The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
The FDIC has failed to properly update its policies for mobile device usage, conduct regular control assessments of its mobile device management solution or adequately log and monitor mobile cybersecurity practices, according to a new report from the Office of the Inspector General.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including improving federal agencies' cybersecurity and businesses recovering from the pandemic's impact.
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said at the Black Hat 2021 conference Thursday.
A seemingly nonstop number of ransomware-wielding attackers have been granting tell-all media interviews. One perhaps inadvertent takeaway from these interviews is the extent to which - surprise - so many criminals use lies in an attempt to compel more victims to pay a ransom.
Risk management is essential in every organization. As internal and external business environments have continued to evolve, the threat landscape has become more complex, as have processes for identifying and managing risks. Operational risk management has become more challenging as businesses expand their products...
Managing digital risk and building resilience within your organization requires a comprehensive approach that doesn’t stop where your business ends. One also needs to assess and manage risk related to vendors and other third parties, because any threat to those operations can also impact your business.
Average total cost of a breach at enterprises of more than 25,000 employees is $5.52million according to a recent study by Ponemon Institute. This cost is $2.64 million for organizations under 500 employees. The cost of risk is real and growing. These statistics show the impact of just one type of risk, technology...
The rise in breaches over the past few years & especially during the ongoing pandemic has made it clear that many organizations are overwhelmed and struggling to manage risk. Manual assessments and siloed tools can’t keep up with today’s relentlessly changing risk landscape. Continuous monitoring is the key to...
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have released new guidance on Kubernetes security, providing advice on securing container environments from supply chain threats, insider threats and data exfiltration risks.
Researchers at Palo Alto Networks' Unit 42 say they have demonstrated how exploits of Microsoft Jet Database Engine vulnerabilities could lead to remote attacks on Microsoft Internet Information Services and Microsoft SQL Server to gain system privileges. Microsoft recently patched the flaws.
Teleworking U.S. national security employees are putting sensitive data at risk if they use public Wi-Fi networks without using a virtual private network to encrypt the traffic, the National Security Agency notes in a new advisory.