Cybersecurity News, Awards, Webinars, eSummits, Research

Stethoscope on the silver computer keyboard-blockchain data encryption

(Adobe Stock Images)

Rhysida claims responsibility for ransomware attacks on Prospect Medical Holdings

Steve ZurierAugust 28, 2023

Rhysida ransomware group claims to have stolen a database that contains 500,000 Social Security numbers, corporate documents, and patient records.

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

2023 SC Award winners announced: Celebrating excellence in cybersecurity

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Ransomware

LockBit code leak sparks wave of RaaS attacks

Simon HenderyAugust 28, 2023

After LockBit 3.0 code was leaked, several threat groups modified the ransomware builder and used it to launch their own extortion campaigns.

Application security

Abandoned reply URL in Azure AD app could let attackers gain privileges to launch attacks

Steve ZurierAugust 25, 2023

Within 24 hours of being notified by Secureworks in early April, Microsoft removed the abandoned reply URL from the Azure AD app.

Bug Bounties

CISA: Public researchers tipped feds to 1,300 ‘valid’ vulnerabilities last year

Derek B. JohnsonAugust 25, 2023

The agency says 1,119, or approximately 85%, of those bugs have been remediated thus far, and it took agencies 38 days on average to fix or address flaws reported through its Vulnerability Disclosure Policy Platform.

White silhouette of key made from zeros and ones

Supply chain

3 trends shaping cybersecurity: Passwordless authentication, securing the supply chain and AI

Simon HenderyAugust 25, 2023

In an industry that’s all too familiar with hype cycles, these three cybersecurity trends stand out in 2023 as being more than just passing fads, according to our SC Awards Winners Circle panelists from Yubico, ForgeRock and F5.

Malicious e-mails pelting inboxes hit all-time high in Q1, 2023

Phishing

Top 5 most abused brands by hackers

Stephen WeigandAugust 25, 2023

Unsurprisingly, Microsoft is the most commonly spoofed brand stopped by email security firm Abnormal Security so far this year.

Microsoft is concerned that a new hacking group targeting Taiwan entities had developed “techniques that could be easily reused in other operations outside the region.” (Image Credit: Jeffrey Coolidge)

Critical Infrastructure Security

Newcomer Flax Typhoon’s espionage attacks target Taiwan

Simon HenderyAugust 25, 2023

The freshly-classified APT group is based in China and uses stealthy tactics that could easily translate to other parts of the world, according to Microsoft.

Supply chain

Video: SC Award winners talk identity, supply chain and AI

SC StaffAugust 24, 2023

Our third SC Media Winners Circle panel discusses how threat actors target credentials of third parties, as well as trusting what you see in the age of generative AI.

North Korea flag with circuitry and fingerprint

Malware

North Korea threat group exploiting ManageEngine ServiceDesk bug

Steve ZurierAugust 24, 2023

Cisco Talos reports that the Lazarus Group leverages the ManageEngine ServiceDesk vulnerability to target a midsized internet backbone provider in the UK and multiple health care entities in the United States.

Rhysida claims responsibility for ransomware attacks on Prospect Medical Holdings

Threat Intelligence: Eyes on the enemy

PODCASTS

RESOURCES

FEATURED

2023 SC Award winners announced: Celebrating excellence in cybersecurity

Get daily email updates

Perspectives

Put the ‘Eye’ in AI: The future of cybersecurity requires visibility

Six steps for preparing a manufacturing organization for a ransomware attack

Decoding Cuba ransomware: An opportunity for next-gen data governance

AI coding tools make software more vulnerable, but there’s reason for hope

Here’s how to find optimism amid our ongoing cybersecurity challenges

In Brief

Kroll suffers data breach after SIM swapping attack

Ransomware attack hits Ohio history organization

MOVEit hack-related compromise of French government agency impacts 10M

UK’s Metropolitan Police launches data breach probe

Detrimental human rights impact of UN cybercrime treaty raised

More Resources

Report: Ransomware payouts and recovery costs went way up in 2023

Endpoint protection best practices to fight ransomware

Key questions to ask when evaluating a network-security vendor

10 steps to choose and deploy a network-security solution

How to optimize endpoint security

LockBit code leak sparks wave of RaaS attacks

Abandoned reply URL in Azure AD app could let attackers gain privileges to launch attacks

CISA: Public researchers tipped feds to 1,300 ‘valid’ vulnerabilities last year

3 trends shaping cybersecurity: Passwordless authentication, securing the supply chain and AI

Top 5 most abused brands by hackers

Newcomer Flax Typhoon’s espionage attacks target Taiwan

Video: SC Award winners talk identity, supply chain and AI

North Korea threat group exploiting ManageEngine ServiceDesk bug

EVENTS

Seeking safer shortcuts for devs: Snyk’s 2023 State of Open Source Security Report

The endpoint end game: Locking down your entry points

Secure and efficient app development? How Snyk makes both possible

Investing in IAM: Seize the moment

The Path to Autonomous Identity Security | How to automate manual identity tasks for a more secure & efficient organization