Security News

AWS Kill Switch is an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident. "I recently left my role as Sr. Director, Security Engineering at Robinhood and have been using my free time to sharpen my skills as an individual contributor and contribute to open source. I find it stimulating and a great way to build stronger ties with the security community," Jeffrey Lyon, the creator of AWS Kill Switch, told Help Net Security.

Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security...

In this Help Net Security video, Steve Winterfeld, Advisory CISO at Akamai, discusses the recent surge of ransomware attacks in the U.S. and how it relates to microsegmentation. Recovery after a security breach happens 11 hours faster with segmentation.

Research points to generative AI as a means to resolve the incident management paradox with 84.5% who either believe AI can significantly streamline their incident management processes and improve overall efficiency or are excited about the opportunities AI presents for automating certain aspects of incident management. "Traditional, rule-based automation tools are no longer sufficient for the demands of modern operations teams. Despite robust incident management processes within numerous organizations, the relentless surge in service incidents - with its consequential impact on customers and financial ramifications - mandates a transformative approach. The path forward lies in harnessing innovative solutions like generative AI, augmented by automation and guided by human judgment, to not only expedite incident resolution but also proactively detect and preempt potential issues before they escalate."

Asia in brief Australia's National Cyber Security Coordinator has described an attack on logistics company DP World as a "Nationally significant cyber incident."Cloud Software Group, parent company of Citrix, has become the latest tech player to exit China.

The policy's purpose is to define for employees, IT department staff and users the process to be followed when experiencing a suspected IT-security incident. Receiving strange unprompted messages, error windows or pop-up alerts.

1Password, a popular password management platform used by over 100,000 businesses, suffered a security breach after hackers gained access to its Okta ID management tenant. "We detected suspicious activity on our Okta instance related to their Support System incident. After a thorough investigation, we concluded that no 1Password user data was accessed," reads a very brief security incident notification from 1Password CTO Pedro Canahuati.

Information systems of state courts across Kansas are still offline after they've been disrupted in what the Kansas judicial branch described last Thursday as a "Security incident." Multiple systems crucial to daily court operations across the state have been impacted, including the Kansas Courts' eFiling system used by attorneys to submit case documents, the electronic payments system, and the case management systems employed by district and appellate courts for case processing.

Kwik Trip has been impacted by a wide range of mysterious business disruptions since this weekend that are indicative of a ransomware attack. Kwik Trip is a US chain of over 800 convenience stores and gas stations in Michigan, Minnesota, and Wisconsin, also operating under the name Kwik Star in Illinois, Iowa, and South Dakota.

"Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents," said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.