Advertisement

Cybersecurity  >  Email security threats, such as phishing

INTERPOL and Nigerian Police bust business email compromise ring, arrest 11

Operation Falcon II focused on malware skills and knowledge to track suspects thought to be members of the SilverTerrier BEC network that has harmed thousands of companies globally.


Eyeglasses rest on a binary field / code review / threat assessment / check vulnerabilities

Supply chain vulnerability allows attackers to manipulate SAP transport system

The vulnerability permits malicious interference in the SAP change management and software deployment processes. SAP issues patch to protect file system from exploitation.


pharming  >  faudulent website redirect

The Prometheus traffic direction system is a major player in malware distribution

Newly discovered Prometheus uses a network of compromised websites and servers to direct victims to malware or scams.


Advertisement

adding processor to circuit board computer hardware

Microsoft's Pluton security processor tackles hardware, firmware vulnerabilities

Pluton-equipped Windows 11 computers are now available, but the decision to purchase them depends on your threat model.


Cyber warfare  >  Russian missile launcher / Russian flag / binary code

Russia-linked cyberattacks on Ukraine: A timeline

Cyber incidents are playing a central role in the Russia-Ukraine conflict. Here's how events are unfolding along with unanswered questions.


Russian hammer and sickle / binary code

Russian cyberattacks on Ukraine raise IT security concerns

The destructive attacks follow a U.S. government warning for a "heightened state of awareness" and to follow state-sponsored threat mitigation advice.


programmer abstract code glasses devops certification skills kevin unsplash

How chaos engineering can help DevSecOps teams find vulnerabilities

DevOps teams have used chaos engineering concepts to find software bugs for years. Tools are now available to help identify security flaws, too.


Hands are stacked together in unity and trust. [colleagues / teamwork / collaboration]

Tech sector embraces public-private collaboration on open-source software security

Participants in a White House meeting on securing open-source software expressed optimism for working effectively with government to help prevent Log4j-like events.


woman holding playbook guide book guide binary by undefined undefined getty images

Three recent events prove the need for an insider risk playbook

Pfizer, Ubiquiti and Code42 all faced real or potential insider threats that could have been a lot worse if they did not have a plan to deal with them.


Shared responsibility concept  >  Hands take equal shares of pie chart [partnership / teamwork]

Collective resilience: Why CISOs are embracing a new culture of openness

CISOs are finding value in information sharing among trusted, vetted sources. Here’s how they are maximizing the intelligence gathered from these channels.


Advertisement

A stressed businessman with head in hand sits at a desk and computer in an office workspace.

The emotional stages of a data breach: How to deal with panic, anger, and guilt

Intense situations require both the security experts and stakeholders to be calm and focused, but that is easier said than done. This advice can help.


Teresa Merklin, Fellow, Lockheed Martin Aeronautics

Lockheed’s Teresa Merklin: There’s no such thing as a quick fix

Forget the silver bullet; focus on cyber resiliency, advises the Lockheed Martin fellow.


A conceptual security grid of locks overlays a network / datacenter / server room.

Thousands of enterprise servers are running vulnerable BMCs, researchers find

According to analysis by firmware security firm Eclypsium, 7,799 HPE iLO (HPE's Integrated Lights-Out) server baseboard management controllers (BMCs) are exposed to the internet and most do not appear to be running the latest version...


big data merger and acquisition big business smb

Top cybersecurity M&A deals for 2022

The hot cybersecurity mergers and acquisition market continues into 2022 as vendors look to solidify their positions and expand their offerings.


Conceptual image of a network of executives / silhouettes of executives in motion.

New US CISO appointments, January 2022

Keep up with news of CSO, CISO, and other senior security executive appointments.