Articles Tagged with ''risk management''

APT35 (aka Charming Kitten, TA453, or Phosphorus) started widespread scanning and attempted to leverage Log4j flaw in publicly facing systems only four days after the vulnerability was disclosed, according to new Check Point research. 

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and National Security Agency (NSA) are asking critical infrastructure network defenders to adopt a heightened state of awareness to mitigate attacks from Russian-state sponsored threat actors.

In a recent update, Panasonic has verified that hackers accessed personal information belonging to job candidates and interns during a November cyberattack. 

As you move from the perimeter fence line all the way to the most sensitive areas at the core of a facility, the security strategy should become more sophisticated and more effective.

Grass Valley, California has suffered a data breach.

The JFrog security research team has disclosed an issue in the H2 database console, which was issued a critical CVE — CVE-2021-42392. This issue has the same root cause as the Log4Shell vulnerability in Apache Log4j.

The Fertility Centers of Illinois (FCI) has notified nearly 80,000 current and former patients that their information may have been compromised. 

Attackers are exploiting Google Docs to conduct phishing and inject malware.

The Mayo Clinic’s Global Security team set about developing a single security operations center and standardizing workflows, processes, software, terminology and other investigatory and case-management aspects, all with the help of technology.

A critical infrastructure, ports pose unique security challenges and require a holistic approach to security, access and risk mitigation. Here, we cover best practices for port security.