Microsoft’s June rollout of security flaw fixes includes patching Follina, a zero-day exploit launched via malicious Office documents which has been spotted being exploited in the wild. From July users with E3 licenses and above will have the option of automatic updates instead of manual Patch Tuesday fixes.
The latest edition of the ISMG Security Report includes highlights and observations from RSA Conference 2022, including a key message from RSA CEO Rohit Ghai. It also discusses the value of automation and the Cybersecurity and Infrastructure Security Agency's mission to grow cyber talent.
Personal data allegedly obtained during a cyberattack using BlackCat ransomware was published on a typosquatted open internet website. This new extortion technique shows an escalation by ransomware groups in their willingness to use personal data to bludgeon victims into paying extortion money.
Critical infrastructure providers face a unique set of challenges when it comes to securing their environment from the cruciality of uptime to complying with new federal directives, according to Mark Cristiano, commercial director for Rockwell Automation's global services business.
Organizations face major challenges gaining visibility into networks that grow more complex by the day, and Corelight CEO Brian Dye says the open-source community can help with gathering evidence and insights from networks so that the perimeter is better secured.
There's a lot of confusion in the market around what constitutes zero trust architecture, and Zscaler founder, Chairman and CEO Jay Chaudhry believes firewalls and VPNs shouldn't be part of a system that's supposed to not trust anybody or anything by default.
CISO Eric Sanchez of Kyowa Kirin North America discusses the nuances and challenges of building a security program at an international company. He shares strategies for managing the people, operations and technology and explains why strong interpersonal and crisis management skills are a must.
The disruption of the Netwalker ransomware group in January 2021 by U.S. and Bulgarian authorities highlights how blockchain can be an Achilles' heel for cryptocurrency-using criminals, says Jackie Burns Koven, cyberthreat intelligence lead at Chainalysis.
Jeremy Grant of Venable says we are getting closer to eradicating the password. He says that in the next 12 to 18 months, "There will be a lot of uptake from big, consumer-facing brands to finally kill the password and let people instead create a passkey when they sign up for an account."
Never forget the fun factor when it comes to recruiting and retaining cybersecurity talent, not least to help address the nonstop stress and scariness that so often accompanies positions in the field, says Joseph Carson, chief security scientist at Delinea.
The dangers associated with compromising critical infrastructure assets burst into public view with the May 2021 Colonial Pipeline ransomware attack, prompting significant investment from both the government and the private sector, according to Claroty Chief Product Officer Grant Geyer.
Cloud has a dirty little secret: While most say moving to cloud is inevitable, not everything today can or even should run in the cloud, says SecZetta's Richard Bird. He explains why hybrid approaches are here to stay and how security teams must respond, especially when it comes to identity.
As the Russia-Ukraine war continues, and analysts watch for retaliatory cyberattacks against Ukraine's allies, cybercrime tracker Jon DiMaggio of Analyst1 says there's good news, in that Russian cybercriminals seem to have little or no incentive to move against U.S. critical infrastructure.
As information technology - aka IT - and operational technology - aka OT - continue to converge, organizations must stay ahead of new security challenges and threats, says Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.
Mandiant has taken advantage of the opportunity to become truly vendor-agnostic since selling its FireEye products business to Symphony Technology Group in October, and it has pursued integrations with leading endpoint security vendors, says executive vice president and CTO Marshall Heilman.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.