Managing digital risk and building resilience within your organization requires a comprehensive approach that doesn’t stop where your business ends. One also needs to assess and manage risk related to vendors and other third parties, because any threat to those operations can also impact your business.
Download...
Risk management is essential in every organization. As internal and external business environments have continued to evolve, the threat landscape has become more complex, as have processes for identifying and managing risks. Operational risk management has become more challenging as businesses expand their products...
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security, providing advice on securing container environments from supply chain threats, insider threats and data exfiltration risks.
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
A congressional report examining eight federal agencies found that seven continue to improperly protect sensitive data and do not meet basic cybersecurity standards.
Teleworking U.S. national security employees are putting sensitive data at risk if they use public Wi-Fi networks without using a virtual private network to encrypt the traffic, the National Security Agency notes in a new advisory.
A remote access Trojan is being distributed via download links for software or media articles on Telegram channels, according to researchers at AT&T Alien Labs.
The new BlackMatter ransomware operation claimed to have incorporated "the best features of DarkSide, REvil and LockBit." Now, a security expert who obtained a BlackMatter decryptor reports that code similarities suggest "that we are dealing with a Darkside rebrand here."
The lack of adequate security features in critical electric grid equipment that's made in other nations poses a serious U.S. cybersecurity threat, federal officials said this week. Supply chain attacks could take down the grid and result in a lengthy recovery period, they told Congress.
Two U.S. senators are looking to place additional restrictions on the use of telecom equipment from Chinese equipment manufacturers Huawei and ZTE by prohibiting using funds from the $1.9 trillion American Rescue Plan stimulus package to buy such equipment.
Ransomware operations continue to thrive thanks to a vibrant cybercrime-as-a-service ecosystem designed to support all manner of online attacks. Given that attackers first need remote access to victims' systems, robust patch management and remote desktop protocol security remain obvious must-have defenses.
Cyber insurance provider Coalition Inc. says its clients' average claims for losses when they were hit by a ransomware attack totaled $184,000 in the first half of this year, down 45% compared to the second half of 2020. Negotiating lower ransoms and more efficient recovery were key factors.
The Israeli government paid a visit on Wednesday to NSO Group, the company whose spyware is alleged to have been covertly installed on the mobile devices of journalists and activists. The visit comes as Israel faces growing pressure to see if NSO Group's spyware, called Pegasus, has been misused.
Congress needs to update and expand federal laws to combat the surge in ransomware attacks, federal cybersecurity experts told a Senate committee at a Tuesday hearing.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.