Cloud computing is a bonanza – but security lags

Fact is, security in the cloud needs improvement. The problem is that cloud service providers treat cloud security as a shared responsibility with their customers. And while cloud purveyors typically hold up their end of the bargain, many customers do not. Human error among cloud customers is rampant.

from Cyber Security News https://ift.tt/3Ah3rsr

REvil ransomware group deploys Linux encryptor against EXSi virtual machines

The REvil ransomware operation have added a Linux encryptor to their arsenal that's designed to target and encrypt Vmware ESXi virtual machines.

from Cyber Security News https://ift.tt/3higO2Z

5 minutes with Mira LaCous - Trends in biometric security

Mira LaCous, Chief Technology Officer of the biometrics-led identity access management provider, BIO-key International, talks to Security magazine about current trends in biometric security.

from Cyber Security News https://ift.tt/3AoKYdI

Almost 70% of poll respondents think cyberattackers deserve prison sentences

In a Twitter poll that garnered close to 9000 responses, 79% of respondents say organizations shouldn't pay ransom when hit with a ransomware cyberattack.

from Cyber Security News https://ift.tt/2Ua8V7G

Department of Defense approves additional (ISC)² certifications as requirements for cybersecurity staff

(ISC)² – nonprofit association of certified cybersecurity professionals – announced that its healthcare security and cloud security certifications have been approved by the U.S. Department of Defense (DoD) as prerequisites of employment for certain security workforce categories.

from Cyber Security News https://ift.tt/3duUsu5

Need for enterprise security as end users lack awareness of major cyberattacks

Armis research found that end users are not paying attention to the major cybersecurity attacks plaguing operational technology and critical infrastructure across the country, signaling the importance of businesses prioritizing a focus on security as employees return to the office.

from Cyber Security News https://ift.tt/3A9wBd0

4 steps to protect your data against disaster in the cloud

Is your data truly safe when you move to the cloud? The recent fire at the OVHcloud’s data center in France proves that it is not. Here are four ways to keep your data safe, even when disaster strikes your cloud provider.

from Cyber Security News https://ift.tt/3qHvBbJ

Gunter Ollmann joins Devo Technology as Chief Security Officer

Gunter Ollmann has been named Chief Security Officer (CSO) at Devo Technology. Ollmann will drive Devo’s overall security strategy, Devo’s threat research teams, and ensure the company's security innovation.

from Cyber Security News https://ift.tt/2T9id3X

NSA funds development, release of D3FEND, a cybersecurity framework

D3FEND, a framework for cybersecurity professionals to tailor defenses against specific cyber threats is now available through MITRE. The National Security Agency funded MITRE’s research for D3FEND to improve the cybersecurity of National Security Systems, the Department of Defense, and the Defense Industrial Base.

from Cyber Security News https://ift.tt/35XyGuI

Only 54% of organizations have a company-wide disaster recovery plan in place

iland released the findings of its research into organizations’ disaster recovery readiness. The study found that as organizations work diligently to support evolving business needs, the majority of disaster recovery solutions are not tested on a regular basis.

from Cyber Security News https://ift.tt/3y4jIir

Security and automation are top priorities for IT professionals

The top three priorities for IT professionals are improvement of IT security, cloud migration and automation to increase IT productivity, according to a new Kaseya survey.

from Cyber Security News https://ift.tt/3y2eDY0

5 minutes with John Parlee - Why analytics are key for network security

John Parlee, Chief Information Security Officer (CISO) at Park Place Technologies, talks to Security magazine about key trends in the network security space, including why analytics are critical to network security and how companies can ensure they have a viable monitoring solution. 

from Cyber Security News https://ift.tt/2UQdnsP

SaaS security: A new challenge for modern security management

There’s momentum right now to build security controls into your SaaS deployment. Many organizations have enabled a hybrid approach within appsec that “builds security into” the deployment process. Here are some actions that organizations can take in order to kickstart a SaaS security program.

