$400 Million in Crypto Currency Stolen This Week in Two Major Hacks
A brief overview of the most notable cyber events of the last week.
Biggest Cyber Threats in Healthcare (Updated for 2022)
The combination of poor cybersecurity practices, sensitive data storage, and a desperation to preserve business continuity at all costs, makes the healthcare industry a prime target for cybercriminals - an inevitability that was further exacerbated by the pandemic. To support the relevance of healthcare cybersecurity programs within the current cyberattack climate, the 4 biggest cybersecurity challenges in the healthcare industry are listed below.
5 ways to protect critical healthcare infrastructure from cyberattacks
Picture this. You’re an administrator in charge of providing basic amenities and day-to-day needs across 1,000 beds in an urban multispecialty hospital. One fine morning, you notice that all the patients’ bedside monitoring systems (the computer-like devices that display patient vitals like heartbeat and blood pressure) have stopped functioning, leaving doctors and nurses in the dark.
Channeling Regulatory Requirements into Practical Cyber Risk Assessments
Does the saying "compliance does not equal security" paint a holistic picture? Sure, the concept is genuine; meeting a single compliance standard will not directly improve security posture. However, after working with hundreds of organizations, we have learned there are key considerations that can help maximize the value and urgency of compliance requirements by channeling such efforts into more practical risk assessments.
CISO Insider - S3E2 - Driving diversity in infosec with Lisa Hall
PagerDuty Head of Information Security Lisa Hall joins us on CISO Insider for an in-depth discussion on what diversity in the infosec industry really looks like — not just hiring to meet DEI quotas, but fostering differences to build strengths across the board. Diversity in thought and background among her staff is a success factor for Lisa’s team, and it leads to greater diversity in the work they do at PagerDuty.
NewEdge, You've Come a Long Way Baby
Just over three years ago, Joe DePalo joined Netskope as Senior Vice President of Platform Engineering. He had most recently led the infrastructure design and build-out at AWS, the world’s largest public cloud, and prior to that, engineering and operations for one of the largest content delivery networks (CDNs) at Limelight Networks.
Cloud Threats Memo: New Malicious Campaign Using GitHub for Command and Control
State-sponsored threat actors continue to exploit legitimate cloud services. In their latest campaign, uncovered by Malwarebytes during January 2022, the North Korean group Lazarus (AKA HIDDEN COBRA) has been carrying out spear phishing attacks, delivering a malicious document masquerading as a job opportunity from Lockheed Martin (37% of malware is now delivered via Office documents).
Log4Shell Live Hack: A Hands-on, Actionable Fix Guide
In this live hack webinar on the Log4Shell exploit we give a brief overview of the vulnerability and dive right into some examples of the exploit in action. We then show several real-world remediation approaches as well as other fixes outside of code. We feature a final round of fun demos, including container and IaC hacks and Java-based game hacks. We wrap up with a great list of takeaway resources and answer your questions.
Top 10 Uses of Website Vulnerability Scanner Tools
The average cost of data breaches in 2021 was USD 4.24 million, the highest figure in at least 17 years. So, proactive, accurate, and effective identification of security vulnerabilities is non-negotiable and offers a solid basis for adequate security. By proactively identifying these vulnerabilities, weaknesses, and flaws in the application, website vulnerability scanner tools bring accuracy and efficiency in web application security.
Government gets serious: deadlines for Zero Trust Architectures
Since the 1990s, the federal government has been issuing guidelines and recommendations for security via their 800-Series Special Publications. While some of those guidelines became mandates, things have largely inched forward, instead of making any dramatic leaps. OMB’s new memorandum M-22-09, “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles,” is changing this pattern, and setting deadlines for implementation across the government.