Now in its sixth year, the 2021 Open Source Security and Risk Analysis (OSSRA) report exposes vulnerabilities and license conflicts found in more than 1,500 codebases across 17 industries.
The report includes recommendations to help developers and consumers understand the software ecosystem they are a part of, as...
The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.
As a strategy, organizations need to harness technologies that can provide real-time visibility to threats combined with intelligence-based automated technologies that can help contain the incidents, says Ajay Kumar, regional head of Cyber Security Services, Asia at Crowdstrike.
The Ragnar Locker ransomware operation has been threatening to dump victims' stolen data if they contact police, private investigators or professional negotiators before paying a ransom. But as one expert notes: "Perhaps the criminals watched too many TV shows, because this isn’t how the real world works."
The most sought-after type of victim for ransomware-wielding attackers is a large, U.S.-based business with at least $100 million in revenue, not operating in the healthcare or education sector, with remote access available via remote desktop protocol or VPN credentials, threat intelligence firm Kela reports.
Ransomware is the result of a criminal blending technology's wonders: networking and encryption. It's a modern-day implementation of extortion, a crime as old as time. The Atlantic Council contends lessons from fighting past extortion schemes, such as plane hijackings, could help fight ransomware.
The cybersecurity firm IronNet, founded and led by retired Army Gen. Keith Alexander, has gone public without an IPO by merging with LGL Systems Acquisitions Corp., a "blank check" shell company formed to handle such mergers. Meanwhile, Checkpoint has announced plans to acquire the email security firm Avanan.
Given that budgets and time are finite, how can organizations best identify if their information security strategy is well balanced and appropriate? Nandhini Duraisamy, chief operating officer of Quadron Cybersecurity Services, shares best practices.
Although research firm Gartner forecasts that spending on cybersecurity will surpass $150 billion in 2021, "the proportion of investment going to companies raising investment for the first time is significantly down," says Saj Huq, director of cyber innovation at Plexal, a center for innovation in the U.K.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
T-Mobile CEO Mike Sievert on Friday issued an official mea culpa for the data breach that exposed information on 54 million of the company's customers and prospects. On Thursday, a hacker who claimed responsibility for the attack called the company's cybersecurity "awful," the Wall Street Journal reports.
A vulnerability in Microsoft Azure's database service Cosmos DB has potentially put at risk thousands of Azure customers, including many Fortune 500 companies, according to the security firm Wiz. Microsoft has mitigated the flaw.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
As a technology and security leader, Laura-Lea Berna is driven to defend gaps. But as a business executive, the VP, IT and CIO of BC Transit has built her career on answering the question "Where's the need?" She discusses her path and role as a mentor to up-and-coming leaders.