The evidence is in the news: Threat actors are taking constant advantage of weakly secured applications. Dan Shugrue of Digital.ai discusses how to secure applications from the start by creating a new blueprint for developing secure software.
The company ePlus has purchased Future Com to strengthen its security operations strategy and support of managed services. The deal will allow ePlus to help customers evolve their security operations teams from correlating and analyzing logs to delivering advanced capabilities like threat hunting.
A new assessment framework aims to help patients, healthcare providers and others examine the various privacy, security and other risks of digital health technologies, says Tim Andrews of the nonprofit Organization for the Review of Care and Health Applications, which co-developed the framework.
Bishop Fox has closed a $75 million funding round to strengthen its visibility and continuous testing capabilities across all service offerings. The company will go from having just its attack surface testing on the Cosmos platform to all service offerings, including app pen testing and red teaming.
Trellix recently released its Path to Cyber Readiness report. Briana Farro of Trellix discusses key findings about Preparation, Perception and Partnerships, as well as the expanding role of EDR and XDR to help organizations improve readiness.
Ransomware attacks and data breaches: One thing both have in common is the challenge of attempting to accurately understand their true scale and impact. Too often, data breach notifications lack useful details, while ransomware attacks and ransom payments go unreported.
The latest edition of the ISMG Security Report analyzes why the number of ransomware attacks and the amounts being paid in ransoms are both on the rise. It also discusses today's cyberthreat landscape and whether organizations should rely on user training to improve security.
Rui Ribeiro, the founder and CEO of Jscrambler, a company that monitors and obfuscates JavaScript code, discusses the proliferation of web applications that use third-party code, the liability risks that often exist, and how Jscramber's products can increase the security of all application code.
Thieves behind a phishing campaign targeting investors into a cryptocurrency exchange got away with at least $8 million. The attack took advantage of human credibility, not a cybersecurity exploit in the Uniswap protocol, experts say. The stolen funds are being laundered in a cryptocurrency mixer.
The role of cyberattacks in Russia's war against Ukraine continues to evolve as the conflict persists, but one notable takeaway so far is the precision of the military's online attacks, which is likely an attempt to avoid spillover that would anger NATO, says Ian Thornton-Trump, CISO of Cyjax.
While 52% of organizations in a SANS survey reported having high confidence in their visibility of north-south traffic, only 17% said the same about knowing what's happening within their networks.
Recorded Future has purchased malware analysis startup Hatching to give its clients better visibility into active campaigns in the wild. Data gathered by Hatching's malware sandboxing tool will benefit both companies, providing clients with a view of malware trends, targets and sources.
Please don't pay ransoms, authorities continue to urge. Britain's lead cyber agency and privacy watchdog are now making that appeal directly to legal advisers, warning them that paying a ransom offers no data protection upsides and won't lessen any fine they might face.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.