Multiple nation-state hacking groups have been exploiting known flaws in Zoho ManageEngine software and Fortinet firewalls to steal data, cybersecurity officials warn. A new alert details exploits of each vulnerability by separate groups that targeted the same aeronautical firm.
Welcome to the report summarizing the survey conducted in spring/summer 2023. It attracted 214
responses from senior cybersecurity professionals in the NA,
APAC, UKI and EU regions.
The goals for this study were to identify:
The top organizational challenges in securing non-SSO
Financially motivated hackers developed custom malware to exploit a likely zero-day flaw in popular vacation resort management software, say security researchers. Hackers target the hospitality industry with regularity, given the massive amounts of personal and payment data inside the sector.
In the latest weekly update, Jeremy Grant of Venable joins three ISMG editors to discuss why the U.S. government is taking a back seat on digital identity issues, the risks of artificial intelligence, and takeaways from the U.S. Cyber Safety Review Board's recent report on cybercrime group Lapsus$.
The shift from traditional malware-led attacks to identity-based attacks in the realm of cybersecurity has become more prominent than ever. Attackers continuously adapt their tactics, seek the path of least resistance and focus on exploiting vulnerabilities in identity-related weaknesses.
In today's evolving digital landscape, application security is crucial. That’s why it is increasingly important to normalize the use of two-factor authentication in the developer community to the point that it is "effectively ubiquitous," said John Swanson, director of security strategy at GitHub.
Government agencies are recognizing that the seven pillars of zero trust, as outlined by U.S. federal agencies such as CISA and the DOD, should be strategically applied across various elements, including data and identity management, said Manuel Acosta, senior director and security analyst, Gartner.
In the ever-evolving landscape of cybersecurity, zero authority is giving defenders a new perspective on security and business enablement, said Jake Seid, general partner at Ballistic Ventures. "Zero authority is an architectural change that affects every area of security," he said.
England's Norfolk and Suffolk constabularies report that they accidentally exposed information on victims and witnesses in response to freedom of information requests just one week after police in Northern Ireland accidentally exposed information on all police officers and staff via an FOI request.
Welcome to the webinar summarizing the survey: Critical Gaps in
Securing Identities. This survey was conducted in Q1 and 2 of 2023, and attracted more than 200
responses from senior cybersecurity professionals.
More than just survey results, this OnDemand webinar offers:
The top organizational challenges in...
An activist investor urged identity verification and e-signature provider OneSpan to cut costs, return more money to shareholders and find a buyer for the company. "We strongly believe there are numerous strategic and financial parties interested in acquiring OneSpan," Legion Partners said Monday.
93% of financial services report that their organization has faced a breach in the last 2 years.
It is essential for banks and financial firms to maintain customer trust by protecting their sensitive data through a robust identity security program. However, organizations can build their program with cost savings...
With the growing threat of cybersecurity attacks, hospitals and healthcare organizations must increase their security measures to protect patient information. However, manually managing healthcare identity-related tasks can be very costly.
In this eBook, you will learn why leading healthcare organizations are...
OpenText acquired several cyber companies in recent years to protect sensitive information and data everywhere from consumer to large enterprise environments, said EVP Prentiss Donohue. The Micro Focus buy shored up OpenText's offerings around application and data security and identity management.
Adding former CIA Director Gen. David Petraeus to Semperis' strategic advisory board has given the identity vendor knowledge and insights into global threat activity, said CEO Mickey Bresman. Petraeus complements the firm's incident response arm company with perspectives on global threats.