3rd Party Risk Management , Application Security , Business Continuity Management / Disaster Recovery
ISMG Editors: Apache Log4j, Ransomware Updates
Discussion Also Tackles Offensive Cyber Tools and the Surveillance MarketIn the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including mitigating the Apache Log4j zero-day vulnerability, findings from a new report analyzing the Conti ransomware attack on Ireland's Health Services Executive and President Biden's drive to tighten export controls on certain offensive cyber tools.
See Also: Gartner Guide for Digital Forensics and Incident Response
The editors - Tom Field, senior vice president, editorial; Anna Delaney, director, productions; Marianne Kolbasuk McGee, executive editor, HealthcareInfoSecurity; and Dan Gunderman, staff writer, news desk - discuss:
- Updates on the Log4j vulnerability disclosure and advice from Cybereason's Sam Curry on what defenders need to be doing now while adversaries are devising exploits;
- Findings from a report on the Conti ransomware attack that targeted Ireland's national health system, HSE, and other ransomware attacks targeting the healthcare sector;
- The Biden administration's announcement that the U.S. and several allies have aligned to create stricter criteria around the export of certain offensive cyber tools, particularly those that end up in the hands of authoritarian regimes.
The ISMG Editors' Panel runs weekly. Don't miss our previous installments, including the Dec. 3 edition discussing whether we are close to cracking the cybercrime ecosystem and the Dec. 10 edition discussing whether we can finally get rid of the password.