Manufacturing is a huge industry with massive amounts of critical data and IoT surfaces, and it is also a lucrative target for cybercriminals. CyberEdBoard member Shankar Karthikason discusses how to secure your OT environment and build an effective cybersecurity program.
If software has a dangerous security flaw, should its maker tell customers to shut it down until it’s fixed? It's a tough call, but Dutch company Hoppenbrouwers says the software vendor Kaseya should have done so last year to prevent a massive supply chain attack by the REvil ransomware gang.
Police in Nigeria this week arrested a 37-year-old man who's been charged with masterminding "a criminal syndicate tied to massive business email compromise and phishing campaigns," Interpol says. But with known BEC losses last year exceeding $2.4 billion, will the arrest have a noticeable impact?
Ransomware gang Black Basta, which came to prominence in April, has claimed responsibility on its leak site for a ransomware attack on AGCO. An AGCO spokesperson confirmed to ISMG that employee data was exfiltrated during an attack but did not comment on Black Basta's claims of responsibility.
Broadcom has agreed to buy cloud and virtualization giant VMware for $61 billion, bringing together the $1.6 billion Symantec and $1 billion VMware security teams. Broadcom will incorporate its existing security offerings into the VMware portfolio and bring them to market under the VMware brand.
In this edition, Ari Redbord and Grant Schneider join ISMG editors to discuss the challenges ahead for the U.S. government as it plans to roll out EDR deployments at more than half of federal agencies this year, how stable the stablecoin economy really is and how to improve industry collaboration.
The tumultuous experience of Symantec under Broadcom's control presents a cautionary tale for CISOs currently using VMware's security technology. Symantec saw massive customer and employee attrition following deal close, and the company's technology doesn't fare as well in reviews by Gartner.
Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.
In the latest update, four ISMG editors discuss the alarming, bizarre case of a cardiologist in Venezuela charged with developing malware and recruiting affiliates, recent ransomware and data leak incidents in healthcare and how the economy is causing mature cybersecurity startups to slow hiring.
When Colonial Pipeline suffered an outage in May 2021 as a result of an attack by the DarkSide crime syndicate, numerous governments changed their approach to ransomware and began treating it as a national security threat, says Rapid7's Jen Ellis. She details what needs to happen next.
The Russian-language criminal syndicate behind the notorious Conti ransomware has retired that brand name, after having already launched multiple spinoffs to make future operations more difficult to track or disrupt, threat intelligence firm Advanced Intelligence reports.
Palo Alto Networks' product portfolio is paying dividends as customers look to reduce their vendor footprint, says CEO Nikesh Arora. He says despite pressures in the global economy, enterprises aren't currently stressing about their IT budgets.
Poor security configurations, weak controls and gaps in authentication protocols are among the common initial access vectors "routinely exploited" by threat actors, the Five Eyes cybersecurity alliance says. Firms offering cybersecurity services weigh in on the gaps and implementation challenges.
Criminals are doubling down on their use of information-stealing malware, such as Cryptobot, RedLine Stealer and QuilClipper, to steal private keys and siphon off cryptocurrency being stored in internet-connected hot wallets or to raid cryptocurrency holders' online exchange accounts.
EDR deployments will be underway at more than half of federal civilian agencies by the end of September, according to federal officials. CISA is currently in the process of deploying EDR across 26 federal civilian agencies and expects to have work underway at 53 agencies by Sept. 30, 2022.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.