In an unprecedented action, the FBI is removing web shells from on-premises Microsoft Exchange servers at organizations in at least eight states that were infected in a wave of attacks earlier this year. Security experts offer an analysis of the bold move that the FBI took without notifying the organizations.
Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of LogDNA, a log management company, and he’s committed to the popular “shift left” movement. But he’s also got a keen eye on the broader cybersecurity marketplace and shares insights on its seismic changes.
Customers drive your business growth, but their trust in your brand depends on protecting them from fraud and cybercrime.
Studies have shown that customer churn rates are 3.9% higher for businesses that have suffered a customer data breach and 35% of consumers use false details when creating accounts - because they...
Citing national security concerns, the U.S. Commerce Department has placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from U.S. companies.
The U.S. electrical grid's distribution systems that deliver electricity directly to customers are increasingly prone to cyberthreats, and the Department of Energy needs to do more to protect this critical infrastructure, according to a GAO audit.
The mainframe is a prime target for cybercriminals, while also playing a central role in the daily operations of most of the world’s largest corporations, including banking, finance, healthcare, insurance, and many other types of enterprises.
The mainframe is often underprotected due in part to the longstanding...
The Microsoft Vulnerabilities Report compiles every Microsoft security bulletin from the past 12 months, analyzes the trends, and includes viewpoints from security experts. This provides a consolidated view and analysis of Microsoft patch Tuesdays, providing a crucial barometer of the threat landscape for the...
A critical authentication bypass vulnerability could enable hackers to remotely compromise programmable logic controllers made by industrial automation giant Rockwell Automation, according to the cybersecurity company Claroty. Rockwell has issued mitigation recommendations.
Ransomware continues to sting numerous organizations, and the problem only seems to be getting worse. More than ever, the onus is on potential victims to ensure they have essential defenses in place - and if possible, to proactively hunt for attackers who may already be inside their network.
The Senate Intelligence Committee's hearing about the supply chain attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions about what went wrong but also raised four key issues.
Following the hacking of a Florida water treatment plant, CISA is warning the operators of other plants to be on the lookout for hackers who exploit remote access software and outdated operating systems - and to take risk mitigation steps. The advice applies to other organizations as well, some security experts say.
Citing a lack of coordination and transparency, U.S. Sens. Mark Warner and Marco Rubio of the Intelligence Committee are urging the four federal agencies investigating the cyberattack that targeted SolarWinds and other organizations to designate a leader for their investigative efforts.
As the investigation into the hacking of a water treatment facility in Florida continues, cybersecurity experts say the incident points to the urgent need to enhance operational technology security. Here are five key questions the incident raises.
If you're like most organizations, you are highly dependent on third-party vendors to efficiently run your business. On the flip side, vendors present risks which can have serious legal, financial and business repercussions, making vendor risk assessments more essential than ever. But how do you effectively assess...