Cybereason, Rapid7 and Microsoft announced acquisitions this week designed to boost their security capabilities. Meanwhile, DevOps security firm Sysdig made a move to add infrastructure-as-code security to its portfolio.
The Biden administration formally accused China's Ministry of State Security of conducting a series of attacks against vulnerable Microsoft Exchange servers earlier this year that affected thousands of organizations. This group is also accused of carrying out ransomware and other cyber operations.
A leak of 50,000 telephone numbers and email addresses led to the "Pegasus Project," a global media consortium's research effort that discovered how Pegasus spyware developed by NSO Group is being used in the wild.
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
As cloud threats continue to rise, understanding an adversary's tactics, techniques and procedures (TTPs) is critical to strengthening cloud security. How can you pull together a unified and simple approach to speed up detection and response for your SOC team?
In this session, we will:
Dive into a comprehensive...
Extended detection and response, or XDR, can play an important role in improving the detection of ransomware and supply chain attacks, says Peter Firstbrook of Gartner.
Intelligence-Driven Threat Detection is Critical to Risk Mitigation and Management
Many organizations have invested in improving their threat detection capabilities over the past two years and express increased confidence in their ability to stop threats that have penetrated the network perimeter. However, these...
Exploits are getting more automated as attackers leverage tools to simultaneously assail related vulnerabilities in a vast range of targets. As a result, it’s time to consider augmenting legacy approaches to threat detection. SOCs not only need the appropriate tools; they also need a standard way to communicate and...
The IT threat landscape is in flux. Learn how Artificial Intelligence for IT Operations (AIOps) monitors data and manage incident response, so IT and security operations can collaborate to efficiently and effectively secure corporate data assets and prevent threats and breaches.
The NSA, the FBI and other U.S. government agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Office 365 and other cloud-based services.
In a multinational effort led by the Dutch National Police, authorities seized servers and web domains used by DoubleVPN, a Russia-based company that allegedly provided a safe operating infrastructure for cybercriminals, according to Europol.
Deputy national security adviser Anne Neuberger says the White House is preparing to release additional details, including attribution, about the attacks that targeted vulnerable on-premises Microsoft Exchange email servers at government agencies and other organizations earlier this year.
The following survey was conducted to determine how respondents were approaching and thinking about AI defenses in the face of increasingly sophisticated attacks. Questions were asked to determine today’s level of security maturity and security professionals’ perceptions of the most prevalent threats.
Download...
DevOps-driven adoption of new
technologies and processes
may mean security is an afterthought
and can expose new
gaps in security coverage and
risk management.
Download this whitepaper which provides an overview of what DevSecOps is and how organizations can adopt its
practices in conjunction with technologies...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
