Do ransomware gangs actually have a heart? Perhaps... Just days before Christmas, on the night of Sunday 18 December 2022, Canada's Hospital for Sick Children (better known as SickKids) was hit by a ransomware attack. The Toronto-based teaching and research hospital reported that the attack had impacted its internal systems, phone lines, and website.
Attack surface management (ASM) and vulnerability management (VM) are often confused, but they’re not the same. The primary difference between the two is scope: Attack surface management and external attack surface management (EASM) assume that a company has many unknown assets and therefore begin with discovery. Vulnerability management, on the other hand, operates on the list of known assets.
With 2022 having just ended, let's take a look back at the year in ransomware. With the average cost of an attack ranging from $570,00 to $812,360 for just the ransom, according to Cloudally, it should be no surprise that it continued to be one of the most prominent attacks utilized by malicious groups. We'll be doing a quick overview of a few of the most active groups within the space over the past year, and any developments that those groups have made in the past 12 months.
The rise of fintech has pushed traditional financial institutions to provide online-based services and launch fintech applications. But these services must be secure and meet certain regulatory requirements, such as the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Regulation (GDPR), or SOC 2.
Read also: Meta fined €390M over online privacy violations, CircleCI discloses a security breach, and more.
As a contract research organization (CRO), your greatest responsibility is to be a reliable partner to the sponsor in executing a clinical trial. This can include tasks such as writing the study protocol, collecting and submitting data to the FDA, and monitoring sites throughout the study. To honor that responsibility, a CRO must have the right tools and skills to securely share trial data and collaborate with the sponsor.
The California Privacy Rights Act (CPRA) is a privacy law that was passed in California in 2020. It strengthens the security standards of the California Consumer Privacy Act (CCPA), making California's consumer privacy laws more aligned with the General Data Protection Regulation (GDPR). The CCPA gives California residents the right to know what personal data is being collected by companies and whether it will be sold or disclosed to other parties.
This blog summarizes the Splunk Threat Research Team’s (STRT) recent review of the CISA Top 10 Malware strains for the year 2021 report. While many of these payloads have been covered in our past and present research (available at research.splunk.com), these malware families are still active in the wild. Notably, five malware families we analyzed in this article can still be seen in the ANY.RUN Malware Trends Tracker.
Modern applications are sophisticated, with different third-party software and hardware components and complicated integrations compared to legacy applications. With these complications, there is an increase in exploitable vulnerabilities in the application layer. Thus, application security is one of the most critical aspects organizations should focus on to secure their applications from cyberattacks.
