Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Security

tripwire

Government agencies warn of sophisticated, high-impact ransomware

Feb 14, 2022 By Graham Cluley In Tripwire

A surge in “sophisticated, high impact” ransomware attacks has prompted the United States’s Cybersecurity and Infrastructure Security Agency (CISA), the UK’s National Cyber Security Centre (NCSC), and the Australian Cyber Security Center to issue a joint advisory about the techniques being used by cybercriminals to attack businesses and organisations.

Read Post
ekran

Privileged Account and Session Management: How To Deploy It

Feb 14, 2022 By Ekran In Ekran
The more access rights an employee has, the more possibilities they have to misuse or abuse privileges. According to the ENISA Threat Landscape 2021 report, a third of surveyed organizations suffered from privilege abuse by insiders during the period from April 2020 through July 2021. That’s why establishing an appropriate level of privileged account management plays a significant role in ensuring your organization’s cybersecurity.
Read Post
WatchGuard

Why push notifications are the best way to protect passwords

Feb 14, 2022 By Alexandre Cagnoni In WatchGuard

Are passwords still the most common strategy for protecting accounts in organizations? This Pulse password security survey reveals that 38% of respondents use between 4 and 6 password-protected accounts on a daily basis and 49% admit that their IT teams resolve an average of 9 password-related issues every day. The majority acknowledge that this has been exacerbated by remote working during recent months due to the pandemic.

Read Post
synopsys

What the cybersecurity executive order means for the private sector

Feb 14, 2022 By Mike McGuire In Synopsys
For a variety of reasons, some more obvious than others, it’s unreasonable to expect federal and local governments to develop the software that supports their day-to-day operations. So they turn to solutions provided by private companies. This is really a win-win situation; the government gets access to best-of-breed solutions developed by experienced companies, and the vendor secures funds that help spur innovation that’s available to the public and private sector alike.
Read Post
jfrog

JFrog Discloses 3 Remote Access Trojans in PyPI

Feb 14, 2022 By Andrey Polkovnychenko and Shachar Menashe In JFrog

The JFrog Security research team continuously monitors popular open source software (OSS) repositories with our automated tooling to detect and avert potential software supply chain security threats. After validating the findings, the team reports any security vulnerabilities or malicious packages discovered to repository maintainers and the wider community.

Read Post
Feroot

Highlights from the Ultimate Guide to Client-Side Security

Feb 14, 2022 By Chris Kolling In Feroot

In today’s world, businesses, economies, and lives are connected by a complex spider web of code and software applications. This code and these applications drive e-commerce, financial transactions, and data input. They impact our ability to quickly transfer money from one account to another, to fill out an online mortgage application, and to order supplies from a vendor. The code that drives these systems is complicated. If something can go wrong, it will.

Read Post

Zero Trust for State and Local Government

Feb 13, 2022 By Lookout In Lookout
The cybersecurity threat landscape is shifting rapidly. More than 400 ransomware attacks have hit city and county governments in the United States since 2016, crippling vital government services for weeks at a time. Those are only the publicly reported instances – the actual number is likely exponentially higher, and these attacks are growing increasingly sophisticated. Meanwhile, high-profile threats to dams, electrical grids and other facilities, including the Colonial Pipeline attack this year, have shown the vulnerability of America’s critical infrastructure.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.