To keep pace with the ever-evolving security industry, ASIS International released an update to the Protection of Assets (POA) reference set. Refreshed to reflect our changing times and keep security professionals on the leading edge of best practices in the field, this collection is to assist security management directors and professionals responsible for corporate asset protection.
A web server hosting the domain for a local government in the United States was recently breached by advanced hackers taking advantage of old vulnerabilities in firewalls sold by Fortinet, according to an FBI Flash Alert issued. After gaining access to the local government organization's server, the advanced persistent threat (APT) actors moved laterally through the network and created new domain controller, server, and workstation user accounts mimicking already existing ones.
The Department of Homeland Security’s Transportation Security Administration (TSA) announced a Security Directive that will enable the Department to better identify, protect against, and respond to threats to critical companies in the pipeline sector.
Proofpoint, Inc. and Ponemon Institute released the results of a new study on “The Cost of Cloud Compromise and Shadow IT.” The average cost of cloud account compromises reached $6.2 million over a 12-month period, according to over 600 IT and IT security professionals in the U.S. In addition, 68% of these survey respondents believe cloud account takeovers present a significant security risk to their organizations, with more than half indicating the frequency and severity of cloud account compromises has increased over the last 12 months.
With the Colonial Pipeline ransomware attacks that caused widespread East Coast fuel shortages still fresh in our minds, new WhiteHat Security research has found that application specific attacks are equally, if not more, likely than ransomware attacks.
The Council Bluffs Community School District in Iowa has approved an investment in security upgrades across its school system, including video surveillance, access control and intrusion detection.
ThycoticCentrify announced new research that reveals more than half of organizations have been grappling with the theft of legitimate, privileged credentials (53%) and insider threat attacks (52%) in the last 12 months. In 85% of the privileged credential theft instances, cybercriminals were able to access critical systems and/or data. In addition, two-thirds (66%) of insider threats led to abuse of administrative privileges to illegitimately access critical systems and/or data.
As NHS England announced this week they will share more than 55 million patient's mental and sexual health and criminal and abuse records with third-party researchers, the question for other healthcare organizations becomes, are you doing the same, and how do you keep patient data safe?
RSS
