Threats: Page 2
-
With cyber bureau, State Department brings diplomacy to threat landscape
CISOs and security experts see the federal bureau as a potential bridge to help align the government and private sector as nation-states pose increased threats.
By David Jones • UPDATED: Jan. 11, 2021 at 5:39 p.m. -
thanyakij, bongkarn. (2019). Retrieved from Pexels.
Poor software quality cost businesses $2 trillion last year and put security at risk
The COVID-19 pandemic played a role in the rise of operational software failure, said the Consortium for Information & Software Quality.
By Roberto Torres • Jan. 11, 2021 -
Fast-growing gaming industry faces rising threat of account compromise
A report from KELA shows one million compromised accounts and thousands of leaked employee credentials in underground markets.
By David Jones • Jan. 05, 2021 -
Defending the unknown: Companies may not be getting the full story on cyberthreats
Because of the way some data is presented, there is no way to know what vital information might be missing.
By Sue Poremba • Jan. 04, 2021 -
How one hospital is defending against ransomware
By the time the Ryuk ransomware alert was issued, Rush Memorial Hospital had at least two risk mitigation measures: improved backup as a service and a systems engineer with an evasion plan.
By Samantha Schwartz • Dec. 22, 2020 -
Tracking SolarWinds cyberattack fallout, play-by-play
As more companies are discovering impact from the SolarWinds hack, attention is turning toward far-reaching supply chain vulnerabilities.
By Samantha Schwartz , David Jones , Naomi Eide , Katie Malone • UPDATED: Jan. 4, 2021 at 10:18 a.m. -
CISA warns of more backdoors beyond SolarWinds Orion
The extent of compromised data is not disclosed. What is clear? Threat actors relied on the supply chain for widespread access.
By Samantha Schwartz • Dec. 17, 2020 -
Microsoft to begin blocking binaries linked to SolarWinds cyberattack
Microsoft Defender Antivirus will quarantine the trojan before it can begin processing, though the company said "it may not be simple to remove the product from service."
By Samantha Schwartz • Dec. 16, 2020 -
IT execs face growing pressure to balance security with productivity
Companies are caught between competing interests as remote workers offset digital security needs with work-life balance.
By David Jones • Dec. 14, 2020 -
Federal agencies warn of heightened cyberthreats against K-12 schools
Cyberattackers are trying to steal data and disrupt remote learning as COVID-19 continues to impact schools, the FBI, CISA and MS-ISAC said.
By David Jones • Dec. 11, 2020 -
NSA calls out Russia-backed exploit of VMware virtual workspace platform
Network administrators in defense and national security were warned to patch systems where bad actors can gain access to data.
By David Jones • Dec. 08, 2020 -
State of K-12 cybersecurity, from traditional IT to classroom lessons
Panelists at the annual ed tech conference last week told educators about the importance of cybersecurity practices as schools are targeted for disruptions and unauthorized disclosures.
By Roger Riddell • Dec. 07, 2020 -
Why some industries are more secure than others
Threats go beyond industry and target organizations depending on business size. Company size is a factor, but so is investment in cyber defense.
By Sue Poremba • Dec. 07, 2020 -
Kmart's reported ransomware attack highlights ongoing threat to retail
Egregor is emerging as growing cyberthreat as the pandemic shifts holiday shopping even further toward e-commerce.
By David Jones • Dec. 04, 2020 -
NERC expands IT-focused cybersecurity program as hackers target grid operations tech
Previously focused on utility operations IT, the Cybersecurity Risk Information Sharing Program will now include two pilots scanning for threats to operational technologies.
By Robert Walton • Dec. 04, 2020 -
Trickbot evolves, adding firmware-level threat to its repertoire, report says
The biggest implication of the discovery focuses on resiliency planning for enterprises, with the risk of mass destruction, researchers found.
By Samantha Schwartz • Dec. 03, 2020 -
Persistent cyberthreat groups target US think tanks, CISA says
Advanced persistent threat groups, including Cozy Bear, have a history victimizing research and policy institutes.
By Samantha Schwartz • Dec. 02, 2020 -
Supreme Court decision on computer fraud law hinges on one word — 'so'
If the court rules in favor of the government, the Computer Fraud and Abuse Act could broadly apply to ethical hacking and common consumer activities.
By Samantha Schwartz • Dec. 01, 2020 -
A cyber stakeholder's guide to Van Buren v. US
The Supreme Court could determine what constitutes the limits of authorized computer access under the Computer Fraud and Abuse Act. Should this issue be left for Congress?
By Samantha Schwartz • Nov. 30, 2020 -
Sharp rise in IT spending as cyberthreats evolve, Crowdstrike finds
Companies had to evolve as legacy security systems, including firewalls and antivirus software, fell short during the pandemic.
By David Jones • Nov. 25, 2020 -
Black Friday threat to watch: Inevitable employee online shopping
This year, security organizations had just over eight months to adapt to security challenges of remote work and risky behaviors.
By Samantha Schwartz • Nov. 25, 2020 -
Carnegie researchers seek urgent action to combat financial cyberthreats
Fintech business development and digital transformation in banking is creating opportunities for malicious actors to attack vulnerable systems.
By David Jones • Nov. 20, 2020 -
Why does industry say there are air gaps between IT and OT?
Not only is OT connected to the internet now, cyberattacks can trickle through IT environments.
By Samantha Schwartz • Nov. 16, 2020 -
Ransomware latches onto fake ads for Microsoft Teams updates
When a victim clicked on a corrupt link, a PowerShell script was executed via a payloader. To disguise the malicious activity, a "legitimate copy" of Microsoft Teams was also installed.
By Samantha Schwartz • Nov. 12, 2020 -
How companies are meeting the challenge of a changing cyberthreat landscape
Security teams don't have as much access to remote work devices, which obscures network visibility. Cybercriminals capitalized on the opportunity.
By Sue Poremba • Nov. 11, 2020