Embracing new technologies to gain benefits such as increased agility and rapid application delivery makes good business sense, but existing architectures also need to be maintained and secured to protect the critically important data residing on server workloads across the hybrid cloud.
After an international law enforcement operation shuttered stolen data forum RaidForums in February, one of its power users launched a replacement called Breached. Within months, the English-language forum has amassed more stolen records and nearly as many users as its predecessor.
The United States hit Iran with a new round of sanctions after linking Tehran with the July cyberattack against Albania. The sanctions are more symbolic than material in effect but send a message that hacking U.S. allies has consequences.
The latest ISMG Security Report discusses a new phishing-as-a-service toolkit designed to bypass multifactor authentication, the decision by Lloyd's of London to exclude nation-state attacks from cyber insurance policies, and challenges at Okta after it acquired customer identity giant Auth0.
In this episode of "Cybersecurity Unplugged," Mark Cristiano of Rockwell Automation discusses Rockwell's cybersecurity journey, the particular challenges of deploying cybersecurity in an OT environment, and the minimum and proper industrial protections that organizations need to have in place.
Vulnerabilities in certain medication infusion pump products from manufacturer Baxter could compromise a hospital's biomedical network. The flaws highlight the risks involving the acquisition and disposal of medical technology, says researcher Deral Heiland of Rapid7.
Who's been disrupting ransomware operations' data leak sites by targeting them with distributed denial-of-service attacks? No one has yet claimed credit for the ongoing disruptions and slowdowns, but one likely theory is that rival operations are attempting to cause each other pain.
The sale of Tufin to Turn/River Capital will accelerate the network management firm's move from a perpetual to subscription-based licensing model, says CEO Ruvi Kitov. The deal will give Tufin access to Turn/River Capital's knowledge, best practices and playbooks around subscription licensing.
A Michigan law firm recently told regulators about a hacking incident discovered nearly a year ago that has affected the protected health information of more than 255,000 individuals, including members of a Michigan health plan. Some of the compromised data was a decade old.
Bitwarden has raised $100 million to expand into new product areas including developer secrets, passwordless and privileged access management. The investment will help the firm debut new features for individual and business users and expand its footprint in Japan, Germany, France and South America.
CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
A Colorado-based urology practice agreed to compensate nearly 138,000 individuals affected by a September 2021 hacking incident under the terms of a potential multimillion-dollar class action lawsuit settlement. The settlement is headed for final court approval next month.
In the latest "Proof of Concept," VP and CISO Nicole Darden Ford shares findings from Rockwell Automation's new survey report on cybersecurity preparedness in critical infrastructure, OT security gaps, the state of critical infrastructure, and insights into preparedness and best practices.
A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.