Microsoft says vulnerabilities in outdated web servers are likely responsible for a cyberattack last month against Indian energy giant Tata Power. Attackers targeted Boa servers, which were discontinued in 2005, to potentially compromise Tata and other critical infrastructure organizations around the world.
China again accused the United States of cyberespionage as it seeks to reframe the global narrative on hacking. China's status as the world's worst cyber thief "annoys them tremendously," says Jim Lewis of CSIS. Beijing says it caught the NSA hacking into Northwestern Polytechnical University.
Chinese intelligence is conducting cyberespionage campaigns targeting corporations involved with energy extraction in the South China Sea, researchers say. Proofpoint and PwC conclude with moderate confidence the campaign is the work of the threat actor known as TA423 or Red Ladon.
This edition of the ISMG Security Report analyzes the latest ransomware trends from the European Union Agency for Cybersecurity, findings from the first-ever Cyber Safety Review Board on the Log4j incident, and how security and privacy leaders are harmonizing new U.S. privacy laws.
Thales plans to enter the customer identity and access management market through its purchase of an emerging European CIAM player. The French firm plans to capitalize on OneWelcome's strong product by extending its footprint beyond Europe and into North America and Asia-Pacific.
Indian hyperlocal logistics provider Grab says it wasn't hacked by a Malaysian hacktivist group. DragonForce Malaysia posted last Saturday on Twitter and Telegram the purported details of Grab delivery personnel. The group is amid an active campaign dubbed OpsPatuk against Indian targets.
Applying cloud access security broker’s three functionalities - API-level integration with managed device transfer for visibility, in-line CASB for proxy and other devices, and its control over cloud and other access points - helps provide better control and the ability to protect and secure user access, says Thomas...
Over 500 cyber security professionals reveal key incident response challenges and how they’re rethinking preparedness, detection and response programs.
Download this whitepaper - takeaways include:
Over 55% of organizations want to improve time to containment and incident response automation but more than 45%...
CISOs need to be open to ideas and suggestions from their peers and other functions and exhibit thought leadership to establish collective defense thinking in fighting threats, says Steven Sim Kok Leong, president of ISACA, Singapore chapter and chair of OT-ISAC Executive Committee.
Amid a surge in new international data privacy laws and regulations, it is becoming increasingly challenging for organizations to stay compliant. The first step: data classification. In this webinar, a panel of experts will explain how integrating data classification with necessary data protection tools such as DLP,...
Nearly three weeks ago, Iran's state railway company was hit with a cyberattack that was disruptive and - somewhat unusually - also playful. Security firm SentinelOne says analyzing the wiper malware involved offers tantalizing clues about the attackers' skills, but no clear attribution.
Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.
As organizations prepare a plan for migrating to the Secure Access Service Edge, or SASE, model, they need to carefully assess the need for reorganization of the networking and security departments, says Nat Smith, senior director, security analyst at Gartner, which coined the SASE term.
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
The Hong Kong Monetary Authority's Cybersecurity Fortification Initiative 2.0, an updated version of a framework designed to strengthen cyber resilience in the banking and financial sector, will officially roll out in January and be implemented over the following two years.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.