Cybercriminals have targeted the Bay Area water supply. Similar to the Oldsmar water treatment attack in Florida, the threat actor used legitimate credentials to break into remote access tool TeamViewer. After logging in, they deleted programs that the plant used to treat drinking water.
The insider risk is real for every organization, though it looks different among each one. Here, we cover obstacles to getting the message out about insider threat as well as practical techniques to improving your insider threat mitigation.
The International Security Foundation (ISF) announced that Secretary Madeleine Albright is the ISF 10th Anniversary Speaker for the ISF Virtual Reception on Wednesday, November 17, 2021, 5 PM EDT. The global virtual event, hosted by the ISF during OSAC’s virtual Annual Briefing week, celebrates OSAC’s private-public partnership with the OSAC Awards and celebrates the ISF’s 10th anniversary.
Sophos researchers have discovered a malware campaign whose primary purpose appears to stray from the more common malware motives. Instead, say the researchers, it appears to steal passwords or to extort a computer's owner for ransom, blocking infected users' computers from being able to visit a large number of websites dedicated to software piracy by modifying the HOSTS file on the infected system.
Many adversaries take advantage of new vulnerabilities and convert them into weaponized attacks, while extreme adversaries focus on supply chain and targeted attacks.
Many adversaries now take advantage of new vulnerabilities and convert them into weaponized attacks very easily and very quickly, while the extreme adversaries are now focusing on supply chain and targeted attacks. This combination makes for a very challenging environment for any modern enterprise.
Inon Shkedy, Head of Security Research for Traceable, who also serves as the API Security Project Lead at OWASP and has co-authored the OWASP API Top 10, talks to Security about API security risks.
Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, will lead a webinar, Operational Resilience in a Hyperconnected World, on June 17, 2021 at 2:00 p.m. EDT, and provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience.
RSS
