The infamous ransomware group appears to be back from the dead β maybe β and using the old brand, but experts question whether a reconstituted gang will have much success.
By providing these apps and other add-ons for SaaS platforms and associated permissions, businesses present bad actors with more opportunities to gain access to company data.
As the talent shortage rages on, companies have found mentorship programs to be one of the best ways to obtain the security skills they need to develop their existing teams.
Providing continuous penetration testing with context, and a host of other features, the Incenter platform is built to give organizations what they need to effectively secure their environment.
Software accountability offers a fresh perspective for creating and managing digital products, mainly by making processes more reliable and transparent for every stakeholder.
In the latest incarnation of the TLStorm vulnerability, switches from Avaya and Aruba β and perhaps others β are susceptible to compromise from an internal attacker.
Breaches can happen to anyone, but a well-oiled machine can internally manage and externally remediate in a way that won't lead to extensive damage to a company's bottom line. (Part 1 of a series.)
A comprehensive security strategy balances technology, processes, and people β and hiring and retaining security personnel and securing the remote workforce are firmly people priorities.
The less-good news: IAM only works for applications your IT department knows about, so watch for "shadow IT" programs installed or written by users that leave a security gap.
By Fahmida Y. Rashid, Managing Editor, Features, Dark Reading
The AI startup releases new threat signatures to expand the computer vision platformβs ability to identify potential physical security incidents from camera feeds.
Higher probabilities of attack, soaring ransoms, and less chance of getting data back β the ransomware plague gets worse, and cyber insurance fails to be a panacea.
Blue-chip companies deepen commitment based on success of long-standing customer and partner relationships and conviction of Securonixβs vision and hypergrowth potential.
As the use of AI- and ML-driven decision-making draws transparency concerns, the need increases for explainability, especially when machine learning models appear in high-risk environments.
By Fahmida Y. Rashid, Managing Editor, Features, Dark Reading
Visa has invested heavily in data analytics and artificial intelligence over the past five years to secure the movement of money and keep fraud rates low.
Internet-facing zero-day vulnerabilities were the most commonly used types of bugs in 2021 attacks, according to the international Joint Cybersecurity Advisory (JCSA).
The four-year-old firm, started by two industry veterans, focuses on gaining visibility into Internet-facing services as more companies seek insight into what attackers see.
The Stormous ransomware group is offering purportedly stolen Coca-Cola data for sale on its leak site, but the soda giant hasn't confirmed that the heist happened.
What 5,800+ pentests show us: Companies have been struggling with the same known and preventable security bugs year over year. Bandwidth stands at the heart of the problem.
Four months after the Log4Shell vulnerability was disclosed, most affected open source components remain unpatched, and companies continue to use vulnerable versions of the logging tool.
Lord previously spearheaded security for the Democratic National Committee and held leadership roles at companies including Yahoo, Rapid7, and Twitter.
In this webinar replay, Omdia outlines the ways in which XDR facilitates faster and easier threat detection and response, and key points organizations should consider when evaluating XDR technology.
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
This Tech Tip reminds developers and security teams to check what version of Java they are running. Whether they are vulnerable to the ECDSA flaw boils down to the version number.
By Mark Carrigan, Senior Vice President, Process Safety and OT Cybersecurity, Hexagon PPM
It's time for regulators of critical infrastructure β including industrial control systems and operational technology β to focus more on operational resiliency.
Barely over a quarter of medical device companies surveyed maintain a software bill-of-materials, and less than half set security requirements at the design stage.
Ransomware groups are looking to strike large agriculture cooperatives during strategic seasons, when they are most vulnerable, according to law enforcement.