Watch out for APT and state-sponsored hackers using the Log4Shell vulnerability to gain unauthorized entry into unpatched VMware Horizon Systems and Unified Access Gateway servers, says a joint advisory from CISA and the U.S. Coast Guard Cyber Command.
To excel at cybersecurity incident response, start with planning, preparation and, ideally, regular tabletop exercises, say Kevin Li, CISO for MUFG Securities Americas, and Rocco Grillo, managing director of Alvarez & Marsal's Disputes and Investigations Global Cyber Risk Services practice.
Mark Read, head of data breach solutions for TransUnion in the UK, shares insights on the current data breach landscape, including how businesses should respond to a data breach in order to reduce its impact. "The most successful responses often include the offer of a remediation solution," he says.
Four proposed federal class action lawsuits filed in recent days against MCG Health LLC in the wake of a recently disclosed 2020 hacking incident affecting up to 1.1 million individuals allege negligence and violations of various laws by the clinical guidelines vendor.
A report from the company behind the world's most ubiquitous operating system depicts active cyber scrimmage between Russia and Ukraine and Russia and a slew of other countries. Fighting it is the work of private-public collaboration, Microsoft President Brad Smith writes.
Ping Identity is making a $50 million bet it can integrate cutting-edge technology into its own stack through a new in-house corporate venture fund to support identity and access management technology startups. "We want to have a nice overall corporate strategy portfolio," says Ping's Anton Papp.
Modern applications and architectures are permeating more deeply into organizations to transform back-office functions as well as those that directly affect the customer experience, according to Kara Sprague, F5's executive vice president and general manager of application delivery.
The need to secure cloud workloads and environments isn't new, but a surge of funding and attention has come to the sector over the past year. One of the most acclaimed cloud security startups has been Wiz, which in October raised $250 million on a $6 billion valuation.
How will privacy and compliance requirements and the approach to them change as the world moves towards the metaverse? Virag Thakkar, information security officer, APAC, at Allianz Partners shares his views and discusses how security and privacy requirements have evolved.
Ransomware has changed the risk landscape for suppliers and is forcing companies to reconsider their risk relationships, says Kelly White, co-founder and CEO of RiskRecon. He discusses the correlation between cyber hygiene, ransomware and data loss.
A popular line of portable electrocardiographs contains vulnerabilities that allow hackers to execute commands and access sensitive information, federal authorities warn. Device manufacturer Hillrom Medical has released a patch and coordinated disclosure with CISA.
The latest edition of the ISMG Security Report investigates the reboot of ransomware group Conti, which supports Russia's invasion of Ukraine. It also discusses why paying ransomware actors is a "business decision" and how to respond to the talent shortage in the financial sector.
A massive Cloudflare outage that left many of the world's most popular websites inaccessible for 75 minutes was caused by a network configuration change gone awry. The change was meant to increase resilience in 19 of Cloudflare's busiest data centers that handle much of the global traffic.
EDR, MEDR, MDR, XDR - How does one begin to make sense of this alphabet soup that attempts to spell "detection and response?" Nirav Shah of Cisco discusses the merits of each of these options, as well as how one can start to make the decision on which is right for one's own organization.
"Credential phishing is off the charts," says Tonia Dudley of Cofense. She discusses the challenge for organizations to strike a balance between having the right controls in place to block malicious emails and stopping the business from receiving legitimate emails.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.