Everyone gets phishing emails. Not everyone falls for them. Find out how vulnerable users are today’s biggest cyber threats in our eighth annual State of the Phish report. This year’s report dives deep into today’s threats—and how prepared users are to face them. Get a wealth of data, insight and advice based...
Britain's Conservative Party is holding a leadership contest, with the winner set to become the country's next prime minister. But the balloting process has been delayed after the National Cyber Security Center warned that hackers could abuse a process allowing members to change their online vote.
The company ePlus has purchased Future Com to strengthen its security operations strategy and support of managed services. The deal will allow ePlus to help customers evolve their security operations teams from correlating and analyzing logs to delivering advanced capabilities like threat hunting.
Bishop Fox has closed a $75 million funding round to strengthen its visibility and continuous testing capabilities across all service offerings. The company will go from having just its attack surface testing on the Cosmos platform to all service offerings, including app pen testing and red teaming.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
EDR deployments will be underway at more than half of federal civilian agencies by the end of September, according to federal officials. CISA is currently in the process of deploying EDR across 26 federal civilian agencies and expects to have work underway at 53 agencies by Sept. 30, 2022.
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and Eset, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
There’s no question 2021 was the year of vulnerabilities that drained already exhausted security operations teams. From pandemic fatigue to the exploitation of critical business services like Microsoft O365 by crafty threat actors, organizations of all sizes faced increased susceptibility to phishing attacks putting...
'Despite an arsenal of point products designed to block malware and threats and warn of vulnerabilities that can be exploited by attackers; it is no longer sufficient to rely on traditional defence techniques. While effective in some areas, these approaches are limited, with one of the most important gaps being the...
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.