from Cyber Security News https://ift.tt/2Sz4iDP

Lawmakers introduce American Cybersecurity Literacy Act

Bipartisan House lawmakers introduced legislation to increase cybersecurity literacy and security awareness among the American public amid a spike in cybersecurity threats against critical infrastructure. 

from Cyber Security News https://ift.tt/3xVu83U

Researchers publish proof of concept for Cisco ASA flaw

Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties using this exploit.

from Cyber Security News https://ift.tt/3hh0uiO

Western Digital My Book Live NAS remotely wiped clean worldwide

Western Digital My Book Live NAS owners worldwide found that their devices have been mysteriously factory reset and all of their files deleted, Bleeping Computer reports. 

from Cyber Security News https://ift.tt/3h8OrEi

5 minutes with Tony Bai and Joe Cortese - The future of supply chain security

Long-time cyberveteran with the USAF and currently Federal Practice Lead at A-LIGN, Tony Bai  and Joe Cortese, Penetration Testing Practice at A-LIGN, navigate the complex future of supply chain security and discuss who should be responsible for supply chain protection.

from Cyber Security News https://ift.tt/3jk59Df

Dell BIOSConnect vulnerabilities affect 30 million devices

Eclypsium has discovered four vulnerabilities that impact 128 Dell device models, and an estimated 30 million individual devices, that allow threat actors to remotely execute code in a pre-boot environment, according to new research released today.

from Cyber Security News https://ift.tt/3zZtvbC

DreamHost database leaked 814 million records online, including customer data

The Website Planet research team, in cooperation with security researcher Jeremiah Fowler, discovered a non-password protected database that contained just under one billion records. The exposed records revealed usernames, display names, and emails for WordPress accounts.

from Cyber Security News https://ift.tt/2SXybhx

Global supply chain disruptions cost companies $184 million annually

Nearly all (94%) of security and business decision-makers in the Interos Global Supply Chain Report study reported some negative impact to revenue resulting from supply chain disruption, which they attributed to a variety of supply chain risks including cyber breaches, financial risks, and ESG (environment, social, governance) transparency issues.

from Cyber Security News https://ift.tt/2T5EHCL

Considering the consumer privacy conundrum in a data-filled digital world

New consumer privacy laws and innovative fraudsters have given security professionals much to do in a supercharged digital economy. As our digital footprints widen, bad actors are finding increasingly sophisticated ways to access troves of personal information and sensitive data.

from Cyber Security News https://ift.tt/2U3AEXA

5 minutes with Lamont Orange - Fostering a security-first culture with SASE adoption

Lamont Orange, Netskope's Chief Information Security Officer (CISO), talks to Security magazine about how to foster a security-first culture with Security Access Service Edge (SASE) adoption.

from Cyber Security News https://ift.tt/3A8Avmy

NIST proposes approach to reduce risk of bias in artificial intelligence

In an effort to counter the often pernicious effect of biases in artificial intelligence (AI) that can damage people’s lives and public trust in AI, the National Institute of Standards and Technology (NIST) is advancing an approach for identifying and managing these biases — and  is requesting the public’s help in improving it. 

from Cyber Security News https://ift.tt/3vXFfIe

NIST publishes draft cybersecurity framework for ransomware risk management

The National Institute of Standards and Technology (NIST) has published a new draft on ransomware guidance for organizations.

from Cyber Security News https://ift.tt/3vUOhG3

CISA believes SolarWinds attack could have been prevented with simple countermeasures

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) says the 2020 SolarWinds supply chain cybersecurity compromise could have been prevented with a decade-old security recommendation. 

from Cyber Security News https://ift.tt/3zPVpXb

5 minutes with Nick Heywood - Security considerations for the hybrid workplace

Nick Heywood, Associate Vice President at Guidepost Solutions, talks to Security magazine about the physical, environmental, and cybersecurity issues behind long-empty offices that are reopening as restrictions lift. 

