The Latest
-
Kevin Dietsch / Staff via Getty Images
Overlap concerns grow as more federal cyber officials join the ranks
With the addition of the national cyber director, confusion could arise as to who or what branch will provide guidance for private sector partners.
-
Sean Gallup via Getty Images
CISOs, CIOs see heightened mobile security threat amid shift to hybrid
Mobile devices are difficult to secure because of a combination of untrusted personal apps and data stored on the same device, one security expert said.
-
Courtesy of Microsoft
Patched Microsoft Teams vulnerability shows the delicacy of messaging platforms
A researcher said the patched vulnerability could have granted access to files in OneDrive and the ability to execute business email compromise.
-
Tomohiro Ohsumi via Getty Images
Codecov to sunset Bash Uploader following April supply chain attack
The company seeks to boost security posture, however analysts are raising questions about whether the new uploader addresses underlying concerns.
-
Adeline Kon/Cybersecurity Dive
ColumnBehind the Firewall: How 9 execs implement cybersecurity at home
Cybersecurity follows professionals outside of the workplace as they instill best practices in their homes and communities.
-
Leon Neal via Getty Images
Opinion3 ways to assess the effectiveness of security awareness training
Failure to prove the effectiveness of a security awareness program can lower the executive support critical to ensuring participation in the program.
-
Matthew Stockman/Getty via Getty Images
JBS paid hackers $11M ransom to avoid further disruption
Law enforcement remained aware of the decisions the company was making, JBS USA CEO Andre Nogueira told The Wall Street Journal.
-
Brian Tucker/Cybersecurity Dive
Colonial CEO defends oversight response, urges transparency on ransomware
Private industry needs more immediate and detailed threat intelligence to prevent these attacks from happening in the future, CEO Joseph Blount said.
-
Courtesy of Target
How Target bridges communication gaps between threat intel analysis, detection teams
The WAVE matrix, a tool the retailer built in-house, is transferable to smaller teams with employees covering multiple security domains.
-
Traitov/iStock/Getty via Getty Images
Bad actors hide in everyday IT tools, complicating detection
Security tools automatically block certain threats, yet there's often a larger intrusion detection teams and services need to weed out.
-
Colonial CEO says ransomware hackers exploited legacy VPN
In testimony before a Senate committee, Joseph Blount took ownership for the ransom payment but said the private sector needs help to fight adversaries.
-
Courtesy of Apple
Apple's privacy, security features seen as favorable to enterprise remote work
Experts are comparing Private Relay to protections traditionally found in VPN technology, as Apple continues to grow its enterprise presence.
-
Mark Wilson via Getty Images
What to consider before paying a ransom
Amid rampant attacks, businesses have a choice: pay or suffer.
-
Alex Wong via Getty Images
Data breaches, poor cyber practices raise cost of borrowing: study
Research from the American Accounting Association shows banks have raised interest rates on companies where customer data has been hacked.
-
Stefani Reynolds/Stringer via Getty Images
SCOTUS limits scope of computer fraud law. Here's the business impact
With the Supreme Court limiting the power of the Computer Fraud and Abuse Act, companies will need to rethink HR and cybersecurity policies dictating access privileges.
-
Adeline Kon/Cybersecurity Dive
Column
Behind the Firewall: 4 cyber executives on security disasters they avoided
Cybersecurity leaders dodge catastrophes each day — from malware to gaps in the network perimeter.
-
Rob Kim via Getty Images
CISOs earn higher profile with remote work, evolving threats
Corporate boards are demanding regular updates on the latest threats, while simultaneously asking CISOs to make sure workers meet business objectives in the most secure manner possible.
-
4 questions to ask after discovering a cyberattack
Identifying signs of an ongoing attack or backdoor deployment is nearly impossible for digital laggards.
-
Stefani Reynolds / Stringer via Getty Images
Phishing attack against US government, NGOs shakes assumptions on containment
As federal authorities flex new, aggressive steps to deter malicious activity, analysts warn that an evolving threat actor may challenge industry's ability to trust anything.
-
Supreme Court decision on computer fraud law hinges on one word — 'so'
The U.S. Supreme Court held the Computer Fraud and Abuse Act does not cover incidents which individuals with authorized access to a computer system abuse access privileges.
UPDATED: June 3, 2021 at 10:47 a.m. -
Chip Somodevilla via Getty Images
Biden budget proposes $58B to take on legacy tech, cybersecurity
Legacy tech holds the federal government back, and agencies remain targets of advanced cyber crime. The budget proposal provides financial support to chip away at recovery.
-
Matthew Stockman/Getty via Getty Images
White House steps in as JBS ransomware interrupts consumer supply chain
The FBI attributed the attack to Russia-based REvil, and JBS is on schedule to restore operations Thursday.
UPDATED: June 3, 2021 at 8:14 a.m. -
Peter Macdiarmid via Getty Images
Why CISOs can't afford to have data breach fatigue
Security teams monitor thousands of alerts per day, which are hard to escape even in off hours, as news about data breaches become mainstream.
-
FluxFactory, E+ via Getty Images
Rethink risk management programs post-SolarWinds, experts say
Companies need to ensure their vendors are putting the most protections in place for their most important products and services.
-
Getty Images / Staff via Getty Images
APT actors ramp up cyber campaign targeting Pulse Secure VPNs
Mandiant researchers have identified four new malware families in an ongoing campaign targeting several key sectors, including the U.S. defense industry.
