Hack the Building 2.0 Hospital - Training New Cybersecurity Talent

This year for the 13th year in a row, the healthcare industry continues to experience the most expensive data breaches worldwide, at an average cost of nearly $11 million – double the cost for the next-highest industry, finance. That’s not surprising; ransomware attacks on hospitals and health systems are constantly in the news. Add to that the cybersecurity talent shortage, which is especially acute (pardon the pun) in the healthcare industry.

Jobs-to-be-Done: See the current state of security and understand what is exposed and how it has evolved over time

New assets, vulnerabilities, and even human errors like server misconfigurations make a continuously updated overview non-negotiable. AppSec and ProdSec teams must take action on newly discovered vulnerabilities and policy breaches quickly and efficiently. Prioritizing which vulnerabilities and risks to remediate first and having this information all in one place will help security teams get the latest insights about their attack surface immediately.

Microsoft Teams Used as Initial Access for DARKGATE Malware

Kroll has observed an uptick in cases of DARKGATE malware being delivered through Microsoft Teams messages. These campaigns have mainly targeted organizations in the transportation and hospitality sectors. This activity has also been reported throughout open-source reporting, sharing a number of key indicators with Kroll observations, such as common filenames, adversary infrastructure and similar domain name conventions to host the initial download.

Make Sure Your Recovery Plan Is Reliable

In my role as an Inside Solutions Architect at 11:11 Systems, my objective is to match 11:11 Systems range of solutions to meet customer’s data protection needs, from simple off-site BaaS to fully managed DRaaS solutions. That objective is easier to achieve when customers come to the table with an effective and reliable recovery plan. So how do you make an effective and reliable recovery plan? Here are a couple of key consideration points when constructing your recovery plan.

8 ways MSSPs gain competitive advantage with the SecOps Cloud Platform

Earlier this year, we introduced the LimaCharlie SecOps Cloud Platform (SCP). The SCP is a unified platform for modern cybersecurity operations. Similar to what the public cloud did for IT, the SCP offers security teams core cybersecurity capabilities and infrastructure: on-demand, pay-per-use, and API-first. In short, the SCP is a new paradigm for cybersecurity. It’s a game-changer for enterprise security teams and cybersecurity solutions builders.

What's IAM? Identity & Access Management Explained

Identity and Access Management (IAM) is the name for any framework of technology, policies and processes that authenticate and authorize a user in order for that user to access and consume an organization’s resources. Managing user identities and granting appropriate user access helps protect your assets. These assets can include digital access to sensitive information, intellectual property, data and application workloads, network access or perimeter access to the physical data center location.

The 443 Podcast - Episode 263 - Q2 2023 Internet Security Report

This week on the podcast, we go through the latest Internet Security Report from the WatchGuard Threat Lab. We'll cover the top malware and network attack trends from Q2 2023 impacting small and mid-market organization globally before ending with defensive tips anyone can take back to their company. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

Opportunists Use 23andMe to Expose Jewish Ashkenazi Descendants Online

23andMe is a personal genome and biotechnology company that provides genetic reports to interested clients. 23andMe employs over 800 employees and operates in California. The company reported $299 million in revenues this year, but the figure will likely drop in the upcoming quarter; opportunists have accessed 23andMe’s systems, resulting in thousands of user records leaking online.

Energy Sector Experiences Three Times More Operational Technology Cybersecurity Incidents Than Any Other Industry

While industries like financial services and healthcare tend to dominate in IT attacks, the tables are turned when looking at Operational Technology (OT) cyber attacks – and the energy sector is the clear “winner.” We spend a lot of time talking about attacks that largely impact IT systems. But OT environments are a growing concern as new targets for cybercriminals.