from Cyber Security News https://ift.tt/3gQHSHw

Significant increase in USB threats that can cause costly business disruptions

USB-based threats that can severely impact business operations increased significantly during a disruptive year when the usage of removable media and network connectivity also grew, according to a report by Honeywell.

from Cyber Security News https://ift.tt/3j3Ilre

Survey finds utilities industry has the highest Window of Exposure

WhiteHat Security published their latest installment of the AppSec Stats Flash report and podcast, surveying the current state of the application security and wider threat landscape.

from Cyber Security News https://ift.tt/3wNl1lT

Security leaders anticipate ransomware and phishing uptick in a hybrid workplace

Most IT leaders believe that ransomware attacks will be a greater concern in a hybrid workplace, with legal firms and healthcare organizations particularly concerned about this threat, according to a new Tessian report.

from Cyber Security News https://ift.tt/3gM4uc2

Bay Area water supply targeted by cybercriminals

Cybercriminals have targeted the Bay Area water supply. Similar to the Oldsmar water treatment attack in Florida, the threat actor used legitimate credentials to break into remote access tool TeamViewer. After logging in, they deleted programs that the plant used to treat drinking water.

from Cyber Security News https://ift.tt/3xCK4YD

Wegmans discloses data breach

Wegmans, American supermarket chain, has disclosed a data breach incident, affecting two of their customer databases.

from Cyber Security News https://ift.tt/3zLhcPI

Sec. Madeleine Albright announced as the International Security Foundation's 10th anniversary speaker

The International Security Foundation (ISF) announced that Secretary Madeleine Albright is the ISF 10th Anniversary Speaker for the ISF Virtual Reception on Wednesday, November 17, 2021, 5 PM EDT. The global virtual event, hosted by the ISF during OSAC’s virtual Annual Briefing week, celebrates OSAC’s private-public partnership with the OSAC Awards and celebrates the ISF’s 10th anniversary.

from Cyber Security News https://ift.tt/3vxQdE8

Threat actors are using Google Docs to host phishing attacks

Avanan analysts have recently discovered an exploit vector in Google Docs that attackers are using to deliver malicious phishing websites to victims.

from Cyber Security News https://ift.tt/3gMjOUS

Stopping threats in today’s threat landscape

Many adversaries now take advantage of new vulnerabilities and convert them into weaponized attacks very easily and very quickly, while the extreme adversaries are now focusing on supply chain and targeted attacks. This combination makes for a very challenging environment for any modern enterprise. 

from Cyber Security News https://ift.tt/3vEN9WG

5 minutes with Inon Shkedy - API security risks

Here, Inon Shkedy, Head of Security Research for Traceable, who also serves as the API Security Project Lead at OWASP and co-authored the OWASP API Top 10, talks to Security magazine about API security risks.

from Cyber Security News https://ift.tt/3gMxn6X

New malware blocks access to piracy sites

Sophos researchers have discovered a malware campaign whose primary purpose appears to stray from the more common malware motives. Instead, say the researchers, it appears to steal passwords or to extort a computer's owner for ransom, blocking infected users' computers from being able to visit a large number of websites dedicated to software piracy by modifying the HOSTS file on the infected system.

from Cyber Security News https://ift.tt/2UhwRGv

6 Clop ransomware operation suspects arrested in Ukraine

With the assistance and coordination of Interpol and law enforcement officers from the Republic of Korea and the United States, Ukrainian police have arrested six alleged members of the Clop ransomware gang. 

from Cyber Security News https://ift.tt/3vyB05U

Firmware security requires firm supply chain agreements

Just as organizations require a show of security and compliance due diligence for their enterprise applications, so should they be doing for their IoT devices. They should also be putting this same pressure on their suppliers.

from Cyber Security News https://ift.tt/3wBQxmy

McAfee finds vulnerability in Peloton products

The McAfee Advanced Threat Research team (ATR) uncovered a flaw (CVE-2021-33887) in the Android Verified Boot (AVB) process that left the Peloton vulnerable. 

