Ransomware dominated the online-enabled crime landscape in 2020, some security experts say, thanks to the massive profits it's been generating and the relative ease of use for attackers - including support from a burgeoning cybercrime-as-a-service market.
Hackers have targeted units of local government by attempting to exploit unpatched vulnerabilities in Microsoft Exchange email servers, according to a new report by the security firm FireEye. Meanwhile, CISA has updated its alert.
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
Qualys has confirmed that its Accellion File Transfer Appliance software was breached by zero-day-wielding attackers after stolen customer data appeared on the Clop ransomware gang's data leaks site. The security firm's public breach notification comes more than two months after the firm first learned it had been...
One day after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
Endpoint security and management has become very complex. Despite investments in teams and tools, organizations still struggle with visibility gaps across their IT environment, organizational silos and broken workflows that leave businesses exposed to risk.
Tanium commissioned Forrester Consulting to survey more...
Modern IT teams feel pressure from all directions. They must maintain compliance with data privacy regulations, track and secure sensitive data across endpoints and manage an ever-increasing number of assets, all while enabling business growth. Balancing these priorities often causes significant challenges for many...
The pivot to working from home (WFH) proved that enterprise IT organizations could do the unimaginable – and do it quickly and well. Once you realize you can move all your users to WFH in days instead of years, you start to wonder what else you can do quickly.
What digital transformation projects, long considered...
Digital transformation is a way of life in today’s business world. It touches all corners of the enterprise in ways that were once unimaginable. CIO and IT executives at companies of all sizes and in all industries are quickly coming to realize that most legacy tools and processes are, at best, inefficient and are...
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
Fortinet’s FortiGuard Labs is out with its latest Global Threat Report, this one reflecting on the second half of 2020. No surprise: After the SolarWinds attack, supply chain security takes center stage. But don’t forget about ransomware and the ongoing attacks on new home branch offices.
Using a nearly 20-year-old file transfer product - what could go wrong? Among the many lessons to be learned from the Accellion File Transfer Appliance mess is this: Attackers will devote substantial resources to reverse-engineer hardware, software or a service if there's a financial upside.
Many enterprises have what they consider to be mature threat intelligence programs. Yet they continue to be breached. Where is the disconnect? Gene Yoo, CEO of Resecurity, describes what’s wrong with TI programs today, as well as the essential elements of a modern threat intelligence program.
The U.S. is in danger of falling behind China and Russia in developing artificial intelligence technologies and countering cybersecurity threats that could develop as AI use becomes more widespread, according to a newly released report from the National Security Commission on Artificial Intelligence.