It’s hard to comprehend living in a world where flawed or buggy code can take down so many critical systems and drain $5 billion in direct losses from Fortune 500 companies. And, it’s true that there’s no easy fix to this kind of problem.
But whether it’s preventing bad software updates or maintaining compliance among constant requirements and changes, organizations can implement several practical measures to improve their cybersecurity hygiene and reduce their risk exposure.
Read more…
Source: TechRadar
Related:
- CISA Releases Guidance on Switching to Modern Auth in Exchange Online before October 1
June 28, 2022
CISA has released guidance on switching from Basic Authentication (“Basic Auth”) in Microsoft Exchange Online to Modern Authentication (“Modern Auth”) before Microsoft begins permanently disabling Basic Auth on October 1, 2022. Basic Auth is a legacy authentication method that does not support multifactor authentication (MFA), which is a requirement for Federal Civilian Executive Branch (FCEB) ...
- Cyberattack forces Iran steel company to halt production
June 27, 2022
One of Iran’s major steel companies said Monday it was forced to halt production after being hit by a cyberattack, apparently marking one of the biggest such assaults on the country’s strategic industrial sector in recent memory. The Iranian government did not acknowledge the disruption or blame any specific group for the assault on the state-owned ...
- CISA Releases Security Advisories Related to OT:ICEFALL (Insecure by Design) Report
June 22, 2022
CISA is aware that Forescout researchers have released OT:ICEFALL, a report on 56 vulnerabilities caused by insecure-by-design practices in operational technology across multiple vendors. The vulnerabilities are divided into four main categories: insecure engineering protocols, weak cryptography or broken authentication schemes, insecure firmware updates and remote code execution via native functionality. CISA has released six corresponding ...
- Keeping PowerShell: Security Measures to Use and Embrace
June 22, 2022
Cybersecurity authorities from the United States, New Zealand, and the United Kingdom recommend proper configuration and monitoring of PowerShell, as opposed to removing or disabling PowerShell entirely. This will provide benefits from the security capabilities PowerShell can enable while reducing the likelihood of malicious actors using it undetected after gaining access into victim networks. The ...
- Yodel blames cyber incident for disruption and parcel-tracking problems
June 22, 2022
Delivery company Yodel is experiencing service delays because of what it describes as a “cyber incident” affecting customer services and parcel tracking. “Yodel has experienced a cyber incident that has caused some disruption. We are servicing customers but tracking is currently impacted,” a Yodel spokesperson told ZDNet. “As soon as we detected the incident, we launched an ...
- A tiny botnet launched the largest DDoS attack on record
June 15, 2022
Web performance firm Cloudflare says it mitigated a record-breaking distributed denial of service (DDoS) attack last week that peaked at 26 million request per second (rps). It was caused by a small but powerful botnet of just 5,067 devices. This attack didn’t originate from compromised low-bandwidth Internet of Things devices like many other DDoS or junk ...