from Cyber Security News https://ift.tt/2TCLlQQ

64% of businesses are adopting or plan to adopt SASE in the next year

Global research commissioned by Versa Networks examining the adoption of Secure Access Service Edge (SASE) by businesses during the lockdown revealed that the adoption of SASE has skyrocketed during the pandemic.

from Cyber Security News https://ift.tt/3gtG2w4

Healthcare + Security: Why it needs to matter to everyone

Let's discuss the current state of cybersecurity in the healthcare space, what increased infosecurity technology can do to help mitigate cyberattacks and tips for securing healthcare practices as the hybrid workforce continues.

from Cyber Security News https://ift.tt/2TAne5t

Top 5 cybersecurity challenges in the hybrid office

Regardless of whether employees are on-site or remote, this convenience is now a permanent cyber-risk for businesses. Listed below are the top 5 challenges in this new hybrid environment:

from Cyber Security News https://ift.tt/2TZVMOv

Fraud threats on government agencies growing in numbers and severity

As more U.S. citizens have interacted with government agencies online during the COVID-19 pandemic, account takeover fraud threats (ATO) are becoming more prevalent, according to TransUnion’s Public Sector Fraud Study.

from Cyber Security News https://ift.tt/2TB4GSk

Ryan Gurney joins YL Ventures as CISO-in-Residence

Ryan Gurney joins YL Ventures as its new full-time CISO (Chief Information Security Officer)-in-Residence. 

from Cyber Security News https://ift.tt/35pEg8V

Dr. Boaz Gelbord named Chief Security Officer at Akamai Technologies

Dr. Boaz Gelbord has joined Akamai Technologies as senior vice president and chief security officer. Gelbord will assume direct leadership of Akamai’s existing information security organization which includes responsibility for cybersecurity, information security compliance, and the protection of Akamai’s systems

from Cyber Security News https://ift.tt/3goNxEs

Cloud Security Alliance releases new telehealth risk management guidance

The Cloud Security Alliance (CSA) announced the release of Telehealth Risk Management, focusing on the importance of healthcare delivery organizations (HDO) having processes and controls in place to ensure the privacy and security of telehealth patient information in the cloud in accordance with HIPAA privacy rules and the GDPR.

from Cyber Security News https://ift.tt/2Sskkzz

80% of organizations increased focus on identity security following pandemic shift to remote work

Over the last year, the shift to remote work has led to an increase in the number of identities and an increased focus on identity security, but a decrease in confidence in the ability to secure employee identities, according to a new Identity Defined Security Alliance (IDSA) study.

from Cyber Security News https://ift.tt/3zsVsrX

McDonald's Corp suffers data breach

McDonald's Corp. said hackers exposed U.S. business information and some customer data in South Korea and Taiwan. 

from Cyber Security News https://ift.tt/3cEuRyr

Fancy Lazarus DDoS extortion group is back with new campaign focused on unprotected assets

Fancy Lazarus, a well-known distributed denial of service (DDoS) extortionist, has resurfaced with a new campaign focused on organizations with unprotected assets across all sizes of companies in all industries, according to Radware.

from Cyber Security News https://ift.tt/3gvPmhV

450% surge in security breaches containing usernames and passwords

ForgeRock announced findings from its 2021 Identity Breach Report, revealing an unprecedented 450% surge in breaches containing usernames and passwords globally.

from Cyber Security News https://ift.tt/3gArYzw

How to navigate the new Colorado Privacy Act (CPA)

The Colorado Privacy Act (CPA) passed yesterday in the state's senate and will go into effect in July 2023 – creating an additional  regulation that organizations must comply with or face hefty fines and eroding consumer trust. 

from Cyber Security News https://ift.tt/2Tk4SFJ

Cloud security priorities of “pandemic-evolved” businesses

Devo Technology announced the results of a report assessing the current state and pace of change with regards to enterprise cloud transformation initiatives and the ramifications on teams running a Security Operations Center (SOC). The report found that the global pandemic accelerated business transformation far past the cloud tipping point and uncovered severe and far-reaching implications for security teams.

