The Five Eyes alliance of cybersecurity authorities from the U.S., U.K., Australia, New Zealand and Canada issued a warning to managed service providers about targeted attacks, advising MSP customers on how to protect sensitive data and reassess their security posture and contractual agreements.
A hacking group called Lapsus$ caused major headaches for identity vendor Okta in March when it dropped incriminating but misleading screenshots of a security breach. Brett Winterford of Okta breaks down what happened and discusses why visibility into third-party support operations is important.
The U.S. National Institute of Standards and Technology has revised its guidance for organizations to counter supply chain risks. The new document addresses how to identify, assess and respond to cybersecurity risks throughout the supply chain at all levels of an organization.
The healthcare industry continues to be targeted by ransomware gangs, but there are efforts underway to help improve the health sector's information security resiliency. Errol Weiss of Health-ISAC says the industry as a whole lacks resources.
The Five Eyes intelligence alliance has released a set of the 15 most routinely exploited vulnerabilities in the past year. Nine of the 15 vulnerabilities allow remote code execution, and the rest include privilege escalation, security bypass and path traversal, among other flaws.
AWS has fixed "severe security issues" in hot patches it released last December to address the Log4Shell vulnerability in Java applications and containers. Palo Alto Networks' Unit 42 researchers said containers in server or cluster environments can exploit the patch to take over its underlying host.
VMware's Tom Kellermann is out with Modern Bank Heists 5.0, his latest look at the attackers and attacks targeting financial services. Subtitled "The Escalation," this report looks at the increase in destructive attacks, ransomware and hits on cryptocurrency exchanges. Kellermann shares insights.
Researchers at security firm Eset have found three vulnerabilities affecting Lenovo laptops worldwide and targeting users who work from home. Two of the flaws affect UEFI firmware drivers meant for use only during the manufacturing process of Lenovo notebooks, and one is a memory corruption bug.
During its January cyberattack, Lapsus$ accessed tenants and viewed applications such as Slack and Jira for only two Okta customers. The threat actor actively controlled a single workstation used by a Sitel support engineer for 25 consecutive minutes on Jan. 21, according to a forensic report.
Leon Ravenna, CISO of KAR Global, starts each day on the job with the expectation that this could be his last. That's how urgent cybersecurity has become, and it's in part why he's driven to dispatch the image of the CISO as the bureaucratic "Dr. No."
Ransomware and nation-state threats are daunting. But the threat that concerns Mustapha Kebbeh the most is supply chain risk. The Brinks CISO discusses how he has tackled this, as well as the challenges of tool complexity and peer collaboration.
A surprising improvement in loss ratios for cyber insurance providers in 2021 means the rapid rise in premiums might at last subside later this year. The loss ratio declined for the first time since 2018 despite the frequency and severity of claims filed for cyberattacks increasing again in 2021.
Starting in July, the second Tuesday of every month will "just be another Tuesday," Microsoft says. After releasing patches for vulnerabilities in its software every second Tuesday of every month since 2016, Microsoft says it is now set to roll out automatic updates. Some security experts weigh in.