Chances that ransomware will go away any time soon are slim, so security experts can’t emphasize enough the importance for enterprises to seriously invest in cybersecurity and focus on developing risk mitigation strategies to avoid being caught off-guard. For some reason, the number of businesses ready to pay ransom to get their data back is increasing, opening up endless opportunities for hackers working on complex malicious software to further compromise corporate networks.
Software defined Networking is here, and there’s plenty of talk about what this means for security. As Ericka Chickowski wrote in Security Must Adjust as SDN Goes Mainstream we know one thing: security will need to continue to adjust to compensate.
Reuters reported last week week that the ransomware attack suffered by the city of Atlanta in March was proving costlier than initially thought. City officials told the news agency that the strike continued to disrupt Atlanta’s “mission critical” applications even after its discovery, as the pestilence had not been fully contained.
The French National Commission on Informatics and Liberty (Commission Nationale de l'informatique et des libertés or CNIL) has issued a record fine to an optical center after the company failed to secure the personal (and in some cases highly sensitive) data of its customers.
In late April, a Windows zero-day attack was discovered in the wild that affected all supported versions of Windows. Microsoft released a patch on May 8th to address the issue. This zero-day, dubbed Double Kill, exploits a VB script vulnerability, and potentially affects any system from Windows 7 onwards, including servers.
That’s the conclusion of at least one cybersecurity services provider. According to Risk Based Security, following year over year increases in the number of publicly reported data breaches, the first three months of 2018 saw a respectable decline. But while the numbers look good, they may reflect a change in criminal targeting and goals and less an indication that cyber-criminals are waving white flags.
Once a paltry segment of enterprise IT, security has become a crucial factor in the success of an organization. This paradigm shift, driven by growing legions of bad actors and new regulations, have cast the spotlight on IT security leaders like never before. This, Gartner analysts calculate, creates an unprecedented opportunity for CIOs and CISOs to prove their value and – why not? – forge new career paths.
Private and public Wi-Fi networks have become critical parts of the technology infrastructure of many organizations, particularly with the rise of mobile device users in the workplace. Many people rely on these networks to access the Internet, leverage corporate applications and data, and collaborate with their colleagues—among other uses.
Breaching enterprise systems and holding their data hostage is a growing threat to organizations everywhere. Governments are fighting back by putting the onus on custodians to protect their data or face hefty fines. Even so, bad actors show no signs of backing off.
Last week the team behind Git, a platform that powers millions of the world's developer code repositories--including those on the wildly popular GitHub hosted service--released a crucial security update meant to keep developer environments safe. The patch was made to fix a flaw in how Git handles submodule repository configuration during cloning. It's a dangerous hole that could give attackers the power to create malicious Git repositories and leverage them to run arbitrary code execution on target developer machines.
(Article also available in German, French, Spanish, Italian, and Romanian.)
In an increasingly hostile landscape where large cyberattacks make headlines virtually every month, companies have started shifting their security defense paradigm toward gaining more visibility into the way attacks occur, and how they become targets.
Companies provide detailed reports on previous and identified cyberattacks to their managers or board of directors every eight months on average, according to a recent survey of 1,050 chief information security officers in the US and Europe.
