If remote access to corporate networks is only as secure as the weakest link, only some dreadfully weak passwords now stand between hackers and many organizations' most sensitive data, according to new research from Rapid7 into the two most widely used remote access protocols - SSH and RDP.
Should the now-former CSO of Uber have reported a security incident to authorities after discovering signs of unusual behavior? That's one of the big questions now being asked in the closely watched trial of Joe Sullivan, who's been charged with covering up a data breach and paying off hackers.
Calling all Apple users: It's time to once again patch your devices to protect them against two zero-day vulnerabilities that attackers are actively exploiting in the wild to take complete control of devices. While there's no need to panic, security experts advise moving quickly.
The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider. Through ineptitude or outright lying, this isn't the first time that a ransomware group has claimed the wrong victim.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.
The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.
This year's winner of RSA Conference's prestigious Innovation Sandbox Contest has completed its first major funding round, earning backing from CrowdStrike CEO George Kurtz. Talon has received $100 million to support more operating systems, add more capabilities and boost existing integrations.
How many organizations fall victim to a ransomware outbreak? How many victims pay a ransom? How many victims see stolen data get leaked? A new study from the EU's cybersecurity agency ENISA offers answers, but carries major caveats due to rampant underreporting of such attacks.
Ransomware-as-a-service, supply chain attacks and the Russia/Ukraine war - they all are factors behind the growing need for digital executive protection outside the traditional workplace. Chris Pierson of BlackCloak shares new research and insights.