Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.
A federal judge has ordered Capital One to turn over a forensics report covering its 2019 data breach, which has been sought by plaintiffs in a class action lawsuit. The report, if it becomes public, could shed light on one of last year's biggest breaches.
The latest edition of the ISMG Security Report analyzes why cyberattacks against banks have surged in recent weeks. Plus: The increasingly ruthless tactics of ransomware gangs; cybersecurity strategies for small businesses.
A 15-year-old identity framework originally designed for narrow use by pharmaceutical companies is being revamped and updated for broader use in healthcare, says Kyle Neuman, managing director of SAFE Identity, an industry consortium and certification body that's coordinating the project.
The remote workforce brings more flexibility. But it also comes with unique challenges such as VPN congestion, a greater attack surface and a lack of visibility for security. How can you help remote workers to be both productive and cybersecure? Menlo Security's Kowsik Guruswamy offers advice.
The Russian blogging platform LiveJournal confirmed this week that it suffered several brute-force attacks in 2011 and 2012. But it insists that the 26 million usernames and passwords that are now available for sale on darknet forums came from other sources.
Ransomware, wire transfer fraud, destructive attacks: In recent months, the financial sector has seen these and other online attacks surge by 238% as criminals continue to exploit the pandemic, warns Tom Kellermann of VMware Carbon Black, who shares findings from his firm's third "Modern Bank Heists" report.
The Future of Unified Workplace Access
A Vision for a Unified Physical Identity and Access Management for Financial Institutions Vision for a Unified Physical Identity and Access Management for Financial Institutions
Banks and financial institutions are undergoing a physical transformation and rebirth. As cyber...
As cloud adoption and the mandate for remote workers are soaring, legacy approaches to traditional networks and network security are unable to provide the levels of security and access control needed for digital organizations to thrive.
Secure access service edge (SASE) has emerged as a must in today's landscape....
Cloud adoption is rapidly growing, and cloud-enabled organizations are experiencing an influx of new security requirements as a result. On top of these demands, they still need to protect their cloud applications and give users secure access to the cloud.
As defined by Gartner, a secure access service edge (SASE)...
As organizations continue to enable remote access for their staffs to meet and recover from shelter-in-place mandates, setting and meeting remote workforce objectives is crucial. Optiv recommends employing proven strategies - like expanding what you currently have, creating alternative access methods and redesigning...
COVID-19 impacts how organizations operate and inflicts new cybersecurity challenges on infrastructure capacity and traditional controls. The changes made since the outbreak, such as mandated remote work, spotlight resilience planning efforts. Many controls that can normally be enforced in internal network...
Remote access VPN has been an enterprise network staple for years and with the continued growth of mobile workforces and cloud-based applications, organizations are quickly finding remote access can't keep up with or secure the cloud.
It's probably time to re-evaluate the role of remote access and move past its...
As more organizations rely more heavily on cloud-based applications as a result of a remote workforce, they must avoid taking identity and access management shortcuts, says James Gosnold of the cloud consultancy CloudKubed, who calls for the addition of another layer of authentication.