Security News

Alaska Court System Briefly Forced Offline Amid Cyber Threat
2021-05-03 19:07

The Alaska Court System has temporarily disconnected most of its operations from the internet after a cybersecurity threat on Saturday, including its website and removing the ability to look up court records. The threat blocked electronic court filings, disrupted online payments and prevented hearings from taking place by videoconference for several days, officials said.

Week in review: QNAP NAS ransomware, threat modeling, the realities of working in cybersecurity
2021-05-02 08:55

QNAP NAS devices under ransomware attackQNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility. Q1 2021 ransomware trends: Most attacks involved threat to leak stolen dataThe vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal.

Shedding light on the threat posed by shadow admins
2021-04-30 06:00

Shadow admins pose a threat to organizations because these accounts have privileged access to perform limited administrative functions on Active Directory objects. Threat actors seek shadow admin accounts because of their privilege and the stealthiness they can bestow upon attackers.

What is threat modeling and why should you care?
2021-04-30 05:00

While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems. In short, threat modeling answers questions as "Where am I most vulnerable to attacks?", "What are the key risks?", and "What should I do to reduce these risks?".

Threat Detection Firm Vectra Raises $130 Million at $1.2 Billion Valuation
2021-04-29 13:07

Threat detection and response solutions provider Vectra AI on Thursday announced that it has raised $130 million at a valuation of $1.2 billion, which makes the company the latest cybersecurity unicorn. The funding, which brings the total raised by the firm to $350 million, was led by Blackstone Growth, with participation from existing investors.

Q1 2021 ransomware trends: Most attacks involved threat to leak stolen data
2021-04-29 06:00

The vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal. The data may be published before a victim can respond to an extortion attempt, and the threat actors may not provide complete records of what was taken even if the victim pays up.

CISO Conversations: Raytheon and BAE Systems CISOs on Leadership, Future Threats
2021-04-28 15:14

Much of SecurityWeek's CISO Conversations series discusses how to be a leader. This begs a fundamental question: what makes a good leader - is a good leader born or bred? That's one of the questions we asked our two CISOs - Jennifer Watson of Raytheon Intelligence & Space and Mary Haigh of BAE Systems - for this issue of CISO Conversations dealing with the defense sector.

Navy SEALs to Shift From Counterterrorism to Global Threats
2021-04-28 13:13

Navy SEAL platoons are beefing up capabilities in cyber and electronic warfare and unmanned systems, honing their skills to collect intelligence. Ten years after they found and killed Osama bin Laden, U.S. Navy SEALs are undergoing a major transition to improve leadership and expand their commando capabilities to better battle threats from global powers like China and Russia.

Cloud security threats are growing – crucially, is your skills toolkit keeping pace?
2021-04-26 06:30

Whatever unit of measurement you use, it's clear that more and more enterprise computing is happening in the cloud - which also means the cloud is an ever-growing target for cyber attackers. SANS Institute has expanded its line-up of cloud-focused security courses, adding six freshly minted courses, with a seventh one currently in beta testing phase.

CrowdStrike Security Cloud integrates with NDR and NTA solutions to defend against any threats
2021-04-26 00:45

CrowdStrike announced a series of integrations with CrowdStrike Security Cloud that correlates the CrowdStrike Falcon platform's enriched endpoint and workload telemetry with network telemetry for greater end-to-end visibility and contextual insights to combat threats. These integrations with leaders in network detection and response and network threat analytics help mutual customers build a cohesive platform tailored to protect and defend against any threats across all enterprise software components, wherever those threats are encountered.