Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.
Understanding through visibility, managing through governance, and anticipating through continuous deployment will better prepare organizations for the next supply chain attack.
Cisco's deal to acquire Robust Intelligence will make it possible to use red-team algorithms to assess risk in AI models and applications, while Check Point's acquisition of Cyberint will add threat intelligence to its SOC platform.
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.
The software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission-critical software. Cybersecurity is now part of the evaluation.
Identity management sits with IT for good reason, but now that identity is the common denominator in every attack, it's time identity security was owned by a leader with a security background, like the CISO.
Ransomware attacks and email-based fraud account for 80% to 90% of all claims processed by cyber insurers, but a handful of cybersecurity technologies can help prevent big damages.
In a joint advisory, CISA and the FBI described the activity as a likely attempt by the group to monetize access to networks it already has compromised.
Public-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.