ISMG caught up with 11 security executives in Las Vegas on Tuesday to discuss everything from open-source intelligence and Web3 security to training new security analysts and responding to directory attacks. Here's a look at some of the most interesting things we heard from industry leaders.
While Managed EDR can help in many endpoint scenarios, it’s important to be aware that going beyond the endpoint allows MDR and extended detection and response (XDR) to offer broader cybersecurity coverage.
Combining the back-end data analytics of Google Chronicle with Mandiant's ability to identify signals of abnormal behavior on the front-end is an unbeatable combination, John Watters says. Google agreed in March to purchase threat intelligence and incident response titan Mandiant for $5.4 billion.
Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 million user account profiles. The company was notified about this specific vulnerability in Twitter's systems through its bug bounty program in January.
As ransomware attacks continue to pummel organizations, Rapid7 Chief Scientist Raj Samani says victims must identify how the attacker broke in and if they've given themselves persistent ways to regain access. Otherwise, he says, "They'll hit you again and again."
Researchers from cybersecurity firm Mandiant say they've discovered a network of inauthentic news sites transmitting Chinese propaganda apparently all under the control of Shanghai Haixun Technology Co., a Chinese PR firm that advertises "positive energy packages."
How many organizations fall victim to a ransomware outbreak? How many victims pay a ransom? How many victims see stolen data get leaked? A new study from the EU's cybersecurity agency ENISA offers answers, but carries major caveats due to rampant underreporting of such attacks.
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
Here's unwelcome ransomware news: When a ransomware victim chooses to pay a ransom, the average amount has increased to $228,125, reports ransomware incident response firm Coveware. On the upside, however, big-name ransomware groups are having a tougher time attracting affiliates.
The report from Israeli publisher Globes that CrowdStrike plans to spend $2 billion buying one or more Israeli cybersecurity companies sent shockwaves through the industry. Here's a look at six security startups with a large presence in Israel that could be a good fit for CrowdStrike.
While reports of big health data compromises involving unencrypted computers have been sinking for years, the recent theft of an iPad from a locked storage room - along with the tablet's password - is a reminder that mobile device mishaps can lead to breaches affecting tens of thousands of patients.
Big, bad bugs - including the likes of Heartbleed, BlueKeep and Drupalgeddon - never seem to burn out. Instead, they just slowly fade away, despite the risk that attackers will successfully exploit them to steal data, seize control of systems or deploy ransomware.
Getting cybersecurity right means CISOs need peer relationships with other operations executives. CISOs need board access and a handle on the company business, writes Ian Keller, director of security at a telecom company. "And then you'll wake up and realize this is not as simple as it sounds."
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
The basic foundation of designing a reliable and dynamic cyber resilience program is to have an elaborate incident response plan that can take into account different cyberthreat scenarios and outcomes, says Singapore-based Christophe Barel, who is managing director for Asia-Pacific at FS-ISAC.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.