The Treasury Department has issued sanctions against a Russian research institute that U.S. officials now claim helped deploy Triton, a destructive malware designed to damage industrial control systems. The announcement follows other economic penalties levied against Iran in the same week.
U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September and stolen election-related data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.
The latest edition of the ISMG Security Report analyzes the U.S. indictment against Russian hackers who were allegedly behind NotPetya. Also featured: A discussion of nation-state adversaries and how they operate; an update on Instagram privacy investigation.
U.S. officials have blamed Iran for sending a barrage of fake emails and videos to American voters with a Democratic Party affiliation as part of a campaign to push misinformation and sow confusion in the days before the presidential election.
To mitigate the risks posed by ransomware attacks, enterprises need to move from file-based security to a behavior-based approach, says Jennifer Ayers, vice president of the OverWatch division of Crowdstrike.
A report from Google's Threat Analysis Group offers fresh details about the hacking group that targeted Democratic presidential candidate Joe Biden's campaign with phishing emails earlier this year. The phishing effort was linked to a little-known hacking group called APT31, which has connections to China.
CISA is warning that sophisticated hacking groups are chaining together vulnerabilities, such as the recent Zerologon bug and other flaws, to target state and local government networks. In some cases, attackers gained access to election support systems.
The U.S. Government Accountability Office is urging Congress to pass legislation to reestablish a White House cybersecurity coordinator role. The position would coordinate the government's response to online attacks and other cybersecurity challenges facing the nation.
Unified Cloud Edge is part of MVISION, the cloud-native security platform from McAfee. Unified Cloud Edge enables consistent data protection from device-to-cloud and prevents cloud-native threats that are invisible to the corporate network.
MVISION Unified Cloud Edge is a cloud-native security platform that enables...
Like the force of gravity in a supernova, the cloud has caused data to explode out of the enterprise to a new cloud edge with fragmented visibility and control for enterprise security. In this paper, we'll evaluate this massive shift through a combination of survey results from 1,000 enterprises in 11 countries and an...
"Digital business transformation inverts network and security service design patterns, shifting the focal point to the identity of the user and/or device not the data center. Security and risk management leaders need a converged cloud-delivered secure access service edge to address this shift.
Network and network...
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
The latest edition of the ISMG Security Report analyzes the unusual case against former Uber CSO, Joe Sullivan, who was charged in connection with allegedly covering up a data breach. Also featured: CISA director on election security; insights on preventing healthcare fraud.
Despite rapid and widespread deployment, APIs remain poorly protected and automated threats are mounting. Personally identifiable information (PII), payment card details and business-critical services are at risk due to bot attacks.
Download this whitepaper to learn more about:
Symptoms of bot attacks on APIs
Critical Infrastructure operators are under special observation. On the one hand, in terms of compliance with legal requirements, and on the other, in terms of the interests of cybercriminals. A single successful attack can have catastrophic consequences.
To avoid this, only regular care and intensive protection...