Articles Tagged with ''risk management''

Security researcher details exploitation of common misconfigurations in Salesforce Lightning

October 14, 2020

A security researcher published a blog outlining the details of common misconfigurations in Salesforce that can result in guest users, or hackers leveraging guest user access, gaining access to sensitive data in Salesforce.

NJOHSP promotes cyber safety for cybersecurity awareness month

October 14, 2020

The New Jersey Office of Homeland Security and Preparedness (NJOHSP) reaffirmed its commitment to keep the State cyber safe after Governor Phil Murphy proclaimed October as Cybersecurity Awareness Month on October 2. NJOHSP and its cyber division, the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC), are also participating in National Cybersecurity Awareness Month (NCSAM).

How cyberattackers use Microsoft Office 365 tools against organizations to steal data

October 13, 2020

Vectra released its 2020 Spotlight Report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

Microsoft takes down massive hacking operation

October 13, 2020

Microsoft has taken action to disrupt a botnet called Trickbot, one of the world’s most infamous botnets and prolific distributors of ransomware. Trickbot has infected over a million computing devices around the world since late 2016.

Average ransomware demand increases 100% from 2019 through Q1 2020

Data from 25,000 small-to-midsize organizations reveals ransomware as the top cyber insurance incident in the first half of the year, with the average ransomware demand increasing 100% from 2019 through Q1 2020

October 13, 2020

Coalition announced the results of its H1 2020 Cyber Insurance Claims Report. The report explores top cybersecurity trends and threats facing organizations today, in addition to data showing the impact of COVID-19 on cyber insurance claims. The report garners insights from the incidents reported across 25,000 small and midsize organizations.

BlackBerry uncovers massive hack-for-hire group BAHAMUT

October 12, 2020

BlackBerry released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT. In the report, BlackBerry researchers link the cyberespionage threat group to a staggering number of ongoing attacks against government officials and industry titans, while also unveiling the group’s vast network of disinformation assets aimed at furthering particular political causes and hampering NGOs.

Threat actors, TA505 and MERCURY, exploiting ZeroLogon to attack and gain account control privileges

October 12, 2020

Microsoft recently warned that more cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks. Threat actor TA505, a financially motivated threat group that has been active since at least 2014, is now exploiting this vulnerability.

National Security Agency launches the Center for Cybersecurity Standards

October 9, 2020

The National Security Agency announced the official launch of the Center for Cybersecurity Standards (CCSS) in the Cybersecurity Directorate. This office will lead NSA’s Cybersecurity mission to engage with standards bodies to communicate security requirements and influence standards to secure our National Security Systems and provide support to the Defense Industrial Base (DIB).

The MITRE Corporation has a lab in the FAA-sponsored Center for Advanced Aviation System Development FFRDC

Study finds MITRE ATT&CK improves cloud security, yet security leaders struggle to implement it

October 9, 2020

McAfee and the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC) released a new research study, MITRE ATT&CK as a Framework for Cloud Threat Investigation, developed by CLTC researchers. The report focuses on threat investigation in the cloud through the lens of the most widely adopted framework, MITRE ATT&CK.

Switching to electronic access control

What are the seven myths surrounding making the switch to electronic access control solutions?

Brad Smith

October 9, 2020

Amid ever-changing technology, embracing modern security solutions and capabilities can be a challenge for many, especially those who have spent years accustomed to tried-and-true products, like the traditional keyed padlock. Today, decision makers working in the security sector are tasked with sorting through the blitz of new technology offerings and introductions.

OSHA fines grab headlines, but most compliance issues start with everyday operational gaps: missed protocols, unsecured areas, or slow response. Learn how emerging technologies & AI can be leveraged towards a more proactive model of compliance.

Security teams have never had more visibility. We’ll explore how a new decision layer is helping security teams move from detection to decision. Turn alerts into decision-ready context, reducing reliance on manual triage and enabling faster action.

Articles Tagged with ''risk management''

Security researcher details exploitation of common misconfigurations in Salesforce Lightning

NJOHSP promotes cyber safety for cybersecurity awareness month

How cyberattackers use Microsoft Office 365 tools against organizations to steal data

Microsoft takes down massive hacking operation

Average ransomware demand increases 100% from 2019 through Q1 2020

BlackBerry uncovers massive hack-for-hire group BAHAMUT

Threat actors, TA505 and MERCURY, exploiting ZeroLogon to attack and gain account control privileges

National Security Agency launches the Center for Cybersecurity Standards

Study finds MITRE ATT&CK improves cloud security, yet security leaders struggle to implement it

Switching to electronic access control

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.