SC Magazine

The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise. “Several...

President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical...

NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks. @mjb CreativeCommons (Credit: CC BY-NC-ND 2.0) The National Security Agency is recommending that security teams use designated DNS resolvers to lockdown DNS...

Vade Secure analyzed 26.2 million remote images in November 2020 while blocking 262 million emails containing malicious, remotely hosted images. (Sean Gallup/Getty Images) A new report suggests that 2020 saw an increase in phishing emails that relied on remotely-hosted images...

Intel unveiled new anti-ransomware capabilities for its 11th generation Core vPro processors, requiring little from security chiefs to reap the rewards.   The new processors, which Intel announced during the CES conference earlier this week, provide two additional boosts for existing security products: access to processor-level data to determine ransomware attacks in progress, and the use of...

A conversation with Sheldon Cuffie, enterprise CISO of American Family Insurance. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Cybersecurity Collaborative is a membership community for cybersecurity leaders to work...

New York City Criminal Court Judge Paul McDonnell works remotely from his Brooklyn apartment due to the coronavirus outbreak on April 09, 2020 in New York City. Work from home policies have prompted a widespread shift of IT infrastructure...

A conversation with Todd Fitzgerald, chairman of the executive committee of Cybersecurity Collaborative. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Cybersecurity Collaborative is a membership community for cybersecurity leaders to work together in...

The need for the Third-Party Risk Task Force has been amplified by recent attacks that infiltrated corporate and government networks by way of the SolarWinds Orion business software. (Stephen Foskett/CC BY-NC-SA 2.0) Recent supply chain attacks prompted cybersecurity professionals, under...

Insured losses from the SolarWinds breach will likely come in around $90 million, according to estimates from a pair of security companies, who claim insurers may have dodged “a catastrophic financial incident.” While newly minted partners BitSight and Kovrr expect...

Attendees listen as the Startup Battlefield Competition takes place at Disrupt Berlin 2019. In the venture world, cybersecurity dealmaking remained resilient in 2020, despite the pandemic and a turbulent economic environment.(Noam Galai/Getty Images for TechCrunch) Most industries saw a significant...

The Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday said it discovered several recent successful cyberattacks against the cloud services of multiple organizations, offering guidance on how security teams can bolster associated security.    CISA said in its report that...

An Apple store in London. The company earned some criticism among researchers for software in the beta version of its operating system that allowed its own products to circumvent socket firewalls and virtual private networks. (Jon Rawlinson/CC BY 2.0) The...

Google’s Project Zero on Tuesday introduced a six-part series that offers an analysis of four zero-day vulnerabilities on Windows and Chrome, and known-day Android exploits it found during the team’s extensive research last year. In a blog post the team...

The secure identity and access management market continues to hum along, as JumpCloud closed its Series E funding round with $100 million, including an additional $25 million since November from investors BlackRock, H.I.G., Growth Partners, OurCrowd and others. Coronavirus led...