#ISC2CONGRESS – Lessons Learned from the Baltimore Ransomware Attack

Martin R. Okumu lived through the ransomware attack on the City of Baltimore in 2018, which affected 90% of the municipality’s applications. As the then-director of IT infrastructure for the city, he learned a lot of valuable lessons about defending against and recovering from a ransomware attack. On Tuesday afternoon, he shared those lessons with (ISC)² Security Congress...

Read More

Every month should be Cybersecurity Awareness Month!

While October is famous for National Cybersecurity Awareness Month, and we provide resources and recommendations for our customers, really every month should focus on this business-critical topic. Given the frequency of Ransomware attacks, all industries need to be increasingly vigilant. This includes many aspects of cybersecurity, such as user training, endpoint security, network security, vulnerability management, and detection and response to incidents. Industries such as healthcare and energy and utilities are susceptible and arguably the most...

Read More

(ISC)2 Cybersecurity Workforce Study: Skills Gap Narrows But More Help Is Needed