EDR deployments will be underway at more than half of federal civilian agencies by the end of September, according to federal officials. CISA is currently in the process of deploying EDR across 26 federal civilian agencies and expects to have work underway at 53 agencies by Sept. 30, 2022.
Unfortunately, in this day and age, protecting assets is more difficult than ever from the corporate point of view. Organizations have spent many years and countless sums of money protecting the perimeter —
so-called “north-south” traffic. Yet agile, adaptive adversaries have found ways to breach perimeter...
Even in the best of times, chief information security officers (CISOs) and their teams face numerous challenges in protecting the brand, the business and
sensitive data against ever-changing threats—all with finite and constrained resources. Today, those challenges are more extreme than ever. In a rapidly
changing...
Many organizations, especially large global enterprises, don’t always have the best visibility into how many third-party vendors they are using at a given time, or what types of assets are in their environment because of those third-party vendors. In addition, they are at the mercy of their third-party partners’...
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and ESET, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
There’s no question 2021 was the year of vulnerabilities that drained already exhausted security operations teams. From pandemic fatigue to the exploitation of critical business services like Microsoft O365 by crafty threat actors, organizations of all sizes faced increased susceptibility to phishing attacks putting...
Ransomware attacks have continued to dominate headlines, and they’re constantly becoming more sophisticated.
How has ransomware evolved since it was first recognized around 2005? Who is now more vulnerable to these attacks? What are the top recommendations to mitigate and prevent ransomware?
Download the white...
When looking for an observability pipeline, there are many things to consider before making a decision. Some will argue for open source solutions while others have solutions that are heavily tied to their existing vendors. While all solutions have their strengths and weaknesses, it’s important to consider the...
'Despite an arsenal of point products designed to block malware and threats and warn of vulnerabilities that can be exploited by attackers; it is no longer sufficient to rely on traditional defence techniques. While effective in some areas, these approaches are limited, with one of the most important gaps being the...
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
Fortinet's FortiGuard Labs has released its latest Global Threat Landscape Report, and it portrays adversaries who are increasingly more sophisticated and speedy and who are diversifying their attack techniques. Derek Manky tells why organizations need to respond by bolstering the cyber kill chain.
Employees with too much access can pose an insider threat. When employees have access to more than they need to do their job, there are more opportunities for mistakes, whether accidental or not. Lack of accountability means you
don’t know who did what, when. If too many people have the same level of access and...
Despite the rise in frequency and severity of ransomware attacks, there remain misconceptions in how to respond. Praveen Vunnava of Veritas and David Totten of Microsoft reveal how to build a comprehensive strategy based on three key principles: protect, detect and recover.
In this interview with Information...
Due to disruptive events felt globally, operational resilience has grown in importance for banks and regulators. Banks can no longer simply prepare for “what if” scenarios; they must assume those scenarios will happen and prove they have a way to continue business as usual.
Download this eBook to learn how...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.