The U.S federal government is advocating for artificial intelligence developers to embrace security as a core requirement, warning that machine learning code is particularly difficult and expensive to fix after deployment. CISA has an ongoing campaign to promote security by design.
The Food and Drug Administration's newly enhanced authority over medical device security - as granted by a funding bill signed into law last year - is "transformative" in raising the bar on what is expected from makers in their product submissions to the agency, said Dr. Suzanne Schwartz of the FDA.
In the ever-evolving landscape of cybersecurity, zero authority is giving defenders a new perspective on security and business enablement, said Jake Seid, general partner at Ballistic Ventures. "Zero authority is an architectural change that affects every area of security," he said.
In encryption-less attacks, ransomware gangs steal large volumes of sensitive data, including terabytes of information, without locking up systems. Attackers leverage the value of the stolen data as a means to coerce organizations into paying ransoms to avert data release.
The cybersecurity industry remains resilient in the face of recession fears, said Alberto Yépez, co-founder and managing director of Forgepoint Capital. Amid economic shifts and technological advancements, the market is adapting to new challenges and opportunities.
Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.
This year's massive exploitation of managed file transfer products such as Fortra's GoAnywhere and Progress Software's MOVEit proves that MFTs are a hacker's paradise. Research by John Dwyer of IBM Security X-Force shows why and also reveals a path toward protecting MFTs in the future.
Large enterprises may have hundreds or thousands of APIs. Concerns over API vulnerabilities have been around for years, but most organizations outside of highly regulated industries such as banking have not taken the steps to understand the threats they face, said Richard Bird, CSO at Traceable.
U.S. intelligence agencies are warning about unnamed foreign intelligence entities targeting the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading U.S. satellite capabilities. They say space-related innovation is a valuable target.
Microsoft identified a new variant of BlackCat ransomware malware that uses an open-source communication framework tool to facilitate lateral movement. BlackCat, also known as Alphv, is a Russian-speaking criminal group suspected of being a successor to DarkSide and BlackMatter.
Threat actors are on a phishing spree targeting users of Zimbra Collaboration email suite, in particular small and medium businesses and government agencies. Security firm Eset on Thursday revealed the ongoing campaign, writing that the hackers behind it have been active since at least April.
The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically to reduce risk exposure.
Browser security and microsegmentation play critical roles in stemming the bleeding from ransomware attacks, as "almost always the attacks come from a point-based browser vector," said Spencer Tall, managing director, AllegisCyber Capital. He shared two approaches to ensure secure browser adoption.
Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category. Leading threat intelligence providers have expanded into adjacent use cases such as brand protection and vulnerability management.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.