Long at the forefront of protecting sensitive information from cyberattacks, health care organizations had to pivot quickly to ensure as the COVID-19 pandemic imposed new threats on a vulnerable newly remote workforce. And adapt they did, even as bad actors exploited a fragile, fragmented infrastructure suddenly reliant on telehealth visits. The lessons learned from the…
A fresh wave of Zeppelin ransomware attacks discovered in late August went undetected by antivirus defenses as the result of a new trojan downloader and research suggests the attacks might be targeted. The presumably targeted infections were announced in a blog post by Juniper Threat Labs researcher Asher Langton. “This campaign shows an evolution of…
Adobe Tuesday released critical security updates for Adobe InDesign, Framemaker and Experience Manager, addressing multiple vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user, the company warned. “While only a few are marked critical, even less critical vulnerabilities are targeted and exploited to gain access to a system, which…
In a Patch Tuesday to rival June’s security update, Microsoft fixed 129 new software vulnerabilities, including 23 critical flaws, impacting multiple platforms, including the Windows Graphic Device Interfaces (GDI), Microsoft SharePoint and Microsoft Exchange Server. Justin Knapp, Automox product marketing manager, attributed the patch laundry list to a remote workforce not going back to offices en masse…
For such a vibrant, innovative industry, cybersecurity isn’t as diverse and inclusive within the executive ranks as it should be. And some leaders say that reality is to the detriment of the community. Industry luminaries Camille Stewart from Google, Microsoft’s Edna Conway and former NASA technology chief Jerry Davis will draw on their substantial private…
Cybersecurity often – and rightly – has been viewed as a point of friction and a cost center, but more recently organizations are using it to accelerate growth. When considered early on – in everything from design and development through planning and execution – security can help companies lower risk and get applications and services…
Since late June, the platform’s file storage domain – slack-files.com – appeared to pop up with far more regularity on the Phish Alert Button, leading KnowBe4 researchers to surmise that Slack users using the referral URL domain, slack-redir.net, are being duped with malicious payloads, raising concerns. And if an attacker can penetrate an organization and take…
Digital transformation can bring new capabilities. But it can also introduce vulnerabilities, requiring security leaders to redefine the “boundaries of trust,” says the global chief information security officer at Box. Lakshmi Hanpal, who previously worked for SAP, Ariba, PayPal and Bank of America, will address that delicate balance between digital enablement and increased risk during…
Cybersecurity leaders want a reputation overhaul from law enforcer, to social worker. At least that’s the perspective of Geoff Belknap, chief information security officer of LinkedIn, and Frederick “Flee” Lee, chief security officer at Gusto. The two trade notes on the increasingly complicated role of security teams during the Sept. 16 panel, The Resilient Enterprise:…
It often takes a significant event – perhaps a pandemic or a major cyberattack – to test an organization’s cybersecurity chops and provoke its transformation into a security culture that builds resiliency. For Estonia, the journey to transformation and resilience came after one of the most notorious series of devastating cyberattacks executed by Russian operatives…
