Thoughts around threat landscapes commonly prioritize corporate and governmental networks assets as high priorities, with personal networks and resources as lower-level threats. However, there have been recent changes that have caused the reassessment of prioritization levels at times. As a result of the COVID-19 pandemic, the number of individuals who work from home has greatly increased. In fact, Stanford researcher Nicholas Bloom places the percentage of people currently working at home at over 40%.
The Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources and common, well-known tactics, techniques, and procedures (TTPs) to target U.S. Government agencies.
Over the weekend, Fairfax, Va. County Public Schools, the 10th largest school district in the country, was hit by Maze ransomware, resulting in an apparent leak of student and faculty data, just days after previous attacks on these two other school systems.
Eric Cardwell has been named Axio's Director of Cyber Risk Engineering. Mr. Cardwell will be responsible for addressing cyber risk requirements for industry clients, identifying government and trade association contracts, and driving innovation in the advancement of security and financial controls across the energy and utilities sector.
In the lead-up to the 2020 US elections, the nonpartisan global technology association ISACA surveyed more than 3,000 IT governance, risk, security and audit professionals in the US in January and again in July.
Poor security measures associated with software development puts organizations at risk
September 15, 2020
Digital Shadows revealed new research looking at the growing problem of company access keys inadvertently exposed during software development. Access keys, and their corresponding secrets, are used by developers to authenticate into other systems.
What are the expectations, technical implementations, and challenges of using cloud security access brokers (CASB)? Cloud Security Alliance's latest study reveal unrealized gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise.
From the early days of the web, the concept of authentication has been synonymous with the notion of ‘logging in,’ typically with a username and password. Today, this ubiquity has exploded to the point that the average individual has 191 usernames and passwords acting as one-to-one keys for any website they’ve registered with.
The Fourth District Court of Louisiana has been hit by ransomware. Hacking group/ransomware strain Conti has claimed the attack on the US Court, and published apparent proof of the attack on its dark web page this week, CBR reports.