Several security vulnerabilities in infusion pump products from B. Braun could collectively allow malicious actors to modify the dose of medicines delivered to patients, says Douglas McKee, a security researcher on a McAfee Enterprise team that recently discovered the flaws.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
Many organizations are relying on Managed Detection & Response (MDR) providers to make sure they’re able to respond to threats like ransomware as they emerge, without hiring any headcount.
With an expected shortage of 2.5 million cybersecurity professionals it’s become critical to dedicate resources to better...
Download this guide which highlights 10 tactical prescriptions when evaluating Managed Detection and Response (MDR) vendors for what a provider should be able to offer your business, and Rapid7's approach to each.
Access the guide to start comparing
Although both SIEM and open XDR share some characteristics, their design philosophy and core capabilities make them different. So which tool do you need for your organization?
Find out how SIEM and open XDR are best suited for different situations. In this comparison guide, we...
With employees working remotely and accessing resources and services across public, private, and hybrid clouds through several devices and networks, the attack surface for malicious actors continues to grow.
SOC teams can harden their security posture by combining security and IT operations solutions to defend...
The average SOC operates dozens of tools, 19 of which are used in threat detection, investigation, and response (TDIR). With the threat landscape constantly evolving, your team needs to be several steps ahead of malicious actors who are using sophisticated ways to attack your organization.
How do you accomplish...
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
SEC Consult reportedly found multiple vulnerabilities in Moxa devices used in critical infrastructures including railways, manufacturing, cellular and heavy industries. Moxa has confirmed patching 60 vulnerabilities in its latest firmware update and issued mitigation advice for discontinued devices.
Cisco has released an urgent software update to fix a critical authentication bug that can allow an unauthenticated, remote attacker to bypass authentication and log in to an affected device as an administrator.
Cyber Command and the U.S. Cybersecurity and Infrastructure Security Agency issued alerts Friday warning those using Atlassian's Confluence and Data Center products that attackers are actively exploiting the critical remote code execution vulnerability CVE-2021-26084.
Autodesk, a California-based design software and 3D technology firm, now says it was one of several tech and security companies targeted by a Russian-linked group that carried out the supply chain attack against SolarWinds, according to a financial filing with the SEC.
Security firm Cisco Talos reported this week that cybercriminals have found a new way to make money from their victims, by abusing internet-sharing "proxyware" platforms such as Honeygain and Nanowire to illegally share their victim’s internet connection.
When Conrad Bell joined C Spire, the cybersecurity team numbered one - him. Today he has a thriving team. The VP and CISO explains how he built it, describes the skills he values and tells how this team is helping the telecommunications firm respond to today's daunting cybersecurity challenges.