MITRE ATT&CK™ for ICS provides a framework for security managers to assess and improve their security controls for industrial control systems (ICS) and operational technology (OT) environments.
The Armis agentless device security platform is the fastest, most efficient way to find and stop cyber attacks in ICS...
The Zero Trust security model created by Forrester has become a mainstay of security approaches. But traditional Zero Trust controls largely overlook unmanaged and IoT devices, leaving the enterprise at risk.
Read this white paper and learn:
How existing Zero Trust security tools are not designed for unmanaged...
Hackers are targeting thousands of vulnerable MySQL servers around the world, using ransomware to exfiltrate data from organizations and then demanding payment, according to Guardicore Labs. The attackers are also selling access to over 250,000 stolen databases.
2020 was the year of mass migration to multi-cloud environments, which paves the way for 2021 and a further explosion on microservices and severless cloud computing. Peter Klimek of Imperva discusses how cybercriminals are likely to respond - and how to anticipate them.
Because 2020 wasn't already exciting enough, now we have to worry about being hunted by adversaries wielding FireEye's penetration testing tools, thanks to the company having suffered a big, bad breach. Here's a list of targeted flaws that every organization should ensure they've patched.
Government leaders are increasingly calling on cybersecurity researchers to better inform policymakers and are urging businesses to pay more attention to their in-house security teams, according to presenters at this week's Black Hat Europe virtual conference.
A hacking group behind an Android spyware variant has recently added fresh capabilities that include the ability to snoop on private chats on Skype, Instagram and WhatsApp, according to ReversingLabs. This APT group, believed to be tied to Iran, has recently been sanctioned by the U.S. Treasury Department.
You’re securing more endpoints than ever across the largest attack surface ever. Enter: IoT devices and the risks they bring. But they also bring new business benefits. Mitchell Bezzina of Palo Alto Networks explores risks, benefits and new steps to ensure IoT security.
In this one-pager Bezzina...
Giving the right user secure access to a system, resource, application, or network hinges on one thing – accurately confirming the user’s identity. The problem is that attackers can steal and misuse these credentials for malicious purposes, and the organization would never know.
To protect against...
Protecting Active Directory has become increasingly complex with pervasive access and a multitude of objects with varying levels of privilege and domain control. Monitoring and keeping this environment secure has become a significant challenge and comes with dire consequences when that control is lost to an attacker....
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
Critical authentication vulnerabilities contained in certain GE Healthcare medical imaging products could allow attackers to gain access to sensitive patient data, alter data and affect the availability of the equipment, according to new advisories from the vendor and the U.S. Department of Homeland Security.
President Donald Trump on Friday signed into law the Internet of Things Cybersecurity Improvement Act of 2020, the first U.S. federal law addressing IoT security. The act requires federal agencies to only procure devices that meet minimum cybersecurity standards.
A critical component within millions of consumer and enterprise IoT devices has dangerous software flaws. New research from Forescout Technologies into open-source TCP-IP stacks shows millions of devices from 150 vendors are likely vulnerable.