Data Security: How Data Activity Monitoring Protects Against Ransomware
Ransomware is an attack on your data. Can you say that your approach to preventing ransomware is focused on data? Organizations are becoming more aware of the chaos that ransomware can create — to the tune of $4.62 million...
Facing Tech Burnout? Here’s How Employers Can Help
Cybersecurity demands skill and experience. But it also calls for an engaged, motivated and energetic team. And that’s why tech burnout among staff is not only a mental health problem for the employees, it’s also a cybersecurity vulnerability for...
Your Liberal Arts Degree Gives You the Skills for a Cybersecurity Career
Many people don’t realize a liberal arts degree opens the doors for a wide range of careers. That includes careers in cybersecurity. And with the skills gap and the number of available jobs, there is clearly a demand out...
Nobelium Espionage Campaign Persists, Service Providers in Crosshairs
In an advisory released on October 24, Microsoft announced ongoing campaigns it has attributed to the Nobelium state-sponsored threat group. IBM X-Force tracks this group as Hive099. If the name sounds familiar, that’s because it is the same group...
A Journey in Organizational Resilience: Privacy
Privacy concerns may not be the first issue that comes to mind when building an enterprise cyber resilience plan. However, you should expect them to gain prominence. For perspective, consider for a moment that the NIST Privacy Framework is...
Cybersecurity First: Becoming GOAT
As we close off Cybersecurity Awareness Month, let us examine how we can become the cyber GOAT: ‘greatest of all time’. Sure, there will be plenty this week on cybersecurity training, making security a priority, more investments into products...
How the 2011 DigiNotar Attacks Changed Cybersecurity for the Next Decade
The DigiNotar attack in 2011 set itself apart because it was an attack on the cybersecurity industry itself. Most attacks are on a single company. But this one shook trust in cybersecurity tools and how users decide whom to...
Cybersecurity Training: Why You Should Train Employees on Social Media Discretion
A few years ago, I was invited on a behind-the-scenes tour of the security operations of a well-known Las Vegas casino. Before we could enter, however, we had to turn off our phones and put them away. No pictures,...
Database Security Best Practices: The Essential Guide
In 2021, an F-35 fighter jet is more likely to be taken out by a cyberattack than a missile. In the digital age, the threat of an attack is everywhere and constantly growing. If your company or agency fails...
Non-Traditional Cybersecurity Career Paths: Entering the Industry
There are lots of ways organizations can work to address the cybersecurity skills gap. Working with young people, providing skilling for students and implementing zero trust helps. So does amplifying gender diversity and promoting respect in the workplace. Organizations...
Detections That Can Help You Identify Ransomware
One of the benefits of being part of a global research-driven incident response firm like X-Force Incidence Response (IR) is that the team has the ability to take a step back and analyze incidents, identifying trends and commonalities that...
What Is Proactive Cybersecurity?
Most organizations take what you might call an active approach to cybersecurity, They’re prepared to do certain things once an attack happens. Or, they take a reactive approach, taking action after an attack is completed. A proactive cybersecurity strategy...
Exploring the Costs, Risks and Causes of a Government Data Breach
In nearly every part of the world, people associate the word ‘government’ with order. Government services bring societal order, economic stability and security at all levels. However, the past decade of data breaches has challenged this. Federal and local...
Passwordless Authentication Is Here: What Do You Need to Know?
Passwords are becoming a dying breed. In a recent article from Microsoft, they announced that they are putting aside their decades-old practice of forcing users to sign in with a password to use the business and personal applications suite...
A Journey in Organizational Resilience: Training and Testing
We are far from a breach-free world. After all, even cybercriminals have shown their own form of resilience. For example, after a short hiatus, the ransomware group REvil came back in September 2021. Until the day we can leave...
China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks
FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
150 People Arrested in US-Europe Darknet Drug Probe
Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday.
read more
Free Tool Helps Security Teams Measure Their API Attack Surface
Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.
SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike
Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.
North Korea's Lazarus Group Turns to Supply Chain Attacks
State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.
