Managing security is an increasingly complicated task for a number of reason. First, networks are expanding rapidly, and many organizations have found that their visibility across the network has been significantly reduced. Siloed security tools and isolated network development and security projects have resulted in vendor sprawl, which means more management

Some Florida residents who have made unemployment claims may have had personal data stolen, officials said Thursday.The Florida Department of Economic Opportunity has notified 98 people who were part of a data breach associated with unemployment claims, agency spokeswoman Paige Landrum said in an email. Officials didn’t say when the breach occurred, how many

Security teams today are facing increased challenges due to the “new normal” created by the recent global health crisis. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees must move to a virtual security operations center (SOC) model while address

Microsoft this week announced that it has made some of its COVID-19 threat intelligence available to the public. The number of attacks targeting organizations and individuals worldwide using coronavirus lures has increased dramatically over the past several months, and Microsoft says it wants to help even those who do not use its threat protection solut

Linksys has prompted users to reset passwords after learning that hackers were leveraging stolen credentials to change router settings and direct customers to malware.The issue became apparent after the company’s users started seeing an increasing number of messages in their web browsers, instructing them to download COVID-19-related applications that were,

Swiss-based global shipping giant Mediterranean Shipping Company (MSC) has confirmed that a recent outage was caused by a malware attack that affected its headquarters in Geneva.MSC informed customers on April 10 that its website, msc.com, and its myMSC customer and vendor portal had become unavailable due to a network outage at one of the company’s data cen

One of the biggest challenges facing security teams when it comes to incident response is complexity. The continual growth in volume and severity of cyberattacks has led to increased business process and technical complexity as different threat vectors have required security leaders to purchase point solutions with unique user interfaces, custom APIs and bus

IBM X-Force Incident Response and Intelligence Services (IRIS) responds to security incidents around the globe. During analysis and comparison of malicious activity on enterprise networks, our team identified attacks likely linked to Hive0065, also known as TA505. We observed that Hive0065 continues to spread the SDBbot remote-access Trojan (RAT) alongside o

Is Backup Alone Enough, or is Full Disaster Recovery Required to Mitigate the Threat of Ransomware?To pay, or not to pay? Is it better to suffer the pain and outage of ransomware – or pay up, and by doing so, end it?Like all such questions, there is no easy or simple answer. Can the affected organization afford a loss of operation? Does it have SLAs that wil

Hackers Operating in the Interest of the Chinese Government Systematically Targeted Linux Servers, Windows Systems and Mobile Devices Activity associated with five cyber-espionage groups acting in the interest of the Chinese government remained undetected for almost a decade, security researchers at BlackBerry say. Successfully conducting cross-pla

A memo sent out this week to all NASA personnel warns that the agency has seen a significant increase in cyberattacks, including phishing and malware attacks, while its employees work remotely during the COVID-19 outbreak.The memo, obtained by space news website SpaceRef, reveals that the number of email phishing attempts doubled in the past few days and the

When the theme, Human Element, was announced for RSA Conference 2020 (RSAC), I was gratified. It’s a topic I never tire of because not only do I believe that there is no “silver bullet” technology, I believe it’s the humans who really lead the way to greater security efficiency and effectiveness. So, while at the conference I took the opportunity to view eve

Law firm Morgan & Morgan announced on Thursday that it has filed a class action lawsuit against Marriott over the recently disclosed data breach that has impacted as many as 5.2 million individuals.The complaint filed by Morgan & Morgan in the District of Maryland accuses Marriott of negligence, breach of contract, breach of confidence, and deceptive

Google, Microsoft and Mozilla are delaying plans to disable support for the Transport Layer Security (TLS) 1.0 and 1.1 protocols in Chrome, Edge, Internet Explorer, and Firefox.TLS 1.0 is over two decades old, and TLS 1.1 was only meant to address some limitations in the former and prevent specific attacks. Both are known to include weaknesses, some addresse

Cloud-based Cyber Ranges Will Change the Future of Training and Certifying Security and DevOps ProfessionalsA half-decade ago, with much fanfare, cyber ranges were touted as a revolutionary pivot for cybersecurity professionals’ training. Many promises and investments were made, yet the revolution has been slow coming. What may have been a slow start appears