from Cyber Security News https://ift.tt/2TmkWXc

Increased cybersecurity mandates coming for state and local governments

The past year’s COVID-19 pandemic marked an unparalleled turning point that has completely changed the world as we know it. When businesses and organizations from many industries rushed to establish business continuity from home, hackers took full advantage of the remote work conditions that provided easy targets in unsecure environments. Although people are returning to the office and getting “back to normal,” the idea of evaluating the organization’s cybersecurity posture is becoming more prevalent.

from Cyber Security News https://ift.tt/3pJUTpm

10 most popular cybersecurity metrics

Among highly regulated, global organizations, Panaseer has determined that the top ten most frequently used security metrics are (in order of popularity): 

from Cyber Security News https://ift.tt/3iy7b2u

48% of businesses don't use a user verification policy for password reset calls to IT service desks

Nearly half (48%) of organizations do not have a user verification policy in place for password reset calls to IT service desks, according to a new Specops Software survey, which highlights social engineering vulnerabilities among IT service help desks.

from Cyber Security News https://ift.tt/3zg7yVg

Zero Trust, a core component of any modern security strategy

In the spirit of building a solid foundation, Zero Trust security has once again come into the forefront. Whie the concept of Zero Trust is not new, the reality is that not enough organizations have adopted those in IT and security, the concept of identity-centric protection isn’t anything new.

from Cyber Security News https://ift.tt/3ghkdi0

The buyer’s dilemma: Insights and tips on finding the right cybersecurity vendor

Enterprise security professionals face a difficult task. The growth of the cybersecurity market has led to increased clutter and overwhelming fragmentation. Before we dig into the tips that enterprise security professionals should keep top of mind when seeking out the right vendor, let’s delve into the primary pain points that buyers face.

from Cyber Security News https://ift.tt/3gpSDir

Kimsuky APT continues to target South Korean government

The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima— continues to target the South Korean government, according to the Malwarebytes Threat Intelligence team, who is actively monitoring this actor and has been able to spot phishing websites, malicious documents, and scripts that have been used to target high profile people within the government of South Korea. The structure and TTPs used in these recent activities align with what has been reported in KISA’s report.

from Cyber Security News https://ift.tt/3g50piP

US and Australian law enforcement hack into app to read millions of encrypted messages to disrupt organized crime internationally

The US Federal Bureau of Investigation (FBI), the Dutch National Police (Politie), and the Swedish Police Authority (Polisen), in cooperation with the US Drug Enforcement Administration (DEA) and 16 other countries have carried out with the support of Europol one of the largest and most sophisticated law enforcement operations to date in the fight against encrypted criminal activities.  

from Cyber Security News https://ift.tt/2TcrLuH

Clinical treatment of ransomware in healthcare

No health system should have to decide between improving patient care or covering the high cost of an unexpected ransomware attack. Examine the health and wellness of your IT infrastructure—just like a patient—to prevent long-term issues down the line.

from Cyber Security News https://ift.tt/2TaTdZC

Laurie Doran appointed Acting Director of the New Jersey Office of Homeland Security and Preparedness

Laurie R. Doran has been appointed Acting Director of the New Jersey Office of Homeland Security and Preparedness (NJOHSP), effective June 6, 2021. Doran will take over for Director Jared Maples. 

from Cyber Security News https://ift.tt/34WA2W4

Registration is open for webinar on increasing your organization's operational resilience

The move to a platform economy, the foundation of which is cloud and mobility, is accelerating a new imperative to address security and resilience holistically. The growing challenge of sustaining business operations in this hyperconnected world has created a need for a comprehensive and integrated approach to both. The ultimate goal is operational resilience. Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, will lead this session, Operational Resilience in a Hyperconnected World, on June 17, 2021 at 2:00 p.m. EDT, and provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience. 

from Cyber Security News https://ift.tt/3ghRiKH

US to treat ransomware like terrorism

The U.S. Department of Justice (DOJ) is elevating investigations of ransomware attacks to a similar priority as terrorism, a senior official told Reuters. 

from Cyber Security News https://ift.tt/3x1JL9B

Fujifilm confirms ransomware attack

FUJIFILM Corporation confirmed the company suffered a ransomware attack that disrupted its business operations. In the late evening of June 1, 2021, the company shut down all networks and servers to determine the extent and scale of the attack, and suspended all affected systems in coordination with their various global entities.

from Cyber Security News https://ift.tt/3g0ceXS

Vaccine passports: Our saving grace, or a privacy nightmare?

