A massive automated ransomware campaign is targeting VMware ESXi hypervisors worldwide, warns CERT-FR, the French government's computer emergency readiness team that's part of the National Cybersecurity Agency of France. VMware is advising customers to patch affected servers and scan for malware.
Cisco plans to debut a common design language across its network and security offerings so that products such as Cisco Meraki and Umbrella will no longer look or feel different from one another, says Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco.
Varonis has dedicated most of its engineering resources to SaaS since the onset of COVID-19 to provide more automation to customers, says CEO Yaki Faitelson. The company has focused on delivering robust data protection to customers without them having to dedicate hardware or personnel to the task.
The cloud security landscape has long been fragmented, and different vendors attempt to separately address containers, serverless and vulnerabilities, says Wiz CEO Assaf Rappaport. Consolidating detection, vulnerability and misconfiguration data in a single place reduces the noise for clients.
According to the World Economic Forum, geopolitical instability has helped to close the perception gap between business and cyber leaders' views on the importance of cyber risk management, and "91% of all respondents" believe that "a far-reaching, catastrophic cyber event" is on the horizon.
A Scottish school system decided not to use facial recognition in its secondary school cafeterias after international outcry. The U.K. Information Commissioner's Office said Tuesday that the North Ayrshire Council failed to obtain freely given consent for the system.
Executives underestimated the security risk associated with operational technology based on the erroneous belief that OT networks are highly segmented or air gapped. But COVID-19 made executives realize their OT networks are more connected than they previously thought, says Dragos CEO Robert M. Lee.
While malicious wipers have stolen most of the headlines in the Russia-Ukraine cyberwar, investigators say Russians are now using modified GammaLoad and GammaSteel info stealer malware to spy on compromised government employee accounts and avoid detection. The attack begins with a phishing email.
Organizations have struggled to understand why APIs are so strategic even though they're an intrinsic way businesses interface with their software, according to Checkmarx CEO Emmanuel Benzaquen. He says API abuse is slated to become one of the most common types of web application data breaches.
Okta will execute the third-largest round of layoffs of any cybersecurity company in the current economic downturn, axing 300 workers following customer identity execution challenges. The identity giant plans to reduce its staff by 5% in a push to reduce operating expenses and improve profitability.
The FTC has for the first time enforced its almost 14-year-old health data breach notification rule. It hit a telehealth and prescription drug discount provider with a $1.5 million civil penalty for failing to inform consumers that it shares their data with advertisers and other third parties.
Radiant Logic has agreed to buy Brainwave to move from an attestation-based identity governance model to one that more rigorously ensures the appropriateness of credentials. Brainwave uses data and AI to tell customers where in the organization user identities are most likely to be out of sync.
Premiums for cyber insurance have climbed sharply along with global rates of ransomware. But signs of increased competition and capital inflows suggest the cyber insurance market may be softening, Marsh executive Sarah Stephens told a U.K. parliamentary committee.
U.S. federal authorities are establishing a new office to tackle supply chain security issues and help industry partners put federal guidance and policies into practice. Former GSA administrator Shon Lyublanovits says she is spearheading the launch of the new organization.