A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
U.S. public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. This led to a spike in school cancellations, as IT staff members struggled to get systems back online while dealing with the COVID-19 pandemic, reports the K-12 Cybersecurity Resource Center.
To accelerate innovation and protect digital and cloud investments, organizations need to prioritize modern infrastructure monitoring and application performance monitoring (APM) solutions that are built in and for the cloud. spWith the right APM solution, organizations can resolve issues faster, increase productivity...
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
To mitigate the risks posed by supply chain attacks, organizations can take several steps, including implementing threat modelling, continuous monitoring and improved software testing, a panel of experts advises.
Just days after Microsoft disclosed four serious flaws in Microsoft Exchange email servers, attackers are going on a wide hunt for vulnerable machines, some security experts say. The flaws could be exploited for creating backdoors for email accounts or installing ransomware and cryptominers.
Monitoring the performance and availability of applications has never been more important.
Today’s DevOps teams are responsible for ensuring high-quality, always-on digital experiences while reliably supporting increasingly frequent - often daily - code pushes.
No one understands this better than Splunk, which...
This edition of the ISMG Security Report features an analysis of key takeaways from the breaches tied to flaws in the Accellion File Transfer appliance. Also featured: Equifax CISO Jamil Farshchi on transforming supply chain security, plus an analysis of how "work from anywhere" is affecting cybersecurity.
While the Capital One breach may have been
jawdropping in its sheer scale, there are best
practice lessons to be learned in its remediation
What was overlooked in the Capital One
data breach, and why it could have been
How to monitor for security events in a
As companies embrace the opportunities presented by cloud and mobile computing to connect with clients and optimize operations, they take on new risks. One of the biggest challenges in digital transformation is ensuring security, privacy, and compliance. With organizations increasingly putting emphasis on a smooth...
Microsoft issued emergency software patches on Tuesday for four zero-day vulnerabilities in its Exchange email server. The alarming vulnerabilities could allow a remote attacker into Exchange and possibly enable further lateral movement.
A pair of U.S. House committees held their first public hearings into the SolarWinds attack, with lawmakers and witnesses offering support for expanding federal cybersecurity laws to address the security failures. This includes a larger role for CISA to conduct threat hunting.
The Python Software Foundation is issuing updates for Python 3.9.2 and 3.8.8 to address critical security vulnerabilities, including a remote code execution vulnerability that can be exploited to shut down systems.