The US National Security Agency has issued its zero trust guidance aimed at securing critical networks and sensitive data within key federal agencies. The NSA adds it is also assisting Defense Department customers with the zero trust implementations.
The cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the Accellion File Transfer Appliance to steal data and execute ransomware. Australia's Transport for New South Wales and Canada's Bombardier are the latest victims to be revealed.
A previously undetected malware variant has infected almost 30,000 Apple Macs. So far, however, researchers have not seen the code, called Silver Sparrow, deliver any malicious payloads to these endpoints, according to a new report.
Organizations are experiencing highly targeted and complex attacks that traditional security solutions miss. Exposures have increased as organizations move to the shared security models of AWS and Azure. The volume of native alerts and detections is on the rise, and organizations need to focus on the right information...
A newly-discovered phishing campaign posts harvested credentials using the Telegram messaging app's application programming interface to bypass secure email gateways, report researchers at the Cofense Phishing Defense Center.
Security firms Crowdstrike, Palo Alto Networks and Sailpoint are making acquisitions to bolster their product portfolios. Here's a rundown of the deals.
A company's Wi-Fi network is an ever-present target for attackers, and the range of risks, particularly in an era of pervasive IoT, continues to grow. Tracie Thompson of HackHunter says rogue access can be difficult to locate and remove.
This edition of the ISMG Security Report features an analysis of the impact of a hacking campaign linked to Russia’s Sandworm that targeted companies using Centreon IT monitoring software. Also featured: a discussion of CIAM trends; a critique of Bloomberg's update on alleged Supermicro supply chain hack.
The Biden administration is reviewing former President Donald Trump's policies addressing potential national security and cybersecurity concerns about Chinese-owned companies as it develops new plans for dealing with a wide range of issues tied to China.
Bloomberg has stood firm on its controversial story from two years ago asserting that China implanted a tiny chip on motherboards made by Supermicro. But rather than proving its contention in a follow-up, it may have inflicted more reputational damage upon itself.
CIOs and CISOs have now been charged with
addressing the cybersecurity risks of OT and IoT,
as well as Enterprise IT, environments. Because of
this, they are now looking to establish a holistic
route to cybersecurity management across the
broader technology stack.
Download this whitepaper to learn about what...
EDR, NDR, XDR – we keep rebranding defense, but it all still comes down to detection and response, says Erin Sweeney of ReliaQuest. She discusses the latest evolution and how enterprises are deploying it.
The latest edition of the ISMG Security Report features an analysis of the critical security issues raised by the hacking of a Florida city water treatment plant. Also featured: The CISO of the World Health Organization discusses supply chain security; hackers steal celebrities' cryptocurrency.
Legacy endpoint Data Loss Prevention solutions fall short in a number areas, including their invasiveness, resource intensity and heavy maintenance requirements due to false positives and need for constant tuning. In fact, a number of organizations have given up on their DLP solutions because it’s just too hard to...
The Florida city that experienced a breach of its water treatment system used now-unsupported Windows 7 machines, shared the same password for remote access and had no firewall. The incident is likely to raise questions about the vulnerability of critical infrastructure in small towns on slim IT security budgets.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
