Establishing operational resilience in the face of cyberattacks has become a top priority for organizations. As a core component of the IT infrastructure, Active Directory (AD) must be at the center of that process. But who is responsible for ensuring Active Directory is both protected and can be recovered quickly when a cyberattack occurs? In many organizations the answer is not clear, which can lead to missteps in detecting, defending against, and responding to cyberattacks.
Whaling, highly targeted social engineering attacks aimed at senior executives, as well as executive impersonations, have seen an increase of 131% between Q1 2020 and Q1 2021, according to GreatHorn.
Even if you are not mandated to adhere to any particular regulations, it still makes sense for your business to be proactive in managing risk. All frameworks include guidance for good cybersecurity hygiene, such as effective inventory and asset management, contingency planning, personnel security, system access control, and staff awareness and training, to list a few. To prepare for the aftermath of a cyber incident, frameworks provide incident response guidelines you can follow to recover and try to limit the damage. Establishing a framework can not only help your organization follow best practices but also bring rigorous cyber discipline to your organization.
U.S. President Joe Biden has signed an executive order (EO) to improve the cybersecurity of the U.S. As the U.S. faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately people’s security and privacy, the EO seeks to improve efforts to identify, deter, protect against, detect, and respond to these actions and actors. Specifically, the EO will:
Noted security expert Mathy Vanhoef recently discovered a Wi-Fi security vulnerability, that if exploited, it would allow an attacker within radio range to steal user information or attack devices. The security vulnerability, known as FragAttacks - fragmentation and aggregation attacks - are design flaws in the Wi-Fi standard and therefore affects most devices. In addition, Vanhoef discovered several other vulnerabilities that are caused by widespread programming mistakes in Wi-Fi products.
For many years, the focus on securing OT environments has been on the imminent danger of a cyberattack upon critical infrastructure, in other words, SCADA/ICS attacks. Most of the concern has been on nation state actors like China, North Korean, Iran and Russia directly attacking and destroying our infrastructure.
An email entered into court this week in Epic Games' lawsuit against Apple shows that Apple managers uncovered 2,500 malicious apps had been downloaded a total of 203 million times by 128 million users in 2015. Evidence shows Apple managers chose to not disclose this security incident.
Vulcan Cyber released the results of its latest vulnerability remediation maturity research project. A survey of more than 100 enterprise security executives across North America and EMEA found that most enterprise cybersecurity and vulnerability management organizations lack the ability to drive remediation initiatives, to reduce risk and achieve acceptable levels of cyber hygiene.
