The widening gap in cybersecurity skills is among the biggest threats confronting IT enterprises. It's being felt throughout companies in practically every sector around the globe, with about three-quarters of organizations in a 2020 Stott and May cybersecurity survey saying the shortage is affecting them.
Practically every organization has internet connectivity and some form of IT infrastructure, which means nearly all organizations are at risk of a cyber attack. To understand how great this risk is and to be able to manage it, organizations need to complete a cybersecurity risk assessment, a process that identifies which assets are most vulnerable to the risks the organization faces.
Microsoft on Thursday revealed that the threat actors behind the SolarWinds supply chain attack were able to gain access to a small number of internal accounts and escalate access inside its internal network. The “very sophisticated nation-state actor” used the unauthorized access to view, but not modify, the source code present in its repositories, the
by Paul Ducklin How did the movie “Hackers” inspire a girl to grow up to become a hacker herself? Find out from security analyst and friendly hacker Keren Elazari. Hear about Keren’s incredible journey, why hackers should be welcomed with open arms, and the inspiration that guided her career. Keren Elazari Interviewer: Kimberly Truong. Special
6 common types of cyber attacks and how to prevent them
North Korean Hackers Trying to Steal COVID-19 Vaccine Researc
A Google Docs Bug Could Have Allowed Hackers See Your Private Documents
The UK’s National Cyber Security Centre (NCSC) has issued its first ever guidance for farmers, in a sign of the growing cyber-threat facing rural businesses. Published on Tuesday, Cybersecurity for Farmers is a comprehensive guide to best practices covering everything from spotting suspicious emails and phone calls to password management, device security and the importance
Chief information security officers who work with the U.S. Department of Defense must understand and comply with the Cybersecurity Maturity Model Certification requirements, but even organizations that do not work with the government can learn from the CMMC. In early 2020, the U.S. Office of the Under Secretary of Defense for Acquisition and Sustainment released
Citrix has issued an emergency advisory warning its customers of a security issue affecting its NetScaler application delivery controller (ADC) devices that attackers are abusing to launch amplified distributed denial-of-service (DDoS) attacks against several targets. “An attacker or bots can overwhelm the Citrix ADC [Datagram Transport Layer Security] network throughput, potentially leading to outbound bandwidth
HelpSystems has announced the acquisition of cloud-based data protection provider Vera. The IT software firm said the deal will enable it to expand its data security portfolio and help meet a growing demand for solutions that can protect information throughout the full data lifecycle. This includes data classification, file transfer, data loss prevention and encryption.
An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as zero-day to deploy the SUPERNOVA malware in target environments. According to an advisory published yesterday by the CERT Coordination Center, the SolarWinds Orion API that’s used to interface with all other Orion system monitoring and management products suffers from
Cyberthreats can take the fun out of connected gadgets – here’s how to make sure your children enjoy the tech without putting themselves or their family at risk This Holiday season, you may have treated your kids to a smart gadget. But have you also remembered to set up the shiny new device for them
IBM Security X-Force’s COVID-19 threat intelligence task force discovered a massive phishing campaign earlier this month aimed at organizations within the vaccine distribution cold chain. Caleb Barlow, president and CEO of healthcare cybersecurity firm CynergisTek, said that part of the supply chain, which ensures vaccines are stored at the proper temperature, is especially vital for
A healthcare technology company leaked 12 million records on patients including highly sensitive diagnoses, before the exposed cloud server was struck by the infamous “meow” attacker, researchers have revealed. A team at SafetyDetectives led by Anurag Sen discovered the leaky Elasticsearch server in late October after a routine IP address scan, although it’s unknown how
SecOps, formed from a combination of security and IT operations staff, is a highly skilled team focused on monitoring and assessing risk and protecting corporate assets, often operating from a security operations center, or SOC. Cybersecurity attacks are on the rise, and the new challenge of supporting a largely remote workforce amid the pandemic and
Stratecast/Frost & Sullivan Information security, network security, cybersecurity: The industry is flooded with terms to describe how enterprises secure their network data. While the experience of wading through a mishmash of terminology to describe a specific operation or function is not limited to the networking industry, the use of various terms complicates the process of
With just days until Black Friday, the unofficial kick off to the holiday shopping season is quickly approaching. In anticipation of the busiest time of year for e-commerce, this year we conducted a survey, Stressed Holiday Online Shopping, to understand how financial pressure can impact buyer behavior when it comes to online purchasing and cybersecurity.
Not very long ago, people could be seen walking around waving their mobile phones in the air, looking for a network connection. Today, we are talking 5G! Our kids just can’t imagine a world without gadgets and internet! Little kids as young as four can turn on and instruct Alexa, search for new games on
An overview of some of the cyberattacks that Canadian organizations faced in the summer months of 2018. The summer season often seems like a quieter time of year. The past few months have been eventful in Canada, however, as several incidents reported in the media have highlighted the importance of cybersecurity once again. First, several
Penetration tests help organizations gain a better understanding of how protected they are against cyber-attacks, and when Kaspersky Lab’s performed several dozen cybersecurity assessment tests on corporate networks, it found that the overall level of protection against external attackers was low or extremely low for almost half of the analyzed companies. The report, Security Assessment of Corporate
Isreal has the talent and capability in the world of cyber security. A country with limited resources but utilises their ingenuity to survive and thrive in the harshest of circumstances. Watch the video here from Vice on HBO. Posted on YouTube: https://www.youtube.com/watch?v=ca-C3voZwpM
A national nonprofit organization, SecureSet Foundation, created by SecureSet Academy, aims to increase diversity in the cybersecurity workforce by offering financial assistance, according to a press release from SecureSet Academy. The creation of the SecureSet Foundation will enable individuals to enhance and build their professional skills in the field of cybersecurity, which will also help