Risk Management Archives - Page 7 of 18

The Logistics Supply Chain is Being Targeted by Both Cybercriminals and Nation States

Issued by: Security Week

Attacks against the supply chain have been growing in quantity and gravity for several years, culminating in SolarWinds. Most discussion has focused on the software supply chain, but a new study shows that the physical logistics supply chain is equally subject, and susceptible, to cyberattacks. The Covid-19 pandemic has increased and highlighted the world’s reliance…

Network Security

Targeting Remote Learning: Defending Against Cyberattacks in our Schools

Issued by: Security Week

Schools are a popular target for cyber attackers. This is partly due to the amount of staff, student and general learning information being held on the network, but also because the nature of education means that access to data is often allowed, either for continued research or to review coursework, for a period of time…

Vulnerabilities

Small Kansas Water Utility System Hacking Highlights Risks

Issued by: Security Week

Wyatt Travnichek, 22, was charged last month with remotely accessing the Post Rock Rural Water District’s systems in March 2019, about two months after he quit his job with the utility. He’s accused of shutting down the facility’s cleaning and disinfecting procedures. When he worked for the utility, he would monitor the water plant remotely…

Malware & Threats

Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration

Issued by: Security Week

With the COVID-19 pandemic forcing many organizations to switch to telework, interactive communication platforms such as Discord and Slack saw increased adoption and adversaries didn’t wait long to start abusing these tools. According to Cisco’s Talos researchers, the past year has shown a significant increase in the abuse of such platforms as part of malicious…

Vulnerabilities

After Hack, Officials Draw Attention to Supply Chain Threats

Issued by: Security Week

The National Counterintelligence and Security Center warned Thursday that foreign hackers are increasingly targeting vendors and suppliers that work with the government to compromise their products in an effort to steal intellectual property and carry out espionage. The NCSC said it is working with other agencies, including the Cybersecurity and Infrastructure Security Agency, to raise…

Vulnerabilities

Microsoft Defender Antivirus Now Protects Users Against Ongoing Exchange Attacks

Issued by: Security Week

Microsoft has released patches, detailed guidance, and a one-click mitigation tool to ensure that Exchange Server users are protected against attacks. The tech giant has now taken another step to protect customers who haven’t managed to install the available patches but who have Defender deployed on vulnerable servers. The Exchange vulnerabilities are tracked as CVE-2021-26855,…

Vulnerabilities

F5 Patches Four Critical Bugs in Big-IP Suite

Issued by: Security Week

The BIG-IP software powers a wide range of products, including hardware, modularized software, and virtual appliances, which run on the TMOS architecture and provide customers with modules that support load balancing, firewall, access control, threat protection, and more. On March 10, F5 announced the release of fixes for multiple vulnerabilities in BIG-IP, some of which…

Network Security, Software Security

Industry Reactions to U.S. Water Plant Hack: Feedback Friday

Issued by: Security Week

The attack, which targeted the water supply in Oldsmar, a small city in Florida, was discovered by staff at the plant — they noticed the mouse moving on the screen — and they rushed to take action before any damage was caused. The attackers breached the facility via TeamViewer, which staff had been using to…

Software Security

SecurityWeek to Host Supply Chain Security Summit on March 10, 2021

Issued by: Security Week

In the wake of the SolarWinds mega-hack that continues to unravel, software supply chain security and fragility is again on the front-burner for enterprise security decision makers. The complexity and opaqueness of the software supply chain has led to nation-state compromises and major worries that we’re only seeing the tip of the iceberg. Free to…

Vulnerabilities

SOC analysts overloaded, but role more important than ever

Issued by: Help Net Security

Organizations are spending more to account for widespread security operation center (SOC) challenges including growing security management complexity, increasing analyst salaries, security engineering and management outsourcing costs, yet are still dissatisfied with the outcomes, Ponemon Institute and FireEye reveal. Companies are also boosting investments in new SOC tools like Extended Detection and Response (XDR) and…