Cybersecurity News, Awards, Webinars, eSummits, Research

The VMware website is displayed on a computer screen.

Organizations that have not run the patch for a two-year-old VMware vulnerability are at risk of becoming a victim of the latest ransomware, according to AT&T Cybersecurity. (mehaniq41 via Adobe Stock Images)

Security researchers double-down on the need to patch VMware ESXi servers

Steve ZurierMarch 20, 2023

AT&T Cybersecurity points out that the VMware ESXi server issue has not gone away, while researchers confirm that security teams need to prioritize a patch ASAP.

WHITEPAPER

The Automated Phishing Identification & Response Buyer’s Guide

PODCASTS

RESOURCES

FEATURED

Entries are open for the SC Awards, honoring cybersecurity companies, people and products. (Stock/Getty Images)

Calling all cyber companies: SC Awards entry period is open

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Perspectives

In Brief

More Resources

Cybercrime

FBI arrests alleged BreachForums owner

Menghan XiaoMarch 20, 2023

Conor Brian Fitzpatrick, also known as "Pompompurin" within the online hacking community, was arrested at his New York home around 4:30 p.m. last Wednesday and charged with one count of conspiracy to commit access device fraud, an FBI agent said in a sworn statement filed in Southern District of New York court last week.

Ransomware

Black Basta, Killnet, LockBit groups targeting healthcare in force

Jessica DavisMarch 20, 2023

Federal agencies, along with Microsoft, detail three threats facing critical infrastructure entities like healthcare: Black Basta, Killnet and LockBit.

Zero trust

Companies are moving forward with zero trust, but still report challenges

Steve ZurierMarch 20, 2023

Security pros see the need for continuing the zero-trust journey, but 30% admit it will be very difficult.

Traders in the Standard & Poor's 500 stock index options pit at the Chicago Board Options Exchange (CBOE).

Compliance

Publicly traded companies aren’t moving to add cyber experts to their boards

Derek B. JohnsonMarch 20, 2023

Research this month found that of the 414 new board seats allocated to top companies in 2022, just 14% went to individuals with backgrounds in cybersecurity.

Malware

Go-based HinataBot latest botnet to focus on DDoS attacks

Steve ZurierMarch 17, 2023

Akamai researchers say the HinataBot botnet has been active for the first three months on 2023, but has exploited vulnerabilities from as far back as 2014.

WASHINGTON – SEPTEMBER 18: The U.S. Securities and Exchange Commission seal hangs on the facade of its building September 18, 2008 in Washington, DC. Republican presidential candidate Sen. John McCain (R-AZ) has called for the ouster of SEC Chairman Christopher Cox in the wake of the collapse of several giant banks on Wall Street and the res...

Breach

SEC proposes slew of new cyber rules to secure financial entities

Menghan XiaoMarch 17, 2023

Among the proposed rules are requirements for broker-dealers to notify their customers about the data breach within 30 days, while immediately informing the SEC of cyber incidents.

Device Security

18 zero-day flaws impact Samsung Android handsets, wearables and telematics

Tom Spring March 17, 2023

Four of the zero-day bugs allow adversaries to remotely compromise a targeted phone with just a phone number - no user interaction required.

Security researchers double-down on the need to patch VMware ESXi servers

WHITEPAPER

The Automated Phishing Identification & Response Buyer’s Guide

PODCASTS

RESOURCES

FEATURED

Calling all cyber companies: SC Awards entry period is open

Get daily email updates

Perspectives

ChatGPT will empower a new generation of threat actors, putting pressure on defenders to keep up

Take the cybersecurity conversation to the board

A venture capitalist’s view of the Silicon Valley Bank failure

Build resilience in a world of weaponized trust

Lesson learned from the US Marshals Service cyber incident: we’re all targets – and the stakes are high

In Brief

NBA confirms data breach

Play ransomware attack impacts Royal Dirkzwager

Nearly 300K impacted by Latitude Financial Services breach

More stolen Minneapolis Public Schools data leaked

Clop GoAnywhere attacks compromise Hitachi Energy

More Resources

How tech clutter complicates DevSecOps

Threat Hunting: Moving beyond reactive intelligence

SSE vs. SASE: What’s the difference?

Threat Hunting: What it is and 5 key challenges

SSE: Drivers and barriers to adoption

FBI arrests alleged BreachForums owner

Black Basta, Killnet, LockBit groups targeting healthcare in force

Companies are moving forward with zero trust, but still report challenges

Publicly traded companies aren’t moving to add cyber experts to their boards

Go-based HinataBot latest botnet to focus on DDoS attacks

SEC proposes slew of new cyber rules to secure financial entities

18 zero-day flaws impact Samsung Android handsets, wearables and telematics

EVENTS

The War on Ransomware: Lives and livelihoods on the line

Practical advice for protecting your digital supply chain: A realistic top 5 list

Reducing risk with user access review automation

IAM: Tales from the cutting edge, for the watch-and-learn crowd

Incident Response: Top tips to restore, repair, revive & recover