In recent years, AI has emerged as required technology for augmenting the efforts of human information security teams. Bijender Mishra, CISO of Alkem Laboratories, discusses how cybersecurity teams can use AI to form powerful human-machine partnerships that improve cybersecurity.
Microsoft has observed a 254% increase in activity over the past six months from a Linux Trojan called XorDDos. First discovered in 2014, XorDDos was named after its denial-of-service-related activities on Linux endpoints and servers and its usage of XOR-based encryption for its communications.
Pathlock has merged with Appsian to form a 500-person vendor that secures users and data across SAP and Oracle's ERP apps. Bringing Pathlock, Appsian and Security Weaver together will allow the firm to take a larger bite out of the $110 billion market focused on compliance testing for business apps.
There has been a rise in crypto fraud, and a substantial portion of it can be attributed to stimulus funding and paycheck protection programs, says David Britton, vice president of strategy, global ID and fraud at Experian. He discusses new authentication methods and stricter regulations.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
Canada says it will no longer allow the use of products and services from China's Huawei Technologies and ZTE Corp. in its telecommunications systems. The government says its decision is based on reviews by independent security agencies and was made in consultation with its "closest allies."
The U.S. Department of Justice has revised its policy on who it charges with violations under the Computer Fraud and Abuse Act. The DOJ now specifies that good-faith security research and researchers cannot be charged under the CFAA because they help improve cybersecurity standards.
Federal authorities are alerting healthcare sector entities of threats posed by Russian state-sponsored cyber groups, including some linked to attacks on pharmaceutical and related firms. Meanwhile, other ransomware gangs continue their assaults on a variety of U.S. medical facilities.
The Russian-language criminal syndicate behind the notorious Conti ransomware has retired that brand name, after having already launched multiple spinoffs to make future operations more difficult to track or disrupt, threat intelligence firm Advanced Intelligence reports.
Palo Alto Networks' product portfolio is paying dividends as customers look to reduce their vendor footprint, says CEO Nikesh Arora. He says despite pressures in the global economy, enterprises aren't currently stressing about their IT budgets.
Attackers who successfully infect targets with ransomware primarily first gain access by exploiting poorly secured remote desktop protocol or VPN connections or by using malware-laden phishing emails, reports security firm Group-IB, based on more than 700 attacks it investigated in 2021.
An emergency directive from the U.S. Cybersecurity and Infrastructure Security Agency advises all federal agencies in the country to immediately patch and address two vulnerabilities - one with a critical CVSS score and the other with a high score - that affect at least five VMware products.
The latest edition of the ISMG Security Report analyzes the changes in the ransomware landscape one year after the attack on Colonial Pipeline. It also revisits the Ryuk ransomware attack on a school district in Illinois and examines common culprits hindering effective Zero Trust adoption.
Alberto Hasson, the CISO at ICL Group, discusses how to avoid becoming the next victim of a ransomware or other malware attack. He outlines what defenders can do to close gaps in their defense strategies and how they can mitigate attackers' ever-evolving tactics.