cyber security

Items Tagged with 'cyber security'

ARTICLES

Russian foreign intelligence service exploiting five publicly known vulnerabilities to compromise U.S. and allied networks

April 16, 2021

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly released a Cybersecurity Advisory, “Russian SVR Targets U.S. and Allied Networks,” to expose ongoing Russian Foreign Intelligence Service (SVR) exploitation of five publicly known vulnerabilities. This advisory is being released alongside the U.S. government’s formal attribution of the SolarWinds supply chain compromise and related cyber espionage campaign. We are publishing this product to highlight additional tactics, techniques, and procedures being used by SVR so that network defenders can take action to mitigate against them.

President Biden issues sanctions against Russia for cyberattacks, election interference

April 16, 2021

U.S. President Biden has signed a new executive order imposing new sanctions on Russia for actions by "its government and intelligence services against the U.S. sovereignty and interests." The administration formally named Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures.

April 2021 Security magazine's Cybersecurity and Geopolitical Video Podcast with Cyjax Chief Information Security Officer

April's Cybersecurity & Geopolitical podcast is up!

April 15, 2021

Episode three of the Cybersecurity and Geopolitical video podcast is up and ready for viewing! We are also now offering an audio version to listen to anytime, anywhere, including from Apple podcasts.

5 minutes with Ray Espinoza - Common cybersecurity hurdles leadership teams may encounter when restructuring

Maria Henriquez

April 15, 2021

Meet Ray Espinoza, Chief Information Security Officer at Cobalt. With over 20 years of technology experience and 14+ years in information security, Espinoza’s collaborative leadership style has enabled him to build information security and risk management programs that support business objectives and build customer trust. Here, we talk to Espinoza about common cybersecurity hurdles leadership teams may encounter when restructuring.

Risk Management

Don’t discount the risk of deepfakes to the enterprise

Many security researchers are now predicting that deepfakes could become a major security threat in the 2021-2022 period. Where is the threat and what can you do about it?

Darren Thomson

April 14, 2021

In recent years, there has been a recognition that social engineering plays a huge part in the execution of cybersecurity attacks. The intersection of “non-physical” and “technical” social engineering is where criminals are mostly focused today. Enter deepfake technology, which poses a looming risk over enterprises and their security leaders as they figure out how to prepare for and mitigate such a risk.

Research finds sharp increase in Initial Access Brokers listings

April 14, 2021

Since Digital Shadows published its first report last year, Initial Access Brokers: An Excess of Access, the company has continued to closely monitor the IAB criminal category. Where it tracked roughly 500 IAB listings in all of 2020, already in 2021 it has found some 200 new listings published by IABs in cybercriminal forums and other dark web sources in just Q1.

Cybercriminals targeting unpatched Exchange servers by installing cryptojacking malware

April 14, 2021

Cybercriminals continue to exploit unpatched Microsoft Exchange servers. Cybersecurity researchers at Sophos report an unknown attacked has been attempting to leverage the ProxyLogon exploit to unload malicious Monero cryptominer onto Exchange servers, with the payload being hosted on a compromised Exchange server.

Cybersecurity training lags, while hackers capitalize on the pandemic

April 14, 2021

Recently, TalentLMS partnered with Kenna Security to survey 1,200 employees on their cybersecurity habits, knowledge of best practices, and ability to recognize security threats. Here are some of the staggering results that offer some explanation as to why cybercrime has grown into such a lucrative business:

Zero trust visibility

Greg Copeland

April 14, 2021

Zero Trust Architecture (ZTA) is a trendy term touted by cybersecurity vendors. But there isn’t a single ZTA solution. The architecture is composed of numerous components, that when taken together, form a new paradigm for dealing with cybersecurity that is appropriate in a modern world where corporate enterprises are no longer confined to a well-defined and trustworthy perimeter such as remote working and cloud environments. For reference, the National Institute of Standards and Technology (NIST) has created a very detailed ZTA publication

Education sector experiencing cyber incidents or attacks more than any other vertical

Educational organizations are hit by phishing attacks targeting cloud data more than any other vertical

April 13, 2021

According to new data, the educational sector is being hit by phishing attacks (along with other types of cyberattacks) more than other verticals.

More Articles Tagged with 'cyber security'

EVENTS

Industry

9/25/12

World Trade Center

121 SW Salmon St

Portland, OR

United States

Contact: Stacy Bresler

EnergySec 8th Annual Summit

As many know, the cybersecurity risks to the energy sector are very real and the obstacles to mitigation are challenging to overcome. Read More

Industry

10/22/12

Old Dominion University VMASC

Suffolk, VA

United States

Contact: Joe Weiss

Industrial Control Systems Cyber-Security Conference

ICS Cyber-Security is the conference where industrial control systems users, ICS vendors, system security providers and government representatives meet to discuss the latest cyber-incidents, analyze their causes and cooperate on solutions. Read More

Webinar

6/30/20 to 6/30/21

Contact: Vania

How to Streamline and Simplify Workplace Access for Employees and Visitors

ON DEMAND: For seamless, simplified workplace access, we must flip our focus from the physical perimeter of the workplace and onto controlling the access of the identity. Some people work from home, some travel constantly to different facilities within their own company, and others are in multiple facilities across multiple companies.

Webinar

8/5/20 to 8/5/21

Contact: Vania

Cyber and Physical Security: Safeguarding Employee and Customer Data

ON DEMAND: The security ecosystem protects digital assets, physical assets, and people - the newly distributed workforce creates new and increased physical and cybersecurity risks. Situational and security awareness is a role every employee must play, and you’ll help get them there with awareness, cybersecurity hygiene and security practices that help keep company, employee and customer information safe.

Webinar

8/19/20 to 8/19/21

Contact: Vania

Looking Beyond Access Control: Safeguarding People and Assets During COVID-19

ON DEMAND: Right now, in the pandemic environment, business leaders are balancing internal priorities – managing cost and impacts to productivity – with market and external priorities like government requirements, customer needs, and perceived standards of safety and health.

This webinar will offer industry best practices to help your security team create or expand a sustainable program that aids in the fulfillment of your organization’s goals and objectives, while assisting your local agencies in fulfilling some of theirs as well — ultimately offering stronger security and response across both.

This year promises to build on the technological and business model innovations of last year, refine their value propositions, and play a key part for organizations who are navigating through covid-19 and planning for a post-Covid era.