Cybersecurity News, Awards, Webinars, eSummits, Research

Macro computer screen shot with binary code and password text.

80% of web applications attacks leveraged stolen credentials, according to the 2022 Verizon Data Breach Investigation Report. (Image via Adobe)

CISA, NSA push identity and access management framework as risks grow

Menghan XiaoMarch 22, 2023

The practice guide, part of the NSA's Enduring Security Framework, was developed through a public-private partnership to thwart risks that threaten critical infrastructure and national security systems.

WHITEPAPER

The Automated Phishing Identification & Response Buyer’s Guide

PODCASTS

RESOURCES

FEATURED

Entries are open for the SC Awards, honoring cybersecurity companies, people and products. (Stock/Getty Images)

Calling all cyber companies: SC Awards entry period is open

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Breach

Independent Living Systems hit with 5 lawsuits after breach update to 4.2M patients

Jessica DavisMarch 22, 2023

A breach report was filed with HHS by Independent Living Systems in September, amid an investigation.

LVIV, UKRAINE – FEBRUARY 25: A Ukrainian flag flies over an observation platform in the city center on February 25, 2023 in Lviv, Ukraine. While Lviv, located in western Ukraine, lies far from the current fighting raging between Ukrainian and Russian armed forces in the east and even offers a sense of normalcy in every day life, it neverthele...

Risk management

Report: wartime hacktivism is spilling over into the financial services industry

Menghan XiaoMarch 21, 2023

Russia's war with Ukraine has triggered a surge in ideologically motivated hacktivism that persists to this day, posing by far the most significant impact on the cyber threat landscape for financial services, according to a report by the Financial Services Information Sharing and Analysis Center.

Email security

Now patched Outlook zero-day gains PoC and growing concerns

Stephen WeigandMarch 21, 2023

Security researchers have been unpacking the now-patched zero-day in Outlook that allows for elevation of privileges.

Ransomware

Ferrari confirms extortion attempt, but car maker refuses to pay ransom

Steve ZurierMarch 21, 2023

Italian sports car maker Ferrari confirmed Monday that it was hit with a ransomware extortion attempt by an unknown threat actor in which customer data was exposed.

UC San Diego Health sign on hospital building facade.

Breach

UC San Diego Health latest provider to report pixel-tracking incident

Jessica DavisMarch 21, 2023

This healthcare roundup includes a new pixel disclosure notice; Independent Living Systems' updates a breach notice; and 50% of Barcelona hospital's systems are up after cyberattack.

Threat intelligence

Threat actors linked to nation-states exploited zero-days the most in 2022

Stephen WeigandMarch 21, 2023

Cyberespionage groups linked to China were responsible for over 50% of the exploits in 2022 that the firm said it could confidently track to 13 advanced persistent threat groups (APTs), followed by Russia and North Korea. Overall, groups with links to nation-states accounted for 80% of the zero-day exploits.

The VMware website is displayed on a computer screen.

Vulnerability management

Security researchers double-down on the need to patch VMware ESXi servers

Steve ZurierMarch 20, 2023

AT&T Cybersecurity points out that the VMware ESXi server issue has not gone away, while researchers confirm that security teams need to prioritize a patch ASAP.

CISA, NSA push identity and access management framework as risks grow

WHITEPAPER

The Automated Phishing Identification & Response Buyer’s Guide

PODCASTS

RESOURCES

FEATURED

Calling all cyber companies: SC Awards entry period is open

Get daily email updates

Perspectives

Three reasons why security teams should start a modern SSE network security journey with zero-trust-network access

ChatGPT will empower a new generation of threat actors, putting pressure on defenders to keep up

Take the cybersecurity conversation to the board

A venture capitalist’s view of the Silicon Valley Bank failure

Build resilience in a world of weaponized trust

In Brief

More aggressive extortion tactics employed by ransomware operations

Open source intelligence integrated to Verosint’s account fraud, detection platform

Numerous malware strains distributed via new dotRunpeX injector

Ransomware leading threat against EU transport sector

CISA sought to conduct cybersecurity assessment on Chinese consumer drones

More Resources

Top ransomware controls and where MDR fits in

How to declutter DevSecOps with DAST

Deploying MDR: Quotes from the experts

How tech clutter complicates DevSecOps

Threat Hunting: Moving beyond reactive intelligence

Independent Living Systems hit with 5 lawsuits after breach update to 4.2M patients

Report: wartime hacktivism is spilling over into the financial services industry

Now patched Outlook zero-day gains PoC and growing concerns

Ferrari confirms extortion attempt, but car maker refuses to pay ransom

UC San Diego Health latest provider to report pixel-tracking incident

Threat actors linked to nation-states exploited zero-days the most in 2022

Security researchers double-down on the need to patch VMware ESXi servers

EVENTS

The War on Ransomware: Lives and livelihoods on the line

Practical advice for protecting your digital supply chain: A realistic top 5 list

Reducing risk with user access review automation

IAM: Tales from the cutting edge, for the watch-and-learn crowd

Passwordless security: Where things stand, and What’s next?