Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Our diverse global Snykers are united by our core values. In addition to building a strong business, we also collectively lead with passion and empathy for each other, our customers, the communities where we live and work, and our planet as a whole. To paraphrase Dr. King, we believe that a threat to freedom or justice anywhere threatens these innate rights everywhere. Today, as the Ukrainian people are being affected directly, we are all affected indirectly.

In this episode of the Trustwave CISO Bytes Podcast, host David Bishop, Chief Information Security Officer at Trustwave, sits down with Kory Daniels, Global Director, Cyber Defense Consulting at Trustwave, to discuss the Russia and Ukraine crisis, its impact on cybersecurity, and how organizations in operational technology, critical infrastructure and beyond can harden their cyber defenses against nation-state threats.

This blog was jointly written with Santiago Cortes.

Our previous blog post on authentication security covered six most common authentication vulnerabilities. In this post, we will discuss a few best practices that help avoid authentication vulnerabilities and defeat specific attack vectors. Below are the six best practices to secure the authentication process.

Data breaches are increasing in frequency and severity. Following a data breach, most companies have protocols in place to contain the breach, assess the damage, and tighten their security to ensure the incident is not repeated. While this is a standard process for organizations to go through, would you be surprised to learn that cybercriminals do the exact same thing when their underground forums are revealed or exploited?

Almost a year since the Colonial Pipeline ransomware attack on critical infrastructure occurred, the question still looms large: not whether such an incident could happen again, but when?

-On February 23, 2022, multiple security vendors with a business presence in Ukraine identified a new wiper malware primarily impacting Ukrainian organizations in at least the aviation, defense, financial, and IT services industries. In at least one intrusion, Symantec observed the wiper malware impact devices in Lithuania. -Researchers identified HermeticWiper shortly after a DDoS attack targeted Ukrainian websites earlier that day.

Supply chain attacks tripled in 2021, meaning a secure software development lifecycle is more important than ever. Do you know what open source software (OSS) components are in use within your organisation? Or how to find out?

The increasing prevalence of data breaches was discussed often in 2021 as enterprises such as LinkedIn, Colonial Pipeline, and Volkswagen were breached, exposing massive volumes of personal information and causing damage worth millions of dollars.

The healthcare industry suffers some of the highest volumes of cyberattacks and there are whispers of a lot more to come. Combine this trend with breach damage costs surpassing all other industries and you get the thunderous warning of a devastating cyberattack storm approaching the sector. To help healthcare entities strengthen their cyber resilience, we’ve compiled a list of some of the biggest data breaches in the healthcare industry, ordered by degree of impact.