The latest edition of the ISMG Security Report features an analysis of the recent surge in Russian cyber interference in Ukrainian government and civilian networks, the impact of China's privacy law, and the battle against cryptocurrency cybercrime.
Most organizations deploy defenses to reduce the risk of cyber threats entering their environment. But what about the threats that are already inside? Whether the result of malicious, negligent or compromised users, insider threats pose serious business risks, and most organizations just aren’t prepared.
Bernalillo County, the largest county in New Mexico, shut down its IT systems after reportedly suffering a ransomware attack on Wednesday. County officials say they are working with third-party vendors to remediate the incident. County staff are working remotely as systems are restored.
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. CISOs John Bassett and Martin Dinel discuss how their teams have tackled Log4j - and significant lessons learned.
Where are security practitioners in their zero trust journeys, and what approach to zero trust have they taken? Three experts - Netskope's David Fairman, Exceture's Mario Demarillas, and Petronas' Soumo Mukherjee - share their thoughts in a panel discussion.
Amid the current ransomware surge, it's time for the principle of least privilege to meet endpoint security and be a new foundational security control, says David Higgins of CyberArk. He outlines the cybersecurity use cases and potential business benefits.
Ten U.S. senators this week wrote to the secretaries of both the Department of Homeland Security and the Department of Transportation inquiring about specific measures they plan to pursue to prevent and respond to cyberattacks on the nation's critical infrastructure.
The websites of Expresso and SIC, Portugal's largest news publications, remain offline for a third day. A ransomware attack on the parent company Impresa Group was carried out by the Lapsus$ ransomware group - a relatively new bad actor that has made three high-impact attacks in less than a month.
A Zloader malware campaign has been exploiting Microsoft’s digital signature verification to steal cookies, passwords and sensitive information, according to Check Point Research. The threat actor, likely MalSmoke, used legitimate remote management software to gain initial access.
The U.S. Federal Trade Commission, the nation's top consumer protection agency, issued notice that it "intends to use its full legal authority to pursue companies" failing to mitigate against Apache's Log4j vulnerabilities – or similar vulnerabilities in the future.
Applying cloud access security broker’s three functionalities - API-level integration with managed device transfer for visibility, in-line CASB for proxy and other devices, and its control over cloud and other access points - helps provide better control and the ability to protect and secure user access, says Thomas...
Morgan Stanley agreed to a $60 million settlement to resolve a class action lawsuit claiming the banking giant violated security compliance laws and provided negligent oversight when a third party did not properly decommission legacy IT systems in 2016 and 2019.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.