Security News > 2021 > May > Week in review: QNAP NAS ransomware, threat modeling, the realities of working in cybersecurity

QNAP NAS devices under ransomware attackQNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility.

Q1 2021 ransomware trends: Most attacks involved threat to leak stolen dataThe vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal.

48 recommendations for a global fight against ransomwareThe Institute for Security and Technology's Ransomware Task Force has released a comprehensive strategic framework to help worldwide organizations fight against ransomware and will be delivering it to the U.S. President's team.

What is threat modeling and why should you care?While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems.

Penetration testing leaving organizations with too many blind spotsWhile organizations invest significantly and rely heavily on penetration testing for security, the widely used approach doesn't accurately measure their overall security posture or breach readiness - the top two stated goals among security and IT professionals.

Managing and maturing Kubernetes security in the enterpriseEven though Kubernetes adoption seems to be at an all-time high, security awareness for teams working on Kubernetes projects at their workplaces and running mission-critical workloads on Kubernetes is surprisingly low.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/GaOuY_Odqaw/