It’s hard to comprehend living in a world where flawed or buggy code can take down so many critical systems and drain $5 billion in direct losses from Fortune 500 companies. And, it’s true that there’s no easy fix to this kind of problem.
But whether it’s preventing bad software updates or maintaining compliance among constant requirements and changes, organizations can implement several practical measures to improve their cybersecurity hygiene and reduce their risk exposure.
Read more…
Source: TechRadar
Related:
- Gambian Central Bank says ‘don’t panic’ after data hack
November 18, 2022
The Gambia’s Central Bank says there’s no need to panic after a data hack. Sources allege the hackers managed to access the bank’s most sensitive files, but in a statement the Central Bank said no mission-critical systems were compromised, and that normal operations have continued unabated. It did however say one server was affected, which was promptly ...
- Vanuatu: Hackers strand Pacific island government for over a week
November 18, 2022
Vanuatu’s government has been knocked offline for more than 11 days after a suspected cyber-attack on servers in the country. The hack has disabled the websites of the Pacific island’s parliament, police and prime minister’s office. It has also taken down the email system, intranet and online databases of schools, hospitals and other emergency services as well ...
- Smarter, Not Harder: How to Intelligently Prioritize Attack Surface Risk
November 18, 2022
There’s a common saying in cyber security, “you can’t protect what you don’t know,” and this applies perfectly to the attack surface of any given organization. Many organizations have hidden risks throughout their extended IT and security infrastructure. Whether the risk is introduced by organic cloud growth, adoption of IoT devices, or through mergers and acquisitions, ...
- CISA, NSA, and ODNI Release Guidance for Customers on Securing the Software Supply Chain
November 17, 2022
Today, CISA, the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), published the third of a three-part series on securing the software supply chain: Securing Software Supply Chain Series – Recommended Practices Guide for Customers. This publication follows the August 2022 release of guidance for developers and October 2022 ...
- CISA Releases Two Industrial Control Systems Advisories
November 17, 2022
CISA has released two (2) Industrial Control Systems (ICS) advisories on November 17, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-321-01 Red Lion Crimson ICSA-22-321-02 Cradlepoint IBR600 Read more… Source: U.S. Cybersecurity and Infrastructure Security ...
- Token tactics: How to prevent, detect, and respond to cloud token theft
November 16, 2022
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose. By compromising and replaying ...