A new IBM study of data breaches found that if an organization's internal team first detects a breach and the organization has well-practiced incident response plans, that organization will be able to more quickly detect and respond, which will lead to lower breach cleanup costs.
SMBs must deal with heightened digital risk despite having less resources, personnel and intelligence than their larger counterparts, said Qualys CEO Sumedh Thakar. Firms rely on different teams and tools to discover assets, find misconfigurations and vulnerabilities, prioritize them and patch them.
What does generative AI mean for security? In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for security. We also will see an outsized explosion in new attack surfaces. HackerOne can help you prepare your defenses.
The Russian-language Clop crime group's mass exploitation of MOVEit file-transfer software demonstrates how criminals continue to seek fresh ways to maximize their illicit profits with minimal effort. Ransomware response firm Coveware says Clop may clear over $75 million from this campaign.
With both excitement and fear swirling around the opportunities and risks offered by emerging AI, seven technology companies - including Microsoft, Amazon, Google and Meta - have promised the White House they would ensure the development of AI products that are safe, secure and trustworthy.
In the latest weekly update, ISMG editors discuss key takeaways from ISMG's recent Healthcare Summit, how the healthcare sector is embracing generative AI tools, and why Microsoft just decided to give all customers access to expanded logging capabilities.
Organizations went from having little information about their security posture to drowning in so many alerts that no human could possibly understand it all. Broadcom has focused on artificial intelligence for IT operations to help companies identity and remediate the root cause of security alerts.
Security researchers say the Chinese state-sponsored espionage group APT41 is using WyrmSpy and DragonEgg surveillance malware to target Android mobile devices. APT41 recently switched tactics to develop malware specific to the Android operating system.
The proposed $2.45 billion sale of Forcepoint's government security business to TPG will fuel investment and growth for both public sector and commercial customers, CEO Manny Rivelo said. Forcepoint determined that its government practice would benefit from an additional set of investments.
Cybercriminals are leveraging Google's paid advertisement service to push malicious sites on top search results in order to trick victims into downloading info stealers and backdoors. Researchers suspect it could be a workaround for the changes Microsoft made to protect against malicious macros.
Adobe released a fresh out-of-band security update to patch an improperly fixed ColdFusion zero-day vulnerability being actively exploited in the wild that allows attackers to bypass security controls. The update includes fixes for two other critical vulnerabilities.
Kevin Mitnick, the self-described "world's most famous hacker" - thanks in no small part to his being featured on the FBI's Most Wanted list during a two-year manhunt - has died at the age of 59. After serving time in prison, Mitnick went legit, warning others about the dangers of social engineering.
Unnecessary cyber alerts are a threat that can overwhelm defenders, leading to burnout and reduced efficiency within the team. Chris Waynforth, vice president and general manager at Expel, said adopting automation solutions to filter and prioritize alerts allows for more effective incident response.
While self-proclaimed Russian hacktivist groups such as KillNet, Tesla Botnet and Anonymous Russia claim they're wreaking havoc on anti-Moscow targets, a fresh analysis of their attacks finds that despite rampant self-promotion, their real-world cybersecurity impact is typically negligible.
Microsoft customers will gain access to expanded cloud logging capabilities at no additional cost just days after lower-level customers were unable to detect a Chinese cyberattack. CISA has identified several security logs - critical to detect and prevent threat activity - that currently cost extra.