EXCLUSIVE

CISO July 7, 2021

REvil Ransomware Gang Launches Major Supply Chain Attack Through Kaseya, Downstream Impact May Affect Over 1,500 Customers

On July 2, 2021, Kaseya customers were notified of a compromise affecting the company’s VSA product in a way that poisoned the product’s update mechanism with malicious code. VSA is a remote monitoring and management tool for networks and endpoints…

Double Encryption: When Ransomware Recovery Gets Complicated

Ever hear of double extortion? It’s a technique increasingly employed by ransomware attackers. A malware payload steals a victim’s plaintext information before launching its encryption routine. Those operating the ransomware then go on to demand two ransoms — one for…

Artificial Intelligence July 23, 2021

How AI Will Transform Data Security

I’ve often wondered whether artificial intelligence (AI) in cybersecurity is a good thing or a bad thing for data security. Yes, I love the convenience of online stores suggesting the perfect items for me based on my search history, but…

Application Security July 22, 2021

API Abuse Is a Data Security Issue Here to Stay

Just about every app uses an application programming interface (API). From a security standpoint, though, APIs also come with some common problems. Gartner predicted that API abuse will be the most common type of attack seen in 2022. So, what…

Incident Response July 22, 2021

Thriving in Chaos: How Cyber Resilience Works

In cybersecurity as in most jobs, problems don’t happen one at a time, you’re bound to have a few at once. Speakers at the RSA Conference 2021 talked about this in terms of maintaining cyber resilience in chaos. So, what…

Incident Response July 21, 2021

This Chat is Being Recorded: Egregor Ransomware Negotiations Uncovered

Ransomware attacks are topping the charts as the most common attack type to target organizations with a constant drumbeat of attacks impacting industries across the board. In fact, IBM Security X-Force has seen a more than 10% increase in ransomware…

Timeline

State and Local Government Cyberattacks Timeline

State and local governments face malicious actors who target personal information and key services, endangering both citizens and critical infrastructure. Explore this timeline for a sense of the evolving landscape, attack patterns and prevention best practices.

EXPLORE THE TIMELINE

Beyond Ransomware: Four Threats Facing Companies Today

The recent DarkSide attack makes it clear: no system is safe from ransomware. And while the attackers say they weren’t out to hurt anyone, only to make money, the impact is the same. It could lead to potential disruptions of…

Mobile Security July 20, 2021

How to Fix the Big Problems With Two-Factor and Multifactor Authentication

Getting a second opinion is a great idea in both medicine and end-user cybersecurity. Two-factor authentication (2FA) and multifactor authentication (MFA) are powerful tools in the fight against all kinds of cyberattacks that involve end-user devices and internet-based services. There’s…

Cloud Security July 20, 2021

Avoid Blind Spots: Is Your Incident Response Team Cloud Ready?

The year 2020 — with all its tumult — ushered in a massive shift in the way most companies work. Much of that transformation included migrating to cloud, with some statisticians reporting that a full 50% of companies across the…

CISO July 20, 2021

How Data Discovery and Zero Trust Can Help Defend Against a Data Breach

As more companies start to use the cloud, the threat of a data breach and the rules and fines that go with it has only grown. Therefore, companies and agencies need to anticipate and adapt to their changing data and…

Artificial Intelligence July 19, 2021

Two (or More) Is Better Than One: Digital Twin Tech for Cybersecurity

Throughout my lifetime, I’ve wondered on many occasions how my life would have changed had I made a different decision at a critical point — picked a different college, taken a different job or moved to another town. I’ve often…

Latest Podcast

Season 1 |Episode 4

Developing a Cloud Security Strategy

Playlist 3 |Episode 19

Training with Chaos Engineering

Playlist 3 |Episode 18

Time Is (Still) Money and Other Findings from the 2020 Cost of a Data Breach Report

Playlist 3 |Episode 17

Contextualizing Zero Trust

Playlist 3 |Episode 16

Recent Activity from ITG16, a North Korean Threat Group

Playlist 3 |Episode 15

Consumer Identity and Access Management (CIAM): Reducing Friction Without Reducing Security

Playlist 3 |Episode 14

Exploring the Impact of the ITG08 Threat Group

Playlist 3 |Episode 13

Creating AI Without Bias

Playlist 3 |Episode 12

Current Trends in the Threat Intelligence Landscape

Playlist 3 |Episode 11

Verify to Simplify: Demystifying Zero Trust