Recent ruling in New Jersey involving the NotPetya attacks indicates that insurers may not be able to use "cyber war" clauses as an excuse to not pay out for remediation of ransomware attacks.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
DeFi platform Qubit finance lost $80 million after hackers leveraged a logical flow to deposit 0 ETH to withdraw 206,809 Binance coins. Platform implored the hackers to return the funds or transform the exploit into a bug bounty.
Organizations that have more mature data governance and information security programs are likely to have some level of integration between these functions already, but many continue to struggle with the idea and often treat them as separate, siloed programs.
The Department of Homeland Security (DHS) has issued a bulletin to law enforcement agencies warning that Russian cyber attacks in the US are possible if Ukraine is invaded.
New national security memorandum from the Biden administration looks to provide the active cyber defenses of the US with a boost. The move brings crucial federal systems in line with the tougher cyber standards applied to civilian systems.
Security researchers at SafeBreach discovered a method to collect millions of stolen user credentials through Google's malware analysis platform, VirusTotal without compromising any organizations.
For nonprofits, it’s important to be aware and be protected from cybersecurity risks. While the core monetary focus of any nonprofit is always to helping those in need, some expense must be made on protecting nonprofits from hacking and cybercrime.
This article discusses why developer-first AppSec is the future and how organizations can evaluate tools that will help them adopt a developer-first approach.
New research by Panther Labs, provider of a cloud-scale security analytics platform, found that 80% of security engineers feel some level of burn out.
Trustwave analyzed dark web chatter on the underground hacking forums and discovered that cybercriminals were anxious after the Russian FSB arrested 14 REvil ransomware gang members.










