January 16, 2021

FIN11 e-crime group shifted to CL0P ransomware and big game hunting

FIN11 has increasingly factored CL0P ransomware into its operations, and its clear they also put a substantial amount of effort into each follow-up compromise.

The post FIN11 e-crime group shifted to CL0P ransomware and big game hunting appeared first on SC Media.

January 15, 2021

Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles

President-elect Joe Biden announced funding to modernize secure IT and lure cyber talent to the public sector as part of his plan to stimulate the economy and rebuild in the wake of the pandemic. But cybersecurity experts remain skeptical that the newfound funding focus on cybersecurity will be enough to draw the necessary talent. Noting…

The post Biden to invest in cyber workforce, but without plan to overcome lingering staffing hurdles appeared first on SC Media.

January 15, 2021

NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks

NSA advises security pros to use designated enterprise DNS resolvers to lock down DoH on corporate networks.

The post NSA urges use of enterprise resolvers to protect DNS traffic on corporate networks appeared first on SC Media.

January 15, 2021

Surge in remotely hosted phish images? Some say it’s business as usual

In Nov. 2020 alone, company blocked 262 million emails containing malicious, remotely hosted images.

The post Surge in remotely hosted phish images? Some say it’s business as usual appeared first on SC Media.

January 15, 2021

Intel unveils ransomware-fighting CPUs

The capability is an easy win for CISOs, which can benefit with limited tweaks to machines.

The post Intel unveils ransomware-fighting CPUs appeared first on SC Media.

January 15, 2021

Cybersecurity Collaborative creates task force to mitigate third-party risk

Recent supply chain attacks prompted cybersecurity professionals, under the auspices of Cybersecurity Collaborative, to stand up a task force focused on minimizing third-party risk. The need for the Third-Party Risk Task Force, which kicked off this week, has been amplified by recent advanced persistent threat attacks that infiltrated corporate and government networks, due to security…

The post Cybersecurity Collaborative creates task force to mitigate third-party risk appeared first on SC Media.

January 15, 2021

With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity?

The number of SolarWinds victims will likely grow in the upcoming months, but direct insured costs should remain close to the current estimate since many of the organizations hit – particularly federal agencies – do not carry insurance against cyber risks.

The post With insured losses estimated at $90 billion, did cyber insurance firms dodge financial calamity? appeared first on SC Media.

January 14, 2021

Early-stage cybersecurity investment flowing, despite pandemic

While most industries saw a significant dip in seed and Series A investments last year, cybersecurity investment remained resilient.

The post Early-stage cybersecurity investment flowing, despite pandemic appeared first on SC Media.

January 14, 2021

CISA says multiple attacks on cloud services bypassed multifactor authentication

Threat actors have used a variety of tactics and techniques—including phishing, brute force login attempts, and possibly a so-called “pass-the-cookie” attack that bypassed multifactor authentication to exploit cloud security weaknesses.

The post CISA says multiple attacks on cloud services bypassed multifactor authentication appeared first on SC Media.