Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Inside China's civilian hacker army; outer space threats; and NIST 2.0 Framework secrets for success.
The stream was briefly knocked offline, preventing millions of fans from accessing the game. Poland's head of digital services says "all leads lead to the Russian Federation."
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Rockwell's dire ICS warning; a red alert on biometrics; cybersecurity for the Hajj season.
Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and riddled with exploitable bugs.
VoIP gear, hypervisors, medical equipment, building automation, printers, and more pose broad risk to organizations, with many facing danger from a combo of IT, IoT, and OT all at once. This listicle breaks it down.
The tranche of data, lifted from underprotected GitHub repositories, reportedly includes source code, though the country's paper of record has not yet confirmed the nature of the data accessed.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Proactive playbooks, a US-Kenya partnership, and the trouble with shadow engineering.
Inside the baseball team's strategy for building next-gen security operations through zero trust and initiatives aiming to safeguard team data, fan info, and the iconic Fenway Park — which, by the way, is now a smart stadium.
Ticketmaster parent Live Nation has filed a voluntary SEC data breach notification, while one of its cloud providers, Snowflake, also confirmed targeted cyberactivity against some of its customers.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: fighting cybersecurity burnout; BlackSuit ransomware; the SEC breach rules and risk management.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: DR's podcast on the CISO & the SEC; breaking down CISA's Secure by Design Pledge; Singapore puts cloud providers on notice.
CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.
Exploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild.
Australian businesses and individuals now face government fines and consequences for paying ransoms or interacting with assets owned by LockBitSupp, aka Dmitry Yuryevich Khoroshev.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: a Tech Tip on setting up DMARC, a DNS mystery from Muddling Meerkat, and a cybersecurity checklist for M&A transitions.
The breach was carried out with stolen Citrix credentials for an account that lacked multifactor authentication. Attackers went undetected for days, and Change Healthcare's backup strategy failed.
MOVEit drove a big chunk of the increase, but human vulnerability to social engineering and failure to patch known bugs led to a doubling of breaches since 2023, said Verizon Business.
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.