Remote management software company Kaseya said Monday that it obtained a universal decryptor key without paying a ransom to the REvil - aka Sodinokibi - gang that hit the firm with a ransomware attack. But it still has not revealed how it obtained the key, other than to say it was supplied by a third party.
NIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which the private sector can also follow.
Australia's data regulator has found that Uber interfered with the privacy of 1.2 million of its customers as a result of a 2016 global data breach. Uber says it's made improvements to its systems and its internal security policies.
Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. In addition, fewer victims are paying a ransom simply for a promise from attackers to delete stolen data.
Not much time has passed since the last supply chain cyber attacks: SolarWinds, Accellion, Codecov, and now Kaseya. Do you think this will be the last one? We don’t. While you’re probably wondering what can be done to predict or prevent an incident like this in the future, we think the better question is: what can...
With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.
The Department of Health and Human Services is seeking comments on how it can improve its security risk assessment tool, which is designed to help smaller organizations conduct assessments as required under HIPAA. Some critics have said the tool is too difficult to use.
A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.
U.S. Customs and Border Protection has not always protected its Mobile Passport Control applications, making travelers' personally identifiable information vulnerable to exploitation, according to a new report from the Department of Homeland Security's Office of the Inspector General.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.
A short-lived outage at the content delivery network supplier Akamai on Thursday which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems. That means they should avoid relying on just one CDN provider, security experts say.
In the world of operational technology (OT), one small change or networking issue can have a significant effect on production, automation systems and even safety. Staying on top of what’s happening in the control network is mission critical – but one can’t monitor and manage what you can’t see.
Secure Access Service Edge – SASE – was identified by Gartner nearly two years ago, and it's become 2021's dominant cybersecurity buzzword. Luke Hebditch of Cisco demystifies the architecture, describes what is it and is not, and discusses the business benefits possible from the SASE approach.
In this eBook...
You want to keep your company safe. And you want to keep your customers happy. And you want to make sure you’re totally compliant with any regulations you need to meet.
Whether you're searching for an online identity verification service for the first time, or switching providers, there's a lot to consider before...
Remote management software vendor Kaseya has obtained a decryption tool for all organizations affected by the massive ransomware attack launched via its software. The tool should especially help the many small businesses still struggling to recover. Kaseya declined to comment on how it obtained the decryptor.