Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a "global day of reckoning" for critical infrastructure protection.
After a ransomware incident, Colonial Pipeline Co. has restored smaller pipelines that ship fuels to the U.S. East Coast, but its larger ones are still offline as it assesses safety. Citing U.S. officials, The Associated Press reports the company was infected by the DarkSide ransomware group.
Merger and acquisition activity involving cybersecurity companies continued at a rapid pace in the last two weeks, with Accenture, Forcepoint, OneTrust and the Swedish IT consultancy firm Knowit AB all making acquisitions.
Security researchers have uncovered a flaw dubbed TsuNAME in DNS resolver software that attackers could used to carry out distributed denial-of-service attacks against authoritative DNS servers. Google and Cisco have resolved the issue in their DNS servers.
The latest edition of the ISMG Security Report features an analysis of whether courts can trust evidence collected by Cellebrite's mobile device forensic tools. Also featured: Report shows attackers' dwell times plummeting; a call for partnership with law enforcement.
Attackers are increasingly using malicious OAuth 2.0 applications to siphon data and access sensitive information from cloud platforms, and mitigating the risks is proving challenging, according to the security firm Proofpoint.
The websites of about 200 public and private entities in Belgium were knocked fully or partially offline Tuesday by a distributed denial-of-service attack against the publicly funded internet service provider Belnet.
With consumers relying more heavily on e-commerce during the pandemic and beyond, leveraging behavioral biometrics for authentication is an effective strategy, says Coby Montoya, a fraud-fighting and authentication strategist at a financial company.
Can courts trust evidence collected by Cellebrite's mobile device forensic tools? Matt Bergin of KoreLogic has found new vulnerabilities in Cellebrite's software that he will present on Friday at Black Hat Asia. He says that forensics software should be put through rigorous penetration tests.
The average amount of time that online attackers camp out in a victim's network - or "dwell time" - has been declining, FireEye's Mandiant incident response group reports. But the surge in ransomware accounts for some attacks coming to light more quickly because those attackers announce their presence.
Most cybersecurity protections are based on looking for threats. The problem is, malware is evolving at an alarming rate and threat detection solutions, antivirus and EDR can no longer keep up. ThreatLocker CEO, Danny Jenkins will explain how he’s changing the entire approach and paradigm to cybersecurity with a...
The NSA is offering operational technology security guidance for the Defense Department as well as third-party military contractors and others in the wake of the SolarWinds supply chain attack. The agency notes that attackers could use IT exploits to pivot to OT systems.
Almost every organization has adopted cloud computing to some extent, and with this great power comes great responsibility. How are cybersecurity leaders managing visibility, access and risk? We asked this exclusive panel of CEOs and CISOs, and they shared frank and thoughtful advice.