Bishop Fox has closed a $75 million funding round to strengthen its visibility and continuous testing capabilities across all service offerings. The company will go from having just its attack surface testing on the Cosmos platform to all service offerings, including app pen testing and red teaming.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
Protecting the organization against email-borne threats is only becoming more difficult as attackers create new and more clever ways to fool users and embed threats and malware.
The best SEG solutions provide better protection than older products or those that are available with an email platform...
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
Ransomware-wielding criminals constantly refine their behavior and tactics to maximize the chance of a payday, and recently they have been implementing fresh strategies for monetizing stolen data, says Steve Rivers at threat intelligence firm Kela.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
EDR deployments will be underway at more than half of federal civilian agencies by the end of September, according to federal officials. CISA is currently in the process of deploying EDR across 26 federal civilian agencies and expects to have work underway at 53 agencies by Sept. 30, 2022.
Many organizations, especially large global enterprises, don’t always have the best visibility into how many third-party vendors they are using at a given time, or what types of assets are in their environment because of those third-party vendors. In addition, they are at the mercy of their third-party partners’...
Targeted attacks on a Ukrainian energy facility have been confirmed by CERT-UA. In a joint operation carried out by the Ukrainian CERT with security companies Microsoft and Eset, it was found that an ICS-capable malware and several regular disk wipers were used in the attack.
Microsoft says it seized control of seven domains belonging to Russian GRU-linked state-sponsored threat group Strontium. The group, also called APT28 and Fancy Bear, used the domains to target Ukrainian media organizations and had U.S. and EU government entities and decision-makers on its radar.
You have a strong industrial security program in place. You’ve cleaned up with good cyber hygiene and have implemented intrusion detection systems to avoid future incidents. But in the complex world of cybersecurity, you can’t stop there.
Despite all your efforts, latent advanced persistent threats (APTs) are...
'Despite an arsenal of point products designed to block malware and threats and warn of vulnerabilities that can be exploited by attackers; it is no longer sufficient to rely on traditional defence techniques. While effective in some areas, these approaches are limited, with one of the most important gaps being the...
As Russia's invasion of Ukraine continues, what should global CISOs and security teams do to ensure that their organizations stay protected? Beyond following cybersecurity agencies' guidance, experts offer advice on how to brief the board of directors, appeal for resources, support teams and more.
Britain's National Cyber Security Center has launched a trial vulnerability management project called Scanning Made Easy, designed to empower small and midsize organizations to identify if critical software flaws are present in their IT infrastructure, so they can be targeted for remediation.
Has the notorious REvil, aka Sodinokibi, ransomware operation rebooted as "Ransom Cartel"? Security experts say the new group has technical and other crossovers with REvil. But whether the new group is a spinoff of REvil, bought the tools, or is simply copying how they work, remains unclear.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.