Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Security problems at enterprise software provider Zoho multiply with confirmation of a new critical authentication bypass vulnerability -- the third in four months -- being exploited in the wild. [Read More]
An electric utility in Colorado has disclosed an apparent ransomware attack that resulted in 90% of its internal IT functions getting disrupted and the loss of data from the last 20 years. [Read More]
Researchers flag hundreds of security flaws in routers from Asus, AVM, D-Link, Edimax, Linksys, Netgear, Synology and TP Link. [Read More]
USB drives serve as a physical medium for transmitting data to and from air-gapped systems. [Read More]
Citing evidence of active exploitation against five specific vulnerabilities, the U.S. cybersecurity agency warned that further delays in applying fixes “pose significant risk to the federal enterprise. [Read More]
The surge in venture capital investments in the attack surface management space continues with Israeli risk management firm CyCognito announcing a new $100 million funding round. [Read More]
Soveren is building technology for businesses to detect and resolve privacy incidents and stay compliant with GDPR and other regulations. [Read More]
Cryptocurrency trading powerhouse Coinbase has announced plans to acquire Unbound Security, an Israeli startup providing protection for cryptographic keys and credentials. [Read More]
Security experts warn that the 'Sabbath' ransomware group is targeting organizations in education, health and natural resources in both the United States and Canada. [Read More]
Axiado raises $25 million to build a new class of security processors that provide platform root-of-trust for large enterprise customers. [Read More]

FEATURES, INSIGHTS // Malware

rss icon

Derek Manky's picture
Botnets are becoming more malicious, sometimes able to create hundreds of thousands of drones that can attack a variety of machines, including Mac systems, Linux, Windows systems, edge devices, IoT devices, and so on.
Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Derek Manky's picture
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
Tim Bandos's picture
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
Derek Manky's picture
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Joshua Goldfarb's picture
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Torsten George's picture
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
John Maddison's picture
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.