7 of the Most Impactful Cybersecurity Incidents of 2021
There was a lot to learn from breaches, vulnerabilities, and attacks this year.
Attack Wipes 25 Years' Worth of Data from Local Electric Co.
A local electric cooperative serving western Colorado's Montrose and Delta counties, says a cyberattack first detected Nov. 7 has disabled billing systems and wiped out 20 to 25 years' worth of historic data.
SolarWinds Attack: One Year Later, Cybersecurity Lessons for Pros
The world of cybersecurity changed for good on Dec. 13, 2020 as a result of the massive cyberattack on SolarWinds.
Bugcrowd Reports Ethical Hackers Prevented $27B in Cybercrime
Over the last year, ethical hackers have prevented more than US$27 billion in cybercrime, according to a report released Tuesday by a leading bug bounty platform.
Most Ethical Hackers Identifying Vulnerabilities They Did Not See Before the Pandemic
New research that found some 80% of ethical hackers have recently identified a vulnerability they had not encountered before the pandemic.
SOC Modernisation: A Digital Labrador for Next-Level Cybersecurity
Modern complexities of rogue devices, remote employees, and multi-cloud environments have brought previously unseen levels of unpredictability to the SOC.
48% of Companies Plan to Migrate Half or More of Their Apps to the Cloud in 2022
A report on cloud adoption found cloud usage among respondents has grown to 90%, while 48% say they plan to migrate half or more of their apps to the cloud in 2022.
Top 5 AWS Misconfigurations That Led to Data Leaks in 2021
Here’s a look at the most disruptive security incidents associated with AWS misconfigurations and how businesses can prevent misconfigurations in the future.
US State Department to Create Dedicated Cyber Office
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts.
Ransomware: Why These Attacks Continue to Cause Cyber Risk
Since taking office in January, the Biden administration has made cybersecurity one of its top priorities.
SolarWinds Attackers Targeting Resellers, Service Providers: Microsoft
The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week.
Right place, right time: machine learning in cyber incident response
Why it’s important to make the most of machine learning when managing cyber-security incidents.
Ransomware's Evolution: 6 Key Trends to Watch
As security teams start to fight back, attackers have only become more sophisticated. Here are six key trends that your security team should be tracking to ensure that your organization remains cyber resilient.
Acer confirms new attack on servers
Acer has confirmed that its servers in Taiwan have also been breached, after hackers themselves shared details about the incident with privacy watchdogs, Privacy Affairs.
30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
Ransom Disclosure Act Would Require Victims to Disclose Ransom Payments Within 48 Hours
A new bill introduced would require ransomware victims to disclose ransom payments within 48 hours of payment — including the amount of ransom demanded and paid the type of currency used for payment of the ransom, and any known information about the entity demanding the ransom.
Successfully Influencing Employee Security Behavior
A new report from Forrester Research indicates organizations should tread carefully between engagement, empathy and punishment because punishment has the tendency to reinforce employees’ negative perceptions and resentment of the security team.
New Twist on DDoS Technique Poses Threat to CSP Networks
No Internet-connected device appears to be safe from potentially being abused by a newly theorized form of distributed denial of service attack.
Illinois Man Ran Business Telling Clients How to Launch Computer Attacks: DOJ
An Illinois man ran a successful computer takedown service until the feds stepped in.
Why AI is a Critical Weapon in the War on Ransomware
In the sprawling IT landscapes of today, artificial intelligence (AI) will play a decisive role in this war against ransomware, giving organizations the best chance to defeat motivated attackers.
What Is the Difference Between Security and Resilience?
Vectra Technical Director to the CTO Office, Tim Wade explains how Resilience shifts the focus toward eliminating the probable impact of the full attack chain.
Use AI to beat the bad guys
Vectra CEO, Hitesh Sheth explains how AI is the greatest ally when it comes to creating a secure future. AI can learn the differences between normal and malicious activity — independently, without requiring human input.
How Superloop Reduced False Positives with Behavioural Threat Detection
The security team at the Australian telco got its network detection response down from four hours down to one hour a day.
Half of On-Prem Databases Contain Security Vulnerabilities
Organizations aren’t maintaining regular patching: With nearly half of all databases globally (46%) containing a vulnerability and the average number of Common Vulnerabilities and Exposures (CVEs) per database standing at 26, it’s clear that businesses are ignoring one of the basic tenets of data security which is to patch and update databases as soon and often as possible.
Executives' Ransomware Concerns are High, Yet Few are Prepared for Attacks
One out of every two on-premises databases globally has at least one vulnerability, finds a new study.