CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.
The White House is preparing executive branch agencies to adopt "zero trust" network architectures by 2024, with CISA and the OMB overseeing the creation of technology road maps that departments must follow. This is a major component of President Biden's cybersecurity executive order.
Healthcare organizations need to take several critical steps to help mitigate the risk of ransomware attacks, including implementing EDR software and regularly testing the integrity of their backups, says Mitch Parker, CISO of Indiana University Health.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
The threat of ransomware and other credential theft attacks has only grown over the last year. According to the Verizon Data Breach Incident Report, credential theft accounted for 89% of web application breaches, and phishing attacks increased by 44% across 2020. The recent attack against the Colonial Pipeline company...
More than ever before, there’s a much larger reliance on conducting our business and personal lives digitally. Consumers and businesses embracing digital-only services, product delivery and work has resulted in increased fraud and identity theft.
As bad actors continue to expose weaknesses in new digital...
Everywhere you look, “passwordless” is the hot topic in cybersecurity and every enterprise’s ultimate security goal.
…but what does it really mean? You might hear a lot about the journey to passwordless, but this guide will dive into why it is so important and how to get there in the most simple way.
Failure to take basic security steps - such as avoiding using end-of-life software and default passwords - can create serious national security risks, CISA stresses. The agency is in the early stages of developing a catalog of "bad practices" that should be avoided.
The White House has written to business leaders, urging them to prioritize having robust ransomware defenses in place. The move comes as the Biden administration pursues multiple strategies to combat ransomware and digital extortion, including ordering a new task force to coordinate all federal investigations.
Threat actors are focusing a lot on Active Directory today as it is a path for them to reach an organisations key data & applications. The versatility of Active Directory makes it a crucial target for hackers. Organisations learn new ways on how to protect this valuable target and mitigate the risks. Organisations...
The world's largest meat supplier, JBS, says an "organized cybersecurity attack" has led it to shut down servers in North America and Australia. Experts say a prolonged outage could have a noticeable impact on the global supply of meat. The company has yet to disclose if the attack involved ransomware.
The past year has been a milestone one for RSA and for RSA Conference alike. In this exclusive interview, RSA Group CEO Rohit Ghai discusses the changes, the state of secure identity and the role XDR will play in shaping cybersecurity's future.
By issuing a sweeping cybersecurity executive order on Wednesday, the Biden administration is attempting to take a critical step to address security issues that have come to light after recent cyberattacks. Here's an analysis of the order's key elements.
The FBI has shared 4.3 million email addresses stolen by the Emotet malware with the Have I Been Pwned breach notification site. The entry of those addresses into the site increases the chance that those infected with Emotet can take remediation actions, such as changing passwords.
Read the Solution Brief to learn how Fortinet solutions including email security, SaaS application security, malware protection, and identity and access management products—all part of the Fortinet Security Fabric—provide comprehensive protection for organizations using Microsoft 365.