UK Law Firm Gateley Discloses Data Breach
Gateley, which is listed on the London Stock Exchange (GTLY), said its IT team detected a breach from a “now known external source.” The firm took some systems offline after the intrusion was discovered, but said it quickly restored core systems. Based on the information collected by the company to date, it believes the impact…
Cyber investigations, threat hunting and research: More art than science
While it’s true that threat hunting, incident response, and threat research all have their foundations in science (operating system theory and architecture, computer language and compilation, protocols, hardware and memory architecture, logic, etc.), throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat…
Accellion to Retire File Transfer Service Targeted in Attacks
The 20-year-old service is planned for retirement on April 30, 2021, past which Accellion won’t renew licenses for the software. FTA runs on CentOS 6, an operating system that reached end-of-life on November 30, 2020, a matter that Accellion brought to the attention of FTA customers six months ago. Despite efforts to completely move away…
Web Developer Hub SitePoint Discloses Data Breach
Based in Melbourne, Australia, and established more than two decades ago, SitePoint provides users with access to tutorials and books that can help them learn the basics of web development. Last week, the company started informing users that some data was accessed by a third-party during a cyber-attack that was “recently confirmed.” The culprit, SitePoint…
Data loss prevention strategies for long-term remote teams
Before the recent pandemic, many executives began appreciating the risks and opportunities associated with cybersecurity. A 2019 survey on cybersecurity priorities from Optiv Security found that 96% of CISOs are taking “a more strategic approach to cybersecurity,” and many were even willing to slow business development to account for cybersecurity-related risks. This was great news…
Worldwide SD-WAN market to reach valuation of $53 billion by end of 2030
A software-defined wide area network is a type of computer network that allows the bounding of multiple internet access resources, such as cables, digital subscriber lines (DSL), and cellular or any other IP transport to provide high throughput data channels. WAN solutions improve application performance, reducing costs, increasing agility, and addressing various IT challenges. Enterprises…
A hacker’s predictions on enterprise malware risk
2020 has ended with a stunning display of nation-state cyber capabilities. The Kremlin’s SVR shocked the cybersecurity industry and U.S. government with its intrusions into FireEye and the U.S. Office of the Treasury by way of SolarWinds, revealing only traces of its long-term, sophisticated campaigns. These breaches are reminders that no organization is immune to…
More than half of organizations don’t have an insider risk response plan
Both business and security leaders are allowing massive insider risk problems to fester in the aftermath of the significant shift to remote work in the past year, according to a Code42 report. During that same time, 76% of IT security leaders said that their organizations have experienced one or more data breaches involving the loss…
The Future of Cybersecurity: How to Prepare for a Crisis in 2020 and Beyond
When it comes to the future of cybersecurity, an ounce of prevention is worth far more than a pound of cure. According to the Ponemon Institute and IBM Security’s 2020 Cost of a Data Breach Report, enterprises that designated an incident response (IR) team, developed a cybersecurity incident response plan (CSIRP) and tested their plan…
The CISO’s guide to rapid vendor due diligence
Vendors are at the heart of many companies’ processes and activities, and their numbers are increasing. But the process of onboarding vendors has become complicated because of concerns about cybersecurity. In 2019, nearly half of companies experienced a significant data breach through a third party. To prevent such incidents, security professionals demand that vendors demonstrate…
