Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.
The Hive ransomware website has been seized as part of an operation that involved law enforcement in 10 countries.
Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.
How threat intelligence is critical when justifying budget for GRC personnel, and for threat intelligence, incident response, security operations and CISO buyers.
Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the password dependency cycle. But how can this be done?
Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make for successful board members.
A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.
The SecurityWeek editorial team huddled over the holidays to look back at the stories that shaped 2022 and, more importantly, to stare into a shiny crystal ball to find the cybersecurity narratives that will dominate this year’s headlines.
As network defenders adopt Attack Surface Management tools to continuously monitor for signs of weaknesses, this event will share best practices and actionable information to reduce risk from exposed attack surfaces.
This event will separate hype from reality. SecurityWeek’s Ransomware Resilience and Recovery Summit will help cybersecurity teams to plan, prepare, and recover from ransomware incidents that continue to impose major costs businesses.
The surge in software supply chain attacks has sent defenders scrambling to find mitigations and solutions. This event will address the complex nature of the problem, best practices for mitigating security issues, and tools and frameworks available.
Zero Trust is more than a marketing buzzword. In this event, security experts will decipher the confusing world of Zero Trust, and share war stories on securing organizations by eliminating implicit trust and continuously validating every stage of digital interaction.
-
Microsoft is urging customers to install the latest Exchange Server updates and harden their environments to prevent malicious attacks.
-
Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.
-
VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.
-
Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.
-
The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.
-
CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.
-
Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.
-
The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.
