Eight months after Microsoft issued a critical security update fixing a remote code execution flaw in Exchange Server, more than half of these mail servers in use remain vulnerable to exploits, according to the security firm Rapid7.
Among the most malicious and potentially dangerous cyber incidents affecting the healthcare, energy and other sectors are evolving "distruptionware" attacks - including ransomware - that aim to shut down businesses, says retired FBI agent Jason G. Weiss.
The latest edition of the ISMG Security Report analyzes cybersecurity firm McAfee's plans to again become a publicly traded company. Also featured: 'Zero trust' strategic insights and an IoT security flaw saga.
Death via a thousand paper cuts? The U.S. government hasn't been able to arrange a domestic court date for whistleblower Edward Snowden, but via the courts, it's successfully been awarded $5.2 million in his book royalties and revenue from speaking engagements.
U.S. President Donald Trump's positive COVID-19 test result may expose the country to increased nation-state mischief. And without a doubt, scammers, fraudsters and disinformation teams will attempt to exploit the news for their own goals.
In this year of accelerated transformation, many enterprises have adopted and adapted to software-defined networking. Daniel Schrader of Fortinet and Daniel Cooke of Vandis discuss how they have partnered to empower networking transformation.
As Universal Health Services continues to recover from an apparent ransomware incident last weekend that affected system access for hundreds of its facilities, security experts say others can learn important lessons from the company's experience.
Blackbaud, a provider of cloud-based marketing, fundraising and customer relationship management software, now acknowledges that a ransomware attack in May could have exposed much more PII - including banking details - than the company initially believed, according to an SEC filing.
Microsoft has issued additional instructions on how to better implement a patch to fix an elevation of privilege vulnerability called Zerologon in Windows Server that affects the Netlogon Remote Protocol. The update comes as Cisco Talos researchers report a spike in attempts to exploit the flaw.
Over the last year, nation-state hackers, including those with links to the Russian government, have shifted from targeting critical infrastructure to focusing on think tanks, human rights groups and nongovernment organizations in an attempt to influence public policy, according to Microsoft.
McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
French shipping firm CMA CGM Group is investigating what it calls a "malware" attack against its systems that has been causing disruptions. The firm is one of the largest container and shipping companies in the world.
A federal judge Sunday granted TikTok's request for a temporary injunction to block the Trump administration's order that would have banned the Chinese social media app from the U.S. The order came hours before the ban was scheduled to go into effect.
The Secure Access Service Edge - or SASE - model can help CISOs make incremental progress on enhancing security while designing a long-term strategy, says Siddharth Deshpande, director of security strategy for Asia-Pacific and Japan at Akamai Technologies.