In the latest weekly update, ISMG editors discussed Microsoft's major cybersecurity overhaul in the wake of some high-profile breaches, the latest developments from CrowdStrike's global outage hearing and the expanding U.S.-led coalition against spyware abuse in the EU.
Google says switching to a memory-safe language such as Rust under its Safe Coding program has helped significantly reduce the number of vulnerabilities in Android systems. The number of vulnerabilities uncovered in Android devices has fallen from over 200 in 2019 to fewer than 50 by 2024.
Threat actors tracked as "Vanilla Tempest" - and also known as Vice Society - appear to be changing up the ransomware they use to attack on U.S. healthcare organizations. Likely in a move to avoid detection, the ransomware-as-a-service group has shifted to INC Ransom malware, according to Microsoft.
Organizations face growing challenges from cyber incidents. Former CISOs Heather Lowrie and Jon Staniforth share insights on enhancing preparedness through cyber exercises, proactively communicating with law enforcement and ensuring consistent messaging during incidents.
Industrial control systems made by different manufacturers for monitoring fuel storage tanks including those used in everyday gas stations contain critical zero-days that could convert them into targets for cyberattacks that cause physical damage.
The CyberArk 2024 Identity Security Threat Landscape Report is based on a global survey of 2,400 security decision-makers. This year’s report examines identity security in the age of GenAI, machine identities and digital ecosystems.
While most organizations have adopted AI-powered tools in their identity-related...
In this whitepaper, you will find best practices and advice to help you plan your Zero Trust approach within your organization. Topics include:
What is Zero Trust, and how might it benefit your organization from a C-Level perspective?
What isn’t Zero Trust?
Challenges that you may face in your quest to...
Across your organization, human and machine identities have two things in common: 1) they comprise your modern workforce and 2) they need access to applications and services to do their job. Your job, on the other hand, is to authenticate and authorize each one with the principle of least privilege. But with an...
CyberArk Vendor Privileged Access Manager (Vendor PAM) is an integrated SaaS solution that enables fast and secure privileged access for vendors, consultants, maintenance personnel and other authorized external 3rd parties. With Vendor PAM, organizations can implement Zero Trust-based just-in-time access, biometric...
Four more European Union nations have joined a United States government-led initiative launched in March to tackle spyware misuse globally. The move came amid growing criticism of the European Commission's failure to curb the EU's prolific spyware market.
A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.
A Pennsylvania-based healthcare system that was hacked by ransomware group BlackCat in 2023 and extorted over stolen exam photos of breast cancer patients posted to a data leak site has agreed to pay $65 million under a proposed settlement of a lawsuit affecting 134,000 patients and employees.
A North Korean hacking group with a history of a stealing cryptocurrency is likely behind a raft of poisoned Python packages targeting developers working on the Linux and macOS operating systems in an apparent attempt at a supply chain attack.
After high-profile security incidents, Microsoft has dedicated 34,000 engineers to advancing security across all platforms, focusing on identity protection and rapid response. The company is embedding security into product development and governance frameworks to mitigate growing cyberthreats.
This week, CyberEdBoard members Jon Staniforth and Helmut Spöcker joined ISMG editors to unpack the hot topics at ISMG's London Cybersecurity Summit 2024, including ransomware lessons learned, AI trends and the growing importance of continuous learning and resilience in the cybersecurity industry.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.