In the wake of the explosive Apache Log4j vulnerabilities, the White House hosted tech leaders and federal agencies in a summit to discuss ways to improve open-source software security. The meeting was hosted by Deputy National Security Adviser for Cyber and Emergency Technology Anne Neuberger.
Attackers wielding Night Sky ransomware are among the latest groups that have been attempting to exploit critical vulnerabilities in widely used Apache Log4j software. Microsoft says that among other attacks, a China-based ransomware operator has been exploiting Log4j flaws in VMware Horizon.
QNAP, a Taiwan-based company that manufactures network-attached storage devices, urges users to take immediate actions to secure QNAP NAS device suite amid reports of wide targeting of all its networking devices by ransomware and brute-force attacks.
Top U.S. cybersecurity leaders continue to warn against the peril of Apache Log4j vulnerabilities, confirming on Monday that hundreds of millions of devices worldwide are likely affected by the logging utility flaw, although the response, in terms of scope and speed, has been "exceptional."
One common misconception about the mainframe is that ransomware poses no significant threat to it. Edward Shim of BMC Software dispels this myth and offers insight on how to shore up some of the mainframe's inherent weaknesses that adversaries may target.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
Bernalillo County, the largest county in New Mexico, shut down its IT systems after reportedly suffering a ransomware attack on Wednesday. County officials say they are working with third-party vendors to remediate the incident. County staff are working remotely as systems are restored.
Paul Haywood, executive CISO of Bupa Global, knows exactly how much business risk ransomware poses to his enterprise - and that truly it could be "a matter of if, not when." Here is how he has partnered with Vectra AI to improve ransomware defenses.
Amid the current ransomware surge, it's time for the principle of least privilege to meet endpoint security and be a new foundational security control, says David Higgins of CyberArk. He outlines the cybersecurity use cases and potential business benefits.
Ten U.S. senators this week wrote to the secretaries of both the Department of Homeland Security and the Department of Transportation inquiring about specific measures they plan to pursue to prevent and respond to cyberattacks on the nation's critical infrastructure.
The websites of Expresso and SIC, Portugal's largest news publications, remain offline for a third day. A ransomware attack on the parent company Impresa Group was carried out by the Lapsus$ ransomware group - a relatively new bad actor that has made three high-impact attacks in less than a month.
In an update on the Apache Log4j vulnerability, Microsoft says exploitation attempts and testing for vulnerable systems and devices remained "high" through late December. This comes after security leaders have identified sophisticated and even state-backed attacks targeting vulnerable devices.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.