For me, the issue of vaccination passports is actually exposing the underbelly of the privacy and identity debate in the United States at the expense of public health and public safety. This is no longer a matter of whether people are collecting benefits to which they are not entitled, or whether an ID is needed to vote. The issue of vaccination passports and the lack of a national identity strategy in the United States is now literally a matter of life and death.

from Cyber Security News https://ift.tt/3irnZbd

White House asks private sector to take ransomware attacks more seriously

The White House has issued an open letter to companies, urging them to take immediate steps to prepare for ransomware attacks, following a string of cyberattacks that have halted the operations of many companies. 

from Cyber Security News https://ift.tt/34MGiQb

Three reasons why passwords aren't going away any time soon

Removing passwords is a solid goal as they are fraught with vulnerability issues – reuse, common construction patterns and the almighty leaked password problem. These are the three reasons why most organizations are not ready to abandon on-premises Active Directory and move towards a cloud-only model.  

from Cyber Security News https://ift.tt/3ci4FJF

5 minutes with Vishal Jain - Navigating cybersecurity in a hybrid work environment

Are you ready for hybrid work? Though the hybrid office will create great opportunities for employees and employers alike, it will create some cybersecurity challenges for security and IT operations. Here, Vishal Jain, Co-Founder and CTO at Valtix, a Santa Clara, Calif.-based provider of cloud native network security services, speaks to Security magazine about the many ways to develop a sustainable cybersecurity program for the new hybrid workforce.

from Cyber Security News https://ift.tt/3prwZ1G

IBM gives out $3 million in education security preparedness grants to schools

IBM selected six school districts to receive its IBM Education Security Preparedness Grant, which totals $3 million. The in-kind grant was created to help United States K-12 public school districts proactively prepare for and respond to cyberattacks.

from Cyber Security News https://ift.tt/3fONf9F

93% of fraud attacks occur online

Feedzai has announced its Quarterly Financial Crime Report, an analysis of over 12 billion global banking transactions from January – March 2021. The report identifies trends in spending and in fraud attempts to show that this past quarter, as consumer activities increased, fraudsters attempted to hide their fraudulent transactions in legitimate banking. In fact, combining all banking fraud  – internet, telephone, and branch – attacks grew a whopping 159% in Q1 2021 compared to Q4 2020. 

from Cyber Security News https://ift.tt/3g87Q7M

When product security and cybersecurity converge: A CSO’s perspective on how security organizations can thrive

To more effectively reduce risk and capitalize on the capabilities, intelligence and experience of both the corporate application security team and the product security team, John Scimone, Dell Technologies Chief Security Officer, recommends converging these programs. Once converged, the security organization will see immediate benefits. Here, Scimone explores why organizations should converge these teams and the benefits.

from Cyber Security News https://ift.tt/3iflhp2

Just 3% of organizations have real-time visibility into runtime vulnerabilities

Software intelligence company Dynatrace announced the findings of an independent global survey of 700 CISOs, which reveals the rising adoption of cloud-native architectures, DevOps, and agile methodologies has broken traditional approaches to application security. As organizations shift more responsibility "left" to developers to accelerate innovation, increasingly complex IT ecosystems and outdated security tooling can slow releases by leaving blind spots and forcing teams to manually triage countless alerts, many of which are false positives reflecting vulnerabilities in libraries that are not used in production.

