The Cybersecurity and Infrastructure Security Agency (CISA) issued an Emergency Directive 21-01, in response to a known compromise involving SolarWinds Orion products that are currently being exploited by malicious actors.
Hackers working on behalf a foreign government are believed to be behind a highly sophisticated attack into a range of key government networks, including in the Treasury and Commerce Departments, and other agencies. The hackers had free access to their email systems.
It’s a typical day in the Global Security Operations Center (GSOC). The anticipated chatter on the phones, radio communication, and sounds of the software giving audible alerts are all what you’ve come to expect in this busy hub of the security program.
Employees forced to work remotely during the COVID-19 pandemic altered their online habits, and to minimize hacking risk they needed cybersecurity tools to keep up. As a result, security administrators face a danger they may not have previously anticipated: attacks from insiders.
For retailers, a rapid shift to e-commerce means significant opportunity to increase sales margins, in an effort to end the year strong as COVID-19 continues to rattle the industry. However, this opportunity also comes with significant risk, as malicious actors are highly-motivated to exploit holes in retailers’ digital platforms for financial gain this holiday shopping season. To achieve strengthened eCommerce software security, here are four best practices retailers should implement, not just throughout the holiday shopping season, but year-round.
With the world transitioning to ecommerce, your online store is vital for ensuring your products are moving and sales are coming in. While you “can’t sell what you don’t have” in the retail world, you certainly can’t sell without a working online store in the ecommerce arena. Take the steps needed to ensure that all the goodwill and progress you made strengthening your online presence in 2020 is not wiped out in the coming year.
After a successful launch earlier this year, Carnegie Mellon researchers introduced the latest version of the IoT Privacy Assistant, an app and digital infrastructure that enables users to discover IoT devices nearby, learn about the data they collect and any controls they might possibly give, such as opting in or out of their data collection and use practices.
For businesses without access to top data/security experts, working remotely during the pandemic has made them a top target for hackers. To discuss cybersecurity best practices businesses can learn from this situation, we talked to Jorge Rey, Kaufman Rossin’s Chief Information Security Officer.
Over the last few months, the financial sector, as well as many other industries, has had to adjust and make the shift to remote set-ups almost overnight due to COVID-19 restrictions. The transition has accelerated digital transformation; the sector’s previous reliance on face-to-face, or, ‘high-touch’ customer interactions have yielded to a completely digitalized experience.
Without effective cybersecurity protection, any connected medical device – including infusion pumps, pacemakers, smart pens, vital signs monitors, and more – is at risk of attack, whether it is connected to a hospital network or is one of the millions of distributed devices not connected to any network. This jeopardizes the lives of the millions of patients who depend on them.