5 minutes with Deborah Golden – Establishing trust in the digital identity ecosystem
Deborah Golden, Deloitte Risk & Financial Advisory’s U.S. Cyber and Strategic Risk leader, shares insights on the most significant barriers to widespread digital identity adoption and the need to face them head-on as we embrace a more digital world.
How hackers used ransomware to undermine healthcare everywhere
As COVID-19 ravaged hospitals’ patient care units last year, opportunistic criminals saw an opportunity to pluck low-hanging fruit: Hacking groups decided to breach and ransom healthcare institutions during a time of global crisis.
BlackMatter and Haron ransomware groups emerge after DarkSide and REvil disappear
Two new ransomware groups – BlackMatter and Haron – have emerged this July 2021, soon after the sudden disappearance of top-tier ransomware threat actors DarkSide and REvil.
US, UK and Australia issue joint cybersecurity advisory on top targeted vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S, Federal Bureau of Investigation (FBI), have co-authored a new advisory which provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—routinely exploited by malicious cyber
76% of companies impacted by it vulnerabilities in the last year
In a survey of enterprise IT security executives conducted by Vulcan Cyber, 76% of respondents indicated that a security vulnerability had impacted their business in the last year.
5 minutes with Joey Johnson – Safeguarding sensitive healthcare data from cybercriminals
Security spoke to Joey Johnson, Chief Information Security Officer of Premise Health, a direct healthcare provider, about how healthcare security leaders can keep up with rising cybersecurity threats.
The big takeaway from the Kaseya supply chain/ransomware cyberattack
While the Kaseya, SolarWinds and other cyberattacks and global disruptors may appear dissimilar, having wildly varying causes and impacts, there is strategic value in considering them – and the supply chains they spread across – as a collective. Together, they represent a rapid learning opportunity for both adversaries and defenders – an open-source global weapons development program.
The beginning of a beautiful friendship: How the insurance industry can partner with IT to create true digital transformation
IT executives and senior leaders are key drivers of success. For an organization to quickly realize a tech vision and reap the benefits of digitization, leaders must have cutting-edge technical knowledge, a shared vision for change and, most critically, a people-focused approach that empowers the organization now and in the future.
New bugs could let attackers hijack Zimbra server
SonarSource cybersecurity researchers have discovered multiple security vulnerabilities in Zimbra – email collaboration software used by global enterprises – that could be potentially exploited to compromise email accounts by sending a malicious message and even achieve a full takeover of the mail server when hosted on a cloud infrastructure.
Ross Hosman joins Drata as CISO
Ross Hosman is taking over at Drata as Chief Information Security Officer (CISO) and will lead and grow the company’s security program.
API attack traffic has grown at triple the rate of overall API traffic
Salt Security released the Salt Labs State of API Security Report, Q3 2021, revealing significant challenges in addressing API security, with all customers experiencing API attacks, security topping the list of API program concerns, and very few respondents feeling confident they can identify and stop API attacks.
Apple patches zero-day vulnerability in iOS, iPadOS and macOS
Apple has released security updates to address zero-day vulnerability exploited in the wild, impacting iPhones, iPads, and Macs. The vulnerability, tracked as CVE-2021-30807, is a memory corruption issue in the IOMobileFramebuffer kernel extension reported by an anonymous researcher, BleepingComputer reports.
Google launches bug hunters community
To celebrate the anniversary of its Vulnerability Reward Program and ensure the next 10 years are just as successful and collaborative, Google
For the latest cybersecurity news and information, please check the blog sidebar and twitter posts. Thanks for joining us today.