Incident Response

What is cybersecurity mesh architecture (CSMA)?

CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, framework, Gutsy, Hot stuff, Incident Response, News, opinion, Threat Intelligence /

What is cybersecurity mesh architecture (CSMA)? 2024-05-03 at 07:01 By Help Net Security Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security architecture that is composable and scalable with easily extensible interfaces, a common data schema and well-defined interfaces […]

React to this headline:

Loading spinner

What is cybersecurity mesh architecture (CSMA)? Read More »

Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says

Change Healthcare, Incident Response /

Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says 2024-05-02 at 04:31 By Associated Press UnitedHealth CEO Andrew Witty said in a U.S. Senate hearing that his company is still trying to understand why the server did not have the additional protection. The post Change Healthcare Cyberattack Was Due to

React to this headline:

Loading spinner

Change Healthcare Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO says Read More »

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike

Featured, Incident Response, Ransomware, United Healthcare /

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike 2024-05-01 at 06:01 By Ionut Arghire UnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024. The post UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before

React to this headline:

Loading spinner

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike Read More »

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls

exploited, Incident Response, Palo Alto Networks /

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls 2024-04-25 at 17:16 By Eduard Kovacs Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400. The post Palo Alto Networks Shares Remediation Advice for Hacked Firewalls appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Palo Alto Networks Shares Remediation Advice for Hacked Firewalls Read More »

Tines Bags $50 Million Funding for Security Workflow Automation

automation, Funding/M&A, Incident Response, low-code/no-code, SOAR, Tines /

Tines Bags $50 Million Funding for Security Workflow Automation 2024-04-24 at 17:17 By Ryan Naraine Irish startup Tines raises $50 million in new venture capital funding as investors make big bets on automation and orchestration startups. The post Tines Bags $50 Million Funding for Security Workflow Automation appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Tines Bags $50 Million Funding for Security Workflow Automation Read More »

UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack

data breach, Data Breaches, healthcare, Incident Response, Ransomware /

UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack 2024-04-23 at 17:16 By Ionut Arghire UnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion. The post UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack Read More »

MITRE breached by nation-state threat actor via Ivanti zero-days

data breach, Don't miss, Hot stuff, Incident Response, Ivanti, Mandiant, MITRE, News, Volexity /

MITRE breached by nation-state threat actor via Ivanti zero-days 2024-04-22 at 15:16 By Zeljka Zorz MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti’s Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network’s VMware infrastructure, MITRE confirmed late last week. What is

React to this headline:

Loading spinner

MITRE breached by nation-state threat actor via Ivanti zero-days Read More »

BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems

BreachRx, CISO Strategy, Funding/M&A, Incident Response, seed-stage, SYN Ventures /

BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems 2024-04-19 at 20:46 By Ryan Naraine Investors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability. The post BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems Read More »

Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs

2FA, Cisco, data breach, Data Breaches, Incident Response, MFA /

Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs 2024-04-15 at 22:31 By Ryan Naraine Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks. The post Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs appeared first on

React to this headline:

Loading spinner

Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs Read More »

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

CISA, Data Breaches, Featured, Incident Response, Microsoft, Midnight Blizzard, Nation-State, Nobelium, Russia /

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft 2024-04-11 at 23:46 By Ryan Naraine The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.” The post US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

React to this headline:

Loading spinner

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft Read More »

Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack

cloud security, Data Breaches, Featured, Incident Response /

Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack 2024-04-03 at 16:16 By Associated Press Cyber Safety Review Board, said “a cascade of errors” by Microsoft let state-backed Chinese cyber operators break into email accounts of senior U.S. officials. The post Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity

React to this headline:

Loading spinner

Scathing Federal Report Rips Microsoft for Shoddy Security, Insincerity in Response to Chinese Hack Read More »

How to design and deliver an effective cybersecurity exercise

cyberattacks, cybersecurity, digital transformation, Don't miss, Expert analysis, Expert corner, Hot stuff, Incident Response, Information Security Forum, News, opinion, penetration testing, red team /

How to design and deliver an effective cybersecurity exercise 2024-04-01 at 07:04 By Help Net Security Armed forces have always utilized war-gaming exercises for battlefield training to prepare for times of conflict. With today’s digital transformation, the same concept is being applied in the form of cybersecurity exercises – tests and simulations based on plausible

React to this headline:

Loading spinner

How to design and deliver an effective cybersecurity exercise Read More »

Details and Lessons Learned From the Ransomware Attack on the British Library

Incident Response, Ransomware /

Details and Lessons Learned From the Ransomware Attack on the British Library 2024-03-28 at 12:01 By Kevin Townsend Although the attack on the national library of the UK occurred five months ago, the Library’s infrastructure won’t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin. The post Details

React to this headline:

Loading spinner

Details and Lessons Learned From the Ransomware Attack on the British Library Read More »

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response

Incident Response, OODA Loop /

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response 2024-03-25 at 21:05 By Etay Maor The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting. The post The OODA Loop: The Military Model That Speeds Up

React to this headline:

Loading spinner

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response Read More »

UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack

Incident Response, Ransomware, United Healthcare /

UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack 2024-03-19 at 06:06 By Associated Press UnitedHealth is testing the last major system it must restore from last month’s Change Healthcare cyberattack, but it has no date yet for finishing the recovery. The post UnitedHealth Says It Has Made Progress on Recovering From Massive

React to this headline:

Loading spinner

UnitedHealth Says It Has Made Progress on Recovering From Massive Cyberattack Read More »

How teams can improve incident recovery time to minimize damages

automation, communication, cyberattacks, cybersecurity, disaster recovery, Don't miss, Hot stuff, Incident Response, ShadowHQ, Video /

How teams can improve incident recovery time to minimize damages 2024-03-14 at 06:30 By Help Net Security With breach recovery costs skyrocketing, speeding time to recovery to minimize downtime and losses should be top of mind for security leaders. Yet, most focus on adding more prevention and detection tools. In this Help Net Security video,

React to this headline:

Loading spinner

How teams can improve incident recovery time to minimize damages Read More »

The most concerning risks for 2024 and beyond

Artificial Intelligence, attacks, burnout, cloud security, Compliance, cybersecurity, Don't miss, generative AI, Hot stuff, Incident Response, Ransomware, risk, Tanium, Video /

The most concerning risks for 2024 and beyond 2024-03-13 at 07:13 By Help Net Security In this Help Net Security video, Melissa Bischoping, Director, Endpoint Security Research at Tanium, discusses the most concerning risks for 2024 and beyond, from both an internal and external perspective. The post The most concerning risks for 2024 and beyond

React to this headline:

Loading spinner

The most concerning risks for 2024 and beyond Read More »

CISA’s OT Attack Response Team Understaffed: GAO

CISA, cyber workforce, Government, ICS, Incident Response /

CISA’s OT Attack Response Team Understaffed: GAO 2024-03-12 at 15:46 By Eduard Kovacs GAO study finds that CISA does not have enough staff to respond to significant OT attacks in multiple locations at the same time. The post CISA’s OT Attack Response Team Understaffed: GAO appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

CISA’s OT Attack Response Team Understaffed: GAO Read More »

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails

APT, Incident Response, Malware & Threats, Microsoft, Midnight Blizzard, Nation-State, SolarWinds /

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails 2024-03-08 at 21:34 By Ryan Naraine Microsoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails. The post Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive

React to this headline:

Loading spinner

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails Read More »

Anatomy of a BlackCat Attack Through the Eyes of Incident Response

blackcat, cybercrime, data extortion, Incident Response, Netscan, Ransomware /

Anatomy of a BlackCat Attack Through the Eyes of Incident Response 2024-03-06 at 17:36 By Kevin Townsend Incident response experts at Sygnia provide a detailed blow-by-blow of a BlackCat ransomware attack and share tips for survival. The post Anatomy of a BlackCat Attack Through the Eyes of Incident Response appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Anatomy of a BlackCat Attack Through the Eyes of Incident Response Read More »

Scroll to Top