To stop the DDoS mayhem, companies continue to invest heavily in deploying the most advanced hybrid mitigation solutions; however, attackers still manage to bypass them and create business disruptions.
The underlying problem is that companies do not ensure that every part of their DDoS mitigation posture is...
As ransomware operators were attacking state and municipal networks alongside hospitals and schools, a global pandemic response to COVID-19 necessitated a move to remote work for a significant portion of the economy. Organizations had to adopt new technologies and quickly scale outside of their normal growth plans.
...
A hacker breached a Florida city's water treatment network, increasing the amount of lye that would be added to the water to a dangerous level. Officials say they caught the change immediately and reversed it. Reuters reports that the system was accessed via the city's TeamViewer remote access software.
Kubernetes brings some specific security requirements to the table. For a managed Kubernetes service like GKE, users have three main layers that require action: the workloads running on the cluster, the cluster and its components, and the underlying GCP services on which the cluster depends, and more.
Lack of...
Actors behind threats have a toolbox of exploit techniques at their disposal. They often
combine several intrusion tools and techniques in order to compromise and maintain
access to their target. The key to disrupting is breaking the kill chain.
Download this to learn about:
Keys to breaking the kill...
The financial sector is one of the more prominent targets for cyber-attacks. It's the second-largest source of data breaches, having notified OAIC of 42 system breaches, putting it behind only health service providers. And, with the average cost of a data breach in Australia sitting at $2.5 million, incidents can get...
The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic University of Milan.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Time for a fresh edition of "learn from how others get breached" focusing on Equifax. The goal is not blame, but rather to highlight specific missteps so others can avoid making the same mistakes. The Equifax breach offers a plethora of takeaways to help organizations better repel attackers.
Proof-of-concept code has been released to exploit a severe Citrix vulnerability present in tens of thousands of enterprises. Citrix says it's developing permanent patches but that enterprises should use its mitigation guidance. In the meantime, attackers are hunting for vulnerable machines.
In today's security environment, organizations have to realize that attackers are likely inside a company's environment already - no matter how well they're protected. As a result, security programs are now more proactive with analysts actively searching for the hackers that defeated their defenses.
Download this...
Some security experts have prophesied the demise of traditional Intrusion Detection and Prevention Systems (IDPS) for almost 20 years, but this cornerstone of network security continues to soldier on. While next-generation firewalls have added IDPS functionality, they are driven more by policies than true threat...
With the volume of data breaches and cyberattacks continuing to rise, organizations are increasingly relying on breach and attack simulation tools to provide more consistent and automated validation of controls, says Cymulate's Tim Ager.
One of the most-heard complaints from security experts is that often they find their work repetitive ("The CFO's laptop has been compromised... again!"), which results in the desire of trying something "new", meaning "leave for another company." Another common complaint is that the work is very compartmentalized, and...
Banks in West Africa have been targeted by at least four hacking campaigns since mid-2017, with online attackers wielding commoditized attack tools and "living off the land" tactics to disguise their efforts, Symantec warns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
