How do you identify a BIN - Bank Identity Number - attack, let alone stop it? Ernie Moran, senior vice president of risk at Brightwell Payments, shares his experience of how he managed a BIN attack on his firm.
Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other crossovers with REvil. But whether the new group is a spinoff of REvil, bought the tools, or is simply copying how they work, remains unclear.
Top U.S. cybersecurity leaders continue to warn against the peril of Apache Log4j vulnerabilities, confirming on Monday that hundreds of millions of devices worldwide are likely affected by the logging utility flaw, although the response, in terms of scope and speed, has been "exceptional."
Ten U.S. senators this week wrote to the secretaries of both the Department of Homeland Security and the Department of Transportation inquiring about specific measures they plan to pursue to prevent and respond to cyberattacks on the nation's critical infrastructure.
Attackers continue to employ commercial penetration testing tools as well as "living off the land" tactics - using legitimate tools or functionality already present in a network - to exploit victims. Accordingly, organizations must monitor for both, to better identify potential intrusions.
Preventing rogue device attacks is a critical component of Baptist Health's zero trust strategy, says Michael Erickson, CISO of the healthcare delivery system, which operates nine hospitals and other care facilities in Kentucky and Indiana.
Since mid-December, enterprises globally have been responding to the urgency of the Apache Log4j zero-day vulnerability. John Ayers of Optiv discusses Optiv MXDR and how it helps customers detect, respond and provide visibility to protect from potential exploits.
The effort and cost involved in staying safe in this environment is driving many organizations to work with IT and managed security service providers (MSSPs).
The U.S. Department of Homeland Security this week announced a "Hack DHS" bug bounty program to identify potential cybersecurity vulnerabilities within its systems and to increase DHS' overall cyber resilience. Hackers uncovering vulnerabilities will be compensated by the department.
The year is ending with a cybersecurity bang - not whimper - due to the widespread prevalence of the Apache Log4j vulnerability. Researchers warn that at least 40% of corporate networks have been targeted by attackers seeking to exploit the flaw. More than 250 vendors have already issued security advisories.
Accenture's State of Cybersecurity Resilience 2021 study finds that 55% of large companies are not effectively stopping cyberattacks, finding and fixing breaches quickly, or reducing the impact of breaches. Ryan LaSalle of Accenture Security discusses how to increase cyber resiliency.
In today's disparate IT environment, there are gaping, business critical gaps in enterprise log management. Graylog's Mark Brooks discusses the Log Management Maturity Model and the six (6) critical steps to move from "no alignment" to "continuous improvement."
"Better detection and faster response to true threats." This is the goal of the new approach to modernizing the security operation center. Partha Panda, CEO and co-founder of Cysiv, discusses exactly what "better and faster" means, as well as the benefits of SOC as a service.
The security operations center was supposed to address threat detection and response challenge by bringing together people, technology and processes. So, why are many SOCs struggling to deliver? Partha Panda, CEO and co-founder of Cysiv, discusses the challenges facing the modern SOC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.