Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest News

How Pipeline Owners and Operators Can Fulfill the TSA's Second Security Directive

Back in June, I wrote about the Transportation Security Agency’s (TSA) new security directive concerning pipeline owners and operators. The order mandated those entities to disclose security incidents such as the ransomware attack that affected the Colonial Pipeline Company back in May to the TSA and the Cybersecurity & Infrastructure Security Agency (CISA).

Why social graphs won't save you from account takeover attacks

Account takeover (ATO) is a dangerous form of business email compromise (BEC). Attackers gain access to a legitimate email account within an organisation, often by stealing credentials through spear phishing. They’ll then send emails from the compromised account with the goal of getting a fraudulent payment authorised or accessing sensitive data to exfiltrate.

Game on- Cybersecurity for Sports and Entertainment: Are you ready with the right offense and defense?

As operations at sports stadiums become more dependent on data centers and online networks, and as the performance metrics and health data of athletes become more vulnerable to illicit exposure or alteration, the $80 billion industry of competitive sports has become increasingly vulnerable to cyberattacks. As a business they are generating big money and big data, both of which are perfect for hackers.

Are You Prepared to Better Protect Against SANS' Top Attacks and Threats?

The SANS 2021 Top New Attacks and Threat Report is now available for download, covering the security trends and top threats to watch for as the world emerges from the pandemic. Presented at the SANS threat expert panel discussion held during the RSAConference 2021 Virtual Experience, the top attack category the report highlights is supply chain attacks – and with good reason.

Cyberattacks and Their Impact on the Company

A recent study reveals that cybercrime costs the world economy more than $1 trillion, a more than 50 percent increase from 2018. Damage to companies also includes downtime, brand reputation, and reduced efficiency. Besides installing anti-malware software to protect against cyberattacks, however, there is other security software to consider. One option is a SIEM (Security Information and Event Management) solution.

Why Are Ransomware Attacks Against OT Increasing?

Most discussions around cybersecurity understandably focus on information technology (IT). Assets like cloud services and data centers are typically what companies spend the most time and effort securing. Recently, though, operational technology (OT) has come under increasing scrutiny from leading security experts in both the private and public sectors. In June, for instance, the Cybersecurity and Infrastructure Security Agency (CISA) released a fact sheet about ransomware attacks on OT.

Crime-as-a-service: How anyone can become a hacker

The internet is an incredible tool for education. Unfortunately, not everyone uses it to better themselves or the world around them. There are plenty of opportunities to learn how to defraud, damage, and steal from organizations – so many in fact, that this open source of hacking knowledge is a new technology service industry in its own right: crime-as-a-service.

What is HECVAT and Why is it Important?

Higher education has increasingly been attracting the attention of cybercriminals. In March, the FBI released an advisory in response to a barrage of ransomware attacks on schools, and Inside Higher Education recently reported that colleges and universities are becoming favorite victims of bad actors. It's not just colleges themselves that are being targeted; their vendors and third parties are being attacked in the hopes of compromising an institution’s data.