A sophisticated, highly targeted phishing campaign has hit high-level executives at more than 150 businesses, stealing confidential documents and contact lists, says security firm Group-IB. The campaign, which targets Office 365 users, appears to trace to attackers operating from Nigeria and South Africa.
Attack simulations continuously mimic real-world threats to highlight gaps in security systems, and unlike traditional ad hoc testing, they provide an ongoing view of dynamic security environments. Can the insights from attack simulations be used to close gaps and strengthen security programs? They can, if integrated...
A federal court recently granted final approval for an $8.9 million settlement of a class action lawsuit against Banner Health stemming from a 2016 data breach. The settlement spells out steps the Phoenix-based organization must take to improve information security.
What should an enterprise do when someone reaches out and claims to have the company's data or information about a breach? Although it can be a delicate situation to manage, there are sound approaches enterprises can take, says data breach expert Troy Hunt.
A California-based genetic testing laboratory has reported an email hacking incident that may have exposed medical information on nearly 233,000 individuals. It's the second-largest health data breach posted to the federal health data breach tally so far in 2020.
The latest edition of the ISMG Security Report offers an analysis of the phases businesses will go through in the recovery from the COVID-19 pandemic, plus an assessment of new risks resulting from the work-at-home shift and lessons learned from the Equifax breach.
Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.
Hotel giant Marriott, which in 2018 disclosed that it had suffered one of the worst data breaches in history, is now warning that it suffered a new breach earlier this year that exposed personal details - although not payment card information - for 5.2 million customers.
Advanced security threats and attacks are getting harder to detect as hackers are becoming more sophisticated. At the same time, the tools used to defend against cyberattacks keep multiplying and becoming more complex. Organizations can get ahead of these attacks by adopting a cloud analytics-driven security...
At the core of cybersecurity, every leader has just one ultimate question: 'Have we been compromised?" And yet that remains the most difficult question to answer with certainty, says Ricardo Villadiego, CEO of Lumu Technologies.
In a video interview with Information Security Media Group at RSA 2020, Villadiego also...
As businesses constantly evolve and grow, so does an organisation's attack surface. The pace and velocity of technology transformation in enterprises has created a difficult environment for security teams to defend against threats.
View this webinar now OnDemand and learn how:
Organisations need to adapt to...
Traditionally, security teams look to penetration tests and red teaming to test and build confidence in their security programs. These options are often costly, time-consuming, and limited in scope. There is a better way to gain confidence in security models: continuous attack simulations, which automate adversary...
The European Network of Transmission System Operators, which represents over 40 electricity transmission operators throughout the continent, revealed this week that hackers penetrated its IT network. Security experts say this incident is another wake-up call for the industry.