According to a panel of experts, protecting the Active Directory, a rich target for increasing ransomware attacks, will require organizations to audit privileged accounts and endpoints with continuous monitoring and an identity governance approach.
As DNS remains a favorite target for attack vectors, organizations need to build unified security by establishing harmonized DNS traffic and communication to prevent data exfiltration, say Alvin Rodrigues and Pankaj Chawla from Infoblox.
Now in its sixth year, the 2021 Open Source Security and Risk Analysis (OSSRA) report exposes vulnerabilities and license conflicts found in more than 1,500 codebases across 17 industries.
The report includes recommendations to help developers and consumers understand the software ecosystem they are a part of, as...
The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.
As a strategy, organizations need to harness technologies that can provide real-time visibility to threats combined with intelligence-based automated technologies that can help contain the incidents, says Ajay Kumar, regional head of Cyber Security Services, Asia at Crowdstrike.
In 2020, 16 million COVID-19-related threats, including malicious URLs, spam, and malware were detected, according to a Trend Micro report. At the start of the pandemic, many IT and cybersecurity measures were hastily put into place to deal with the crisis. Today, organizations must take stock of these measures, and...
According to a recent study ,78% of senior executives express lack of confidence in their company’s cybersecurity posture. The study also found, that this eventually prompted 91% of executives to increase 2021 budgets. Most Senior Executives agree that cyber risk is now the most critical category of risk across all...
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
Not much time has passed since the last supply chain cyber attacks: SolarWinds, Accellion, Codecov, and now Kaseya. Do you think this will be the last one? We don’t. While you’re probably wondering what can be done to predict or prevent an incident like this in the future, we think the better question is: what can...
Ransomware is the result of a criminal blending technology's wonders: networking and encryption. It's a modern-day implementation of extortion, a crime as old as time. The Atlantic Council contends lessons from fighting past extortion schemes, such as plane hijackings, could help fight ransomware.
The cybersecurity firm IronNet, founded and led by retired Army Gen. Keith Alexander, has gone public without an IPO by merging with LGL Systems Acquisitions Corp., a "blank check" shell company formed to handle such mergers. Meanwhile, Checkpoint has announced plans to acquire the email security firm Avanan.
Given that budgets and time are finite, how can organizations best identify if their information security strategy is well balanced and appropriate? Nandhini Duraisamy, chief operating officer of Quadron Cybersecurity Services, shares best practices.
Although research firm Gartner forecasts that spending on cybersecurity will surpass $150 billion in 2021, "the proportion of investment going to companies raising investment for the first time is significantly down," says Saj Huq, director of cyber innovation at Plexal, a center for innovation in the U.K.