Italian police reportedly thwarted attempts to disrupt online voting for the music competition Eurovision, allegedly perpetrated by a hacking group called Killnet in retaliation for Russia not being allowed to compete at this year's festival, due to its invasion of Ukraine.
The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations." Called NIS2, it is a modernized framework based on the EU Network and Information Security Directive.
As attack surfaces have grown, so has risk - and adversaries are finding new ways to infiltrate organizations. Wade Ellery of Radiant Logic discusses the convergence of risk, identity management and zero trust security, spelling out new strategies to defend attack surfaces and minimize risk.
The MITRE Enterprise 2022 Evaluations evaluated 30 endpoint security solutions against simulated attacks by two of the most notorious threat groups - Wizard Spider and Sandworm. Peter Havens of Palo Alto Networks discusses how Cortex XDR fared - and why security leaders should care.
Mature cybersecurity startups are beginning to slow hiring and prune operating expenses as macroeconomic storm clouds obscure future funding sources. Emerging vendors must grapple with an IPO market that has essentially dried up and investors unwilling to offer valuations anywhere near 2021 levels.
The Linux Foundation and the Open Source Security Foundation have put forth a nearly $150 million investment plan, spread across two years, to strengthen open-source security in the U.S. The plan was announced at the Open Source Software Security Summit II in Washington, D.C., on Thursday.
A post-exploitation framework dubbed IceApple has been targeting global organizations that use Internet Information Services - Microsoft's extensible web server software - and Microsoft Exchange servers since at least 2021, says Falcon OverWatch, the proactive threat hunting team at CrowdStrike.
In the latest update, four editors at Information Security Media Group discuss the intriguing insights exposed by the leak of ransomware gang Conti's internal communications, the U.S. Treasury's first-ever sanctions on a cryptocurrency mixer and the latest cyber activity in Russia's hybrid war.
Many organizations struggle to understand how to approach application security program maturity. Caitlin Johanson and Dan Cornell of Coalfire share why AppSec maturity is important and offer strategies for how enterprises can evaluate their AppSec maturity levels and build a robust response.
Hundreds of thousands of Konica Minolta printers used in businesses have reportedly been vulnerable to three critical flaws since 2019. Although a patch was available, deployment was delayed as the firmware update required physical access to the printers and COVID-19 made that difficult.
CyberArk has unveiled a $30 million fund to back early-stage startups with unique approaches to solving large problems in the cybersecurity industry. CyberArk Ventures will offer the company broader visibility into adjacent markets and provide high-value integrations that can evolve over time.
Watch this webinar to learn more about protecting your business from process interruptions, reducing material breach risk, and asset management efficiency - all while reducing costs for your organization.
Three of 74 vulnerabilities identified by Microsoft are "critical" as they exploit remote code execution with escalation of privileges. There are also updates for a new NTLM relay attack using an LSARPC flaw, tracked as CVE-2022-26925, which is a Windows LSA spoofing vulnerability.
With zero trust and cloud infrastructures at the top of security practitioners' road maps, there has been an uptick in authorization-related initiatives. Security experts discuss the challenges of authorization and describe how firms can use authorization strategies to better protect themselves.
Dennis Leber, CISO and CTO at the University of Tennessee Health Science Center, says cybersecurity is not just a profession - it's a lifestyle. And as he leads this life, he finds one of today's biggest cybersecurity threats is not ransomware or IP theft - it's "the buzzword mentality."
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.