether we are any closer to finally abandoning the password.
A recently discovered botnet is infecting thousands of AT&T internet subscribers in the U.S., using a critical-severity blind command injection flaw first reported in 2017, according to new findings from China-based cybersecurity researchers.
The problem with decentralized access management, says Manuel Garat, head of IAM at digital travel company Booking.com, is that while you might know who or what needs access to your network, applications and data, you "don't always know who shouldn't have access."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.