Collaboration and information sharing among stakeholders - and influencing them to take a proactive approach to cybersecurity - are critical steps in fighting against cyberthreats, says Narendra Mainali, CISO of NIC Asia Bank of Nepal.
Researchers are warning of three zero-day vulnerabilities in Kaseya's Unitrends cloud-based enterprise backup and disaster recovery technology. The news comes after a July 2 ransomware attack exploiting flaws in Kaseya's VSA software had a major impact.
Europol says the "No More Ransom" project, a portal launched five years ago, so far has helped more than 6 million ransomware victims worldwide recover their files for free so they could avoid paying almost 1 billion euros ($1.2 billion) in ransoms.
Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."
Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.
Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.
Australia's data regulator has found that Uber interfered with the privacy of 1.2 million of its customers as a result of a 2016 global data breach. Uber says it's made improvements to its systems and its internal security policies.
Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. In addition, fewer victims are paying a ransom simply for a promise from attackers to delete stolen data.
With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.
A short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems. That means they should avoid relying on just one CDN provider, security experts say.
Remote management software vendor Kaseya has obtained a decryption tool for all organizations affected by the massive ransomware attack launched via its software. The tool should especially help the many small businesses still struggling to recover. Kaseya declined to comment on how it obtained the decryptor.
Building business resilience through a "zero trust" approach requires role-based authentication, user access velocity checks, and monitoring people, processes, and technologies, a panel of experts says.
A patch is forthcoming for a privilege escalation vulnerability in the Windows operating system that can allow hackers to gain a foothold. Meanwhile, Linux OS users also need to adopt system upgrades to fix a flaw, and Oracle and Juniper have announced product patches.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.