Microsoft's last monthly dump of patches for 2022 includes a fix for a zero-day exploited by ransomware hackers to bypass the SmartScreen security mechanism for malware execution. The zero-day hinged on hackers creating a malformed Authenticode signature.
Ransomware operations have become expert at finding ways to make a victim pay. But experts say there are multiple steps healthcare sector entities in particular can take to better protect themselves and ensure that they can quickly restore systems and never have to consider paying a ransom.
To get zero trust strategy right, it is important to know what exactly to protect and decide what your crown jewels are. Three panelists discuss the various ways to do that and also offer their thoughts on whether zero trust is need for everything.
Speaking at the company's annual conference, Palo Alto Networks CEO Nikesh Arora urged the industry to move away from the alert triage model popularized by SIEM. SIEM tools have for decades highlighted alerts for SOC analysts to focus on, but the most important ones are getting ignored, he warns.
When healthcare organizations come together through mergers or acquisitions, it is critical for the entities to carefully assess the cyber risk each poses, as well as its level of cyber maturity, says Jigar Kadakia, CISO and chief privacy officer at Boston-based Mass General Brigham.
Defenders have made strides in disrupting ransomware, but assessing the effectiveness of countermeasures is tough due to a scarcity of information, says cybersecurity veteran Jen Ellis. "We know what the tip of the iceberg looks like, but we don't know what percentage of that iceberg we can see."
The $250 million acquisition of Cider Security will allow Palo Alto Networks to secure a piece of code from development to its implementation in a runtime environment. CEO Nikesh Arora says the company must understand the tool sets and open-source widgets coming into the customer's supply chain.
The many alleged failures of former FTX CEO Sam Bankman-Fried fell into relief Tuesday amid a welter of unsealed criminal and civil prosecutions and damning congressional testimony by his successor. The day ended with Bankman-Fried ordered to remain in a Bahamas jail pending an extradition.
Assets kept behind air-gapped networks should be inaccessible, but researchers from Pentera describe how hackers use the DNS protocol as a command-and-control channel. To be truly safe, companies should isolate the DNS server used for air-gapped networks and filter traffic for anomalies.
U.S. federal authorities are warning healthcare providers, vendors and public health sector organizations of attacks involving LockBit 3.0 ransomware, which includes features of other ransomware variants, including BlackMatter, along with the threat of triple-extortion demands.
A ransomware attack on the Irish healthcare system in 2021 has cost the government 80 million euros in damages and counting. The Irish Health Service continues to notify victims of the incident that their personal information was illegally accessed and copied.
The security industry has traditionally tried to protect sensitive data by putting control points on endpoints or networks, but Skyhigh Security has taken a different approach. The company applies consistent policies around how data is treated across its ZTNA, SWG and CASB offerings.
Ngrok has closed a $50 million Series A round to provide enterprise-grade authentication and user and session observability without adding complexity for developers or users. Ngrok will use the proceeds to support additional authentication protocols and build out integrations and connections.
The founder of bankrupt cryptocurrency exchange FTX, Sam Bankman-Fried, has been arrested by police in the Bahamas, the day before he was due to remotely testify before Congress. Bahamian officials say he faces a "likely" extradition request from the U.S., which has filed charges against him.
Banks using behavioral-based controls are detecting malicious accounts in 92% of cases before traditional AML and transaction monitoring systems alert the bank.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.