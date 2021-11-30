ContributorsPublishersAdvertisers
Technology

How to combat ransomware with visibility

 3 days ago

Cover picture for the articleIn the first half of 2021, average ransomware demands surged by 518%, while payments climbed by 82%. There has been a growing number of attacks in healthcare, with 560 healthcare facilities hit by ransomware last year in the U.S. alone. As new attacks generate headlines each week, we get...

Computer Weekly

How can the channel help fend off the ransomware threat?

Ransomware is generating a lot of headlines and angst as one of the worst security threats to companies and organisations. Barely a week goes by without a story of a business or organisation suffering a ransomware attack. The stats can appear frightening as survey after survey reveals huge increases in attacks and threats – and the cost of the ransoms.
PUBLIC SAFETY
Forbes

Hope Is Not A Strategy: How To Face The Risk Of Ransomware Head-On, Part 2

VP and Chief Security Strategist at Exabeam and host of The New CISO podcast. Companies today are beginning to see ransomware as another cost of doing business. A June 2021 study by security vendor Cybereason, Ransomware: The True Cost to Business, found that 80% of organizations that paid the ransom in the past were hit by a second attack, and almost half were hit by the same threat group. Forty-six percent reported that some or all of their data were corrupted in the recovery process. These numbers will only grow as more cybercriminals successfully bring employees onboard their malicious ventures.
ECONOMY
helpnetsecurity.com

Behavioral biometrics: A promising tool for enhancing public safety

While globalization has enabled easy cross-border movement and transactions, fraudulent activities have, unfortunately, followed suit. The growing demand for a multi-layered and improved security system—whether for border control, online activities, or public security—is driving the need for reliable global authentication. As security demands skyrocket, innovative ideas are emerging to resolve many of today’s urgent issues.
TECHNOLOGY
helpnetsecurity.com

Most challenging security threats for CTOs

59% of CTOs still see human error as the main security threat to their business, alongside other prominent concerns such as ransomware (49%) and phishing (36%), a research from STX Next reveals. Despite this recognition of risk, the findings suggest that more needs to be done to properly safeguard companies...
ECONOMY
helpnetsecurity.com

GlobalPlatform offers a framework to protect applications and data against high-profile attacks

GlobalPlatform has certified its Secure Element (SE) Protection Profile (PP) with the international standard for computer security certification, Common Criteria (CC). The document is the latest update to GlobalPlatform’s Security Certification Program. It will make it quicker and easier for stakeholders across industries to validate and compare security features, protect...
COMPUTERS
helpnetsecurity.com

Putting the “sec” in DevSecOps: An overall reduction of risk

In this Help Net Security interview, Cindy Blake, Senior Security Evangelist at GitLab, talks about the importance of integrating security in DevSecOps and how to overcome the complexity of such integration. Security in DevOps is often being neglected. Why do you think this is the case?. According to GitLab’s 2021...
SOFTWARE
securityintelligence.com

Understanding the Adversary: How Ransomware Attacks Happen

IBM Security X-Force Incident Response (IR) has responded to hundreds of ransomware incidents across every geography and industry. As we have taken time to analyze these incidents, a clear pattern has emerged. Although we observe dozens of ransomware groups in operation across the globe, many with multiple affiliate groups working under them, most ransomware actors tend to follow a similar attack flow and set of standard operating procedures. It is possible that ransomware actors are cross-training and sharing with each other their most effective techniques, which are becoming standard practices for many ransomware groups and affiliates. But whatever forces are bringing ransomware actors together, security defenders can use knowledge of these attacks to their advantage to better defend networks against ransomware attacks and catch attackers before they accomplish their final objectives.
COMPUTERS
helpnetsecurity.com

Control failures are behind a growing number of cybersecurity incidents

Data from a survey of 1,200 enterprise security leaders reveals that an increase in tools and manual reporting combined with control failures are contributing to the success of threats such as ransomware, which costs organizations an average of $1.85 million in recovery, according to Panaseer. Control failures lead to cybersecurity...
TECHNOLOGY
Data Security
Technology
Google
helpnetsecurity.com

Patching takes 2.5 times longer when endpoints are remote

Action1 released a report based on the feedback from 491 IT professionals worldwide. The study explores how organizations patch and manage their remote and office-based endpoints and provide employees with remote IT support. The report reveals that even though most organizations plan to keep at least some remote work in...
SOFTWARE
helpnetsecurity.com

Play collaborates with Allot to offer cybersecurity services for their consumer customers

Allot announced that Play, a mobile operator in Poland with over 15 million subscribers, has launched zero-touch, clientless cybersecurity and content control services for their consumer customers. Allot Secure is a platform to provide mobile users with a unified user experience for on-net and off-net cybersecurity, including configuration, reporting and...
TECHNOLOGY
helpnetsecurity.com

The ripple effect: Why protection against supply chain attacks is a must

The SolarWinds attack continues to send ripples across the world of cybersecurity. For the uninitiated, this form of cyber attack was like a gradual spread of poison, and its fallout proved to be massive – starting with national (US) security concerns that Russia might have been involved and ending up with President Biden issuing an Executive Order on improving the nation’s cybersecurity, followed closely by similar efforts by the UK government.
TECHNOLOGY
helpnetsecurity.com

Despite the popularity of password managers, many still use pen and paper

Password managers are a near-defacto standard for organizations, with 86% reporting they are being put to use, according to a Bitwarden survey of over 400 U.S. IT decision makers across a wide range of industries. This reflects a 9% increase in the use of password managers over the past year.
TECHNOLOGY
helpnetsecurity.com

GlobalLogic partners with Cybereason to develop next-generation cyber defense solutions

GlobalLogic announced that it has been selected by Cybereason to help develop its next-generation cyber security platform and services. Deployed by large enterprises, governments, and major cloud providers worldwide, Cybereason’s future-ready attack protection spans across endpoints, the enterprise, the cloud, and everywhere the defenders battle cyber criminals. The collaboration will draw on GlobalLogic’s broad and deep expertise in security and data management software across devices through to the cloud, including the integration of advanced artificial intelligence (AI).
BUSINESS
helpnetsecurity.com

Neurotechnology Face Verification 12 extends facial authentication features to web-based apps

Neurotechnology released Face Verification 12, designed for the integration of facial authentication and liveness detection into PC, mobile and web applications for digital onboarding, payment, banking, telecommunications and other face recognition uses on personal devices. The new facial recognition algorithm in Face Verification 12 features the same simple APIs as...
CELL PHONES
helpnetsecurity.com

Aqua Security gets AWS Graviton Ready designation to address security and compliance obstacles

Aqua Security announced that it has achieved the AWS Graviton Ready designation, part of the Amazon Web Services Service Ready Program. This designation recognizes that Aqua Security’s Cloud Native Application Protection Platform (CNAPP) has demonstrated successful integration with the AWS Graviton service. Aqua’s platform solves the security and compliance challenges...
TECHNOLOGY
helpnetsecurity.com

API security awareness: The first step to better assessing the risk

In this Help Net Security interview, Tal Steinherz, CTO at Wib, talks about the importance of API security awareness and how to tackle numerous threats that are plaguing it. API security is widely being considered, yet breaches continue to plague many organizations. What are the biggest mistakes organizations are making when it comes to API security?
COMPUTERS
helpnetsecurity.com

150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238)

Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities (CVE-2021-39237) and two different font parsing vulnerabilities (CVE-2021-39238) discovered by F-Secure security consultants Timo Hirvonen and Alexander Bolshev. Attackers can exploit the vulnerabilities to seize control of vulnerable devices, steal information, and further...
TECHNOLOGY
helpnetsecurity.com

The importance of vulnerability management for your organization

Everyone is familiar with home burglaries. Criminals case a house looking for easy access through open windows, unlocked doors, open garages, and the like. Hackers take the same approach electronically and look for network vulnerabilities that grant them access to the data they want. And small to mid-size businesses are an ideal target, since they have fewer resources to dedicate to security efforts than larger companies.
ECONOMY
helpnetsecurity.com

Open source cloud native security analyzer Terrascan embeds security into native DevOps tooling

Tenable enhanced Terrascan, an open source cloud native security analyzer that helps developers secure Infrastructure as Code (IaC). The new capabilities enable organizations to embed security into their DevOps tooling, pipelines and supply chains, mitigating risks before infrastructure is provisioned. “It’s now more critical than ever for developers to have...
SOFTWARE
helpnetsecurity.com

How phishing kits are enabling a new legion of pro phishers

Some cybercriminals are motivated by political ideals, others by malice or mischief, but most are only interested in cold, hard cash. To ensure their criminal endeavors are profitable, they need to balance the potential payday against the time, resources and risk required. It’s no wonder then that so many use...
CELL PHONES

