Security News

As Ukrainian organizations are getting hit with yet another data-wiping malware, financially motivated threat actors are choosing sides and some of them are expressing their willingness to target Russian targets. A report released on Monday by Accenture revealed that a rift along ideological lines is happening on Russian-language criminal underground forums, with some threat actors sympathizing with the Ukrainian side.

Now, it is possible to look into the future and make contextual risk forecasts using cyber risk quantification. When data is collated and analyzed correctly, it can be used to provide a real-time risk score which is useful for improving the efficiency of security teams by helping them prioritize risk.

The potential financial, operational, and reputational impact of ransomware makes it the top threat facing financial services organizations, according to a report from F-Secure. While the report forecasts that ransomware will remain a predominant threat for at least the next 12 months, it also highlights defensive strategies that can help reduce the impact of ransomware attacks.

As much as threat mitigation is to a degree a specialist task involving cybersecurity experts, the day to day of threat mitigation often still comes down to systems administrators. In this article, we outline the difficulties implied by enterprise threat mitigation, and explain why automated, purpose-built mitigation tools are the way forward.

Digital supply chain risk a new security threat for 2022. Gartner has identified digital supply chain risk as a new security threat and one of its top seven security and risk management trends for 2022.

Google is buying pre-eminent threat intel firm Mandiant for $5.4bn, the two companies announced this morning. "Cyber security is a mission, and we believe it's one of the most important of our generation. Google Cloud shares our mission-driven culture to bring security to every organization," said Kevin Mandia, CEO of Mandiant in a canned statement.

The increased adoption of hybrid work models means security teams are increasingly challenged to keep users connected and networks secure. Securing devices is a growing challenge for organizations now unable to rely on connecting endpoints to campus networks for visibility and pushing updates.

Unpatched vulnerabilities refer to weaknesses that allow attackers to leverage a known security bug that has not been patched by running malicious code. A report found that unpatched vulnerabilities are the most consistent and primary ransomware attack vectors.

61% of survey participants indicate a gap exists in the perception of cybersecurity risk to their ICS facilities between OT/ICS cybersecurity front-line teams and other parts of the organization. Targeting ICS operations using ransomware is a goal of the adversary as targeting ICS operations can lead to higher and quicker payouts.

CrowdStrike is bringing its identity threat prevention technology to its managed detection and response service, giving enterprises a chance to blunt the growing threat of identity-based attacks that has accelerated during the COVID-19 pandemic. The cloud-based cybersecurity vendor on Wednesday unveiled Falcon Identity Threat Protection Complete, a fully managed service organizations can use to deploy automated protection and real-time detection of threats; obtain expert incident response after detection; and accelerate the time to respond to eliminate any danger.