So far, the Clop ransomware group campaign using a zero-day vulnerability in Fortra's widely used managed file transfer software, GoAnywhere MFT, has compromised networks used by 130 different organizations. The gang has so far taken responsibility for over 50 hacks.
The alleged administrator of criminal online forum BreachForums may have thought he took steps to hide his real identity, but instead he left a trail of digital breadcrumbs that led to his arrest and prosecution, shows information unsealed in federal court.
The United States sent its top cyber offensive team to NATO ally Albania to help secure the nation's critical infrastructure networks. The Cyber National Mission Force helped find cyberthreats and vulnerabilities on networks likely targeted last year by Iranian threat actors.
Corelight has cemented partnerships with incident response firms and extended its capabilities from large enterprises to midsized enterprises to further the reach of its technology. Corelight allows its product to be used by CrowdStrike's incident response team during network-based investigations.
Medical device maker Zoll Medical is facing at least seven proposed class action lawsuits filed since it revealed two weeks ago that the data of 1 million individuals had been caught up in a hacking incident involving the company's internal network.
How does a security command center help reduce false positives and improve visibility? Anil Aleppy, associate director, architecture and solutions with Datametica, and Abdul Muneem, director with Brio Technologies, discuss how to manage all threats and vulnerabilities in one command center.
GitHub has replaced its private RSA SSH host key after discovering it was being inadvertently exposed to the public via a GitHub repository. Used to safeguard SSH access to Git operations, a bad actor could use the key to impersonate GitHub or eavesdrop. But GitHub reported no signs of abuse.
From being in the news about its data being hacked to being hailed as one of the big identity initiatives globally, Aadhaar has indeed come a long way. ISMG caught up with Sumnesh Joshi, deputy director general of UIDAI, to discuss the initiatives the authority has taken to change its perception.
In the latest weekly update, ISMG editors discuss how Russia's invasion of Ukraine upended the cybercrime ecosystem, a lawsuit against a U.S. cardiovascular clinic that seeks a long list of security improvements, and the latest endpoint protection technology trends in the Gartner Magic Quadrant.
The business world is going through a phase of hyper transformation and hyper digitalization. So, the building blocks of a cybersecurity strategy are quite different from what they were a few years ago. CISOs now need to prioritize threats in the context of their businesses.
The increasing volume, frequency and sophistication of cyberattacks has made cyber resiliency a top priority for security leaders. But there are certain roadblocks to overcome before an organization can be cyber resilient, advise Samir Mishra and Navin Mehra of Cisco.
Prior to the COVID-19 pandemic, the roles and responsibilities of CISOs were centered around protecting IT infrastructure. Today, however, the role has changed and is closely aligned with the business and its associated risks. A CISO is also the custodian of digital trust and privacy.
Security researchers uncovered a Pakistani cyberespionage group employing fresh tactics to target workers at India's Defense Research and Development Organization and steal sensitive military secrets. A new campaign uses a PowerPoint file containing information about the India-developed K-4 missile.
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. In focus between March 17 and 23: The New York State Department of Financial Services reminds BitPay that regulations exist. Also, Euler Finance, Gala Games, BitGo, ZenGo, General Bytes, Bitzlato and ParaSpace.