The Department of Homeland Security and Federal Bureau of Investigation have issued a joint technical alert warning that government entities and organizations in the energy, nuclear, water, aviation, and critical manufacturing sectors are subject to an ongoing attack campaign from an advanced actor, most probably Dragonfly (aka Crouching Yeti and Energetic Bear).
The growing acceptance that it is impossible to detect and block all malware at the perimeter requires some form of response to malware post-breach. Endpoint Detection and Response (EDR), using machine learning behavioral rules to detect an intrusion, is the security industry's reply.
Over 60% of Sites Loaded via Chrome Use HTTPS, Says Google
The number of websites that protect traffic using HTTPS has increased considerably in the past months, according to data shared by Google last week.
Cybersecurity Awareness Month is, once again, upon us. At its core is an issue that can have a massive impact on organizations in every industry, public and private, large and small: successful cyberattacks and how to prevent them from happening in the first place.
With growing concern over nation-state cyber attacks comes an increasing need to secure the critical infrastructure. In the Quadrennial Energy Review published in January 2017, the U.S. Energy Department wrote, “Cyber threats to the electricity system are increasing in sophistication, magnitude, and frequency.” The reliability of the electric system underpins virtually every sector of the modern U.S. economy, it warned.
Contracting giant Booz Allen is to acquire cybersecurity firm Morphick. Few details have been made public -- there is no statement on the price involved nor the future of existing Morphick staff. Nevertheless, this seem to be a good fit for both companies, with Morphick gaining access to more customers, and Booz Allen moving further along its published plan to expand its commercial presence.
A newish buzzword in the cybersecurity world is “orchestration”. Which to me is the junction where people, process and technology all come together. It's where people build automation into process and consume information and insight generated by technology.
While Equifax is the latest major data breach to hit the headlines, we know it will not be the last. How prepared is your organization if you were similarly targeted?
The acceptance and adoption of biometrics as a primary or second factor in multi-factor authentication has been considerably slower than expected. There are signs now, however, that it is finally gathering pace. Apple has long included TouchID with the iPhone, and has now added FaceID to the new iPhone X.
Google has taken yet another step toward improving the security of its users by making Google prompt the primary choice for 2-Step Verification (2SV), instead of SMS.
A new, massive botnet is currently recruiting improperly secured Internet of Things (IoT) devices such as IP wireless cameras, Check Point warns.
Canada’s Communications Security Establishment (CSE) agency announced this week that the source code for one of its malware detection and analysis tools has been made public.
Proton, a remote access tool (RAT) that emerged in early 2017, has once again compromised a legitimate software’s distribution channel to spread, ESET warns.
We have 152 guests online
You know we do!