Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On February 15th, the Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an advisory highlighting the results of their incident response investigation into a state government organization’s network whose sensitive data including host/user details and other pertinent metadata were posted to the dark web.

In the wake of recent cyber attacks against US water utilities, the vulnerability of local entities dependent on operational technology (OT) has been starkly highlighted. This danger was further emphasized last week when Congress held a hearing titled Securing Operational Technology: A Deep Dive into the Water Sector. Witnesses at the hearing painted a stark picture of the significant cybersecurity risks facing small utility companies today.

Welcome back to our series on PCI DSS Requirement Changes from v3.2.1 to v4.0. Today, we’re discussing Requirement 6, which is crucial for protecting cardholder data. It mandates the use of vendor-supplied security patches and secure coding practices for in-house developed applications. These measures help mitigate vulnerabilities that hackers could exploit. The requirement also emphasizes the importance of vigilance in identifying and remediating vulnerabilities.

Here at AT&T Cybersecurity, we know that the technology powering our managed detection and response services is solid—and we’ve got documentation to prove it. But we also know you’ve probably read your share of marketing materials making claims with nothing to back them up, so when we get the opportunity to share third-party metrics that support what we’ve been saying, we jump on it.

Welcome to the Threat Context Monthly blog series where we provide a comprehensive roundup of the most relevant cybersecurity news, and threat information from KrakenLabs, Outpost24’s cyber threat intelligence team.

On February 15, the US Department of Justice announced “Operation Dying Ember”: the takedown of a botnet controlled by APT28, the Russian military cyber threat actor also known as Fancy Bear. APT28 was previously known for developing the VPNFilter botnet, which targeted routers and network attached storage devices and was also disrupted by the DoJ in 2018.

Since the widespread migration to the cloud, DLP has become an essential—yet often dreaded—tool for protecting data from leaks, breaches, exfiltration, and more. It’s no secret that traditional DLP solutions have a less-than-stellar reputation. Security teams are squeezed tighter than ever in terms of time and resources. Needless to say, adding more alerts on top of already daunting workloads is less than ideal. It’s time for a smarter, more sustainable form of DLP.

Explore security findings from Datadog's research into recent attacks, highlighting two sophisticated attack methods and vital lessons in secrets security.

University-industry collaborations and other joint research ventures offer access to resources, expertise, funding, and other benefits for university researchers. However, through the use of unvetted software, password sharing, and other actions these external partnerships can expose the university and its intellectual assets to substantial cybersecurity threats, such as unauthorized access, data breaches, and other cyber attacks.

Today’s cybersecurity landscape is teeming with third-party threats: supply chain risks, regulatory compliance requirements, third-party security flaws, malicious insiders, and more. Whether your organization’s risk appetite craves conservative or aggressive third-party relationships, these risks make third-party risk management (TPRM) necessary.