The Latest
-
CISA's head was fired. How a leadership vacancy impacts the private sector
"I know that most, if not all, of my colleagues would currently pass on opportunities in the public sector, which is a shame," said RunSafe Security's Joe Saunders.
-
Courtesy of Wells Fargo multimedia resources
For Wells Fargo, tech, security and innovation drives risk management
Companies must look closely at technology as an operational risk, but neglecting innovation opens more windows for bad actors to enter, a Wells Fargo executive said.
-
Samantha Schwartz/Cybersecurity Dive, data from Druva
After a ransomware attack, choose what data needs recovery first
Shaun Marion, CISO at Republic Services, doesn't treat all his data the same. There's some data he won't care about losing in light of a ransomware attack.
-
Getty Images
Trump fires CISA's Krebs in slew of top cyber departures
President Donald Trump fired Christopher Krebs on Tuesday night, a week after top cyber official Bryan Ware left his post, leaving high-level national cybersecurity positions vacant.
-
National Institute of Allergy and Infectious Diseases. (2020). "Novel Coronavirus SARS-CoV-2" [Micrograph]. Retrieved from Flickr.
Biotech Miltenyi, aiding in COVID-19 research, recovering from malware
For two weeks the company dealt with "isolated cases" of malware in its IT infrastructure. Operations are restored and the company does not expect delays in orders.
-
Retrieved from Twitter on October 15, 2020
Famed hacker Mudge to lead Twitter security after summer of attacks
Cybersecurity industry executives say the hacker known as Mudge will help Twitter fight back against security and disinformation challenges.
-
Fotolia
Complex cloud deployments amplify ransomware impact, report finds
There's a connection between ransomware payment and the average number of cloud deployments, a survey from Veritas found. The more complex an environment, the more likely organizations are to pay up.
-
Kendall Davis for Cybersecurity Dive/Cybersecurity Dive
5 cybersecurity and threat trends CISOs must watch
Attacks are all but guaranteed, threats are evolving and a digital realm is targeting the physical. What's keeping CISOs up at night? Everything.
-
Kendall Davis for CIO Dive
Voice, SMS not secure enough for multifactor authentication, Microsoft says
SMS and voice are based on publicly switched telephone networks (PSTN) and are the least secure options for MFA, said Microsoft's Alex Weinert.
-
Remote work chipped away at zero trust skepticism, increased adoption
Organizations can adopt zero trust systematically. The "peanut butter spread" approach doesn't apply here.
-
Biden faces scrutiny on key appointments and policy priorities on privacy, cybersecurity
Experts say the incoming administration has an array of former Obama administration staff and will face pressure to reform a number of fronts.
-
Courtesy of Microsoft Teams
Ransomware latches onto fake ads for Microsoft Teams updates
When a victim clicked on a corrupt link, a PowerShell script was executed via a payloader. To disguise the malicious activity, a "legitimate copy" of Microsoft Teams was also installed.
-
Getty
Facebook ads posted to 'shame' Campari to pay its ransom, report says
Operators behind the Ragnar Locker ransomware strain hacked a business Facebook account to post the ads, reported KrebsOnSecurity. Facebook eventually caught the ads as fraudulent.
-
Photo by Benjamin Faust on Unsplash
Agility, teamwork, mission-focus: Why companies look to vets to fill cyber job gap
This Veterans Day and National Cybersecurity Career Awareness Week, organizations renew focus on overcoming the cyber job gap by engaging an under-tapped workforce.
-
Cybersecurity hiring spikes as pandemic forces global workforce restructuring
The cybersecurity industry has an ongoing issue with finding enough qualified workers, and the pandemic placed additional strain on corporate spending.
-
How companies are meeting the challenge of a changing cyberthreat landscape
Security teams don't have as much access to remote work devices, which obscures network visibility. Cybercriminals capitalized on the opportunity.
-
Courtesy of Zoom
Zoom settles with FTC, promises to build robust security program
With Zoom's rapid user growth between December and April, the company allegedly "misled users by touting" end-to-end, 256-bit encryption, when it actually offered "lower level of security," said the FTC.
-
Samoilov, Yuri, yuri.samoilov.online/. (2014). "System Lock" [Photograph]. Retrieved from Flickr.
28% of 'extreme' cyber incidents cost more than $100M, report finds
Outside of financial fallout, cyber incidents can damage corporate reputations, increase regulatory oversight and impact executive careers, Cyentia found.
-
What will a Biden presidency mean for business tech and cyber?
As the White House leadership changes, tech and cyber policies taking root are likely to focus on more R&D and federal oversight.
-
US election cybersecurity ushers in public, private sector coordination next steps
A quiet Election Day highlights what's possible in cybersecurity deterrence, Sen. Angus King said.
-
2020 gave cybersecurity more opportunity. Now CISOs have to seize it
CISOs influence risk appetite and budget. Technology trends, threats, regulations and the pandemic are out of their control.
-
Retrieved from Facebook on August 20, 2020
Cisco issues patch to address high-severity Webex vulnerability
The app within the HVD requires patching, Cisco said. A successful exploitation could lead to arbitrary code execution through user privileges.
-
sestovic/E+/Getty via Getty Images
From stunted operations to stolen data, how much can ransomware cost?
Cyberattacks are a business and business has been good.
-
No major cyber incidents reported on Election Day — but the security challenge is just beginning
Senior CISA officials confirmed throughout the day that the U.S. did not face any major cyber activity yesterday but cautioned post-Election Day is when the action really begins.
-
"State Capitol Building, USA, California, Sacramento" [Photograph]. Retrieved from Pixy.
California voters approve 'CCPA 2.0' ballot proposition
Proposition 24 says that if companies don't need certain details about consumers to run their business or provide services then they don't need to collect the information at all.
UPDATED: Nov. 4, 2020 at 3:49 p.m.