from Cyber Security News https://ift.tt/3poTJ2k

Behind the scenes of a ransomware attack and response

Threat actors are now not only encrypting critical business systems, but also backups. They’ve brought businesses to a standstill, leaving some non-operational and really, with no good options for recovery. In many cases, it’s been pay the ransom to obtain a decryption key — or go out of business.

from Cyber Security News https://ift.tt/3cgaUO3

Adrian Asher named CISO at Checkout.com

Checkout.com, cloud-based global payment solutions provider, announced the hire of J.P. Morgan cybersecurity expert and cloud evangelist Adrian Asher as Chief Information Security Officer (CISO) and head of cloud architecture. 

from Cyber Security News https://ift.tt/2RZpyCC

Emerging COVID-19 threat landscape: Remote workforce and remote learning

Some opportunistic cybercriminals have taken advantage of the pandemic environment to breach both consumer and organizations’ data. These cybercriminals are using COVID-19-themed emails as an opportunity to unleash ransomware attacks on organizations and consumers. Here, we focus on Remote Workforce and Remote Learning as areas that cybercriminals will continue targeting in 2021 and beyond, and explore mitigation strategies that may help reduce cybersecurity risks related to these areas.

from Cyber Security News https://ift.tt/3cenKfM

41% of GRC professionals adopting cloud-based technology in post-pandemic recovery

Galvanize announced new findings from a national survey of governance, risk, and compliance (GRC) professionals that position the 2020s as the decade when the GRC industry embraces advanced technology. The data uncovered a strong post-pandemic push toward the adoption of cloud-based technology and revealed the critical value GRC professionals bring to the C-suite, as well as the top concerns from, and the evolving role of, GRC professionals. 

from Cyber Security News https://ift.tt/2S3JgNr

Meat producer JBS USA hit by cyberattack

JBS USA - a global provider of diversified, food products, and leading processor of beef, pork and prepared foods in the U.S., Canada and Australia - has been the target of a cyberattack, affecting some of its servers supporting its North American and Australian IT systems. 

from Cyber Security News https://ift.tt/3wLKlYM

Majority of businesses still have remote working cybersecurity concerns one year into the pandemic

Despite being over a year into remote working and looking ahead to likely shifts to hybrid remote/in-office working models, four fifths (82%) of businesses still remain concerned about the security risks of employees working remotely. This is just one of the key insights from the 2021 Thales Global Data Threat Report which reveals that managing security risks is undoubtedly getting more challenging, with nearly half (47%) of businesses seeing an increase in the volume, severity, and/or scope of cyberattacks in the past 12 months.

from Cyber Security News https://ift.tt/34GrliA

Microsoft warns of Russian Nobelium phishing campaign

Microsoft has warned that Nobelium is currently conducting a phishing campaign after the Russian-backed group managed to take control of the account used by USAID on the email marketing platform Constant Contact. The phishing campaign has targeted around 3,000 accounts linked to government agencies, think tanks, consultants, and non-governmental organizations.

from Cyber Security News https://ift.tt/3plvMsN

Four steps to deliver a deadly counterpunch to ransomware attacks

Here are steps you can take to protect your enterprise against ransomware, limit the impact of a breach, understand where an attack can be stopped, and act fast if a hacker succeeds in gaining access.

from Cyber Security News https://ift.tt/3c3YUiH

Quarterly DDoS attack report finds Q1 2021 attack volume up dramatically

Radware’s recently released “Quarterly DDoS Attack Report, which provides an overview of attack activity witnessed during the first quarter of 2021, found that while the total number of attacks held fairly steady from the previous quarter, attack volumes were up dramatically.

from Cyber Security News https://ift.tt/3c8MkOZ

Will 2020 be the cybersecurity wakeup call healthcare needed?

For years, healthcare providers lagged their corporate counterparts when it came to cybersecurity. Recently, they made up significant ground, recognizing the need to allocate sufficient funds, focus on fundamentals, and outsource functions they cannot cost-effectively perform in-house. Unfortunately, 2020 threw a huge wrench in the works.

from Cyber Security News https://ift.tt/3yPAx1U