Microsoft researchers tracking Apache Log4j exploits last week discovered a previously undisclosed vulnerability in SolarWinds' Serv-U software. SolarWinds subsequently responded, investigated and fixed the flaw. Some observers described the new vulnerability as "surprising" and "disturbing."
Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other crossovers with REvil. But whether the new group is a spinoff of REvil, bought the tools, or is simply copying how they work, remains unclear.
Join Cynet’s Director of Marketing, George Tubin, and ISMG’s Senior Vice President of Editorial, Tom Field, for an in-depth discussion on the value of MSSPs, and what you can expect from XDR technology today.
In this fireside chat, our thought leaders cover the benefits and drawbacks of the three dominating XDR...
It seems that every day we hear something about XDR along the benefits users are finding after deploying this technology. When investigating these solutions, MSSPs are finding that there are three different approaches vendors are taking to implement their XDR platforms – Native XDR, Open XDR and Hybrid XDR....
In this webinar, we’ll look at three practical challenges that seriously impede an organization’s security strategy. In the 2021 State of Threat Hunting and the Role of the Analyst survey, 66% of 1778 respondents said they lacked visibility into their own network and 56% said they lacked visibility across their...
It seems that every day we hear something about XDR along the benefits users are finding after deploying this technology. When investigating these solutions, MSSPs are finding that there are three different approaches vendors are taking to implement their XDR platforms – Native XDR, Open XDR and Hybrid XDR....
Twitter has said it is firing Peiter "Mudge" Zatko, the network security expert it hired in November 2020 as head of security. The security team changes - the CISO is also set to depart - follow "an assessment of how the organization was being led," according to a corporate memo shared with The New York Times.
FS-ISAC is piloting a new program called the Critical Providers Program that is aimed to heighten the conversation between leaders of security firms and their third-party partners. The program leverages the Connect platform, and Akamai Technologies plays a key role.
The Federal Reserve has published its long-awaited discussion paper on a central bank digital currency. In it, the Fed points to the innovative qualities of digital currencies, but stresses potential risks to the nation's financial system, including heightened cyberthreats and privacy concerns.
Since Jan. 1, security researchers have identified six vulnerabilities affecting hundreds of thousands of WordPress websites. Cybersecurity experts say that the ubiquity of the content management platform makes it a prime target for attackers, and they offer holistic security solutions.
In the latest weekly update, four ISMG editors discuss the state of cyber insurance today and why its future is uncertain; applying a security-by-design reliability model to analyze vulnerabilities; and how Russia takes down members of the REvil ransomware group as cyber aggressions in Ukraine rise.
Although flaws in Apache Log4j software that need remediating remain widespread in organizations, "some of them are aware of the issue, some of them aren't aware of the issue, and likely this issue is going to be persisting with us for many, many years," says Jeff Macko, an offensive security expert at Kroll.
Singaporean cryptocurrency exchange Crypto.com confirms that its platform fell victim to a multimillion-dollar cyberattack. In a postmortem entry on its site, Crypto.com says unauthorized withdrawals targeted Ethereum and Bitcoin of 483 users. Associated losses were near $34 million.
The latest edition of the ISMG Security Report features an analysis of whether the cyberattacks that hit Ukraine's government agencies last week are attributable to any group or nation-state along with updates to the cybersecurity executive order and illicit cryptocurrency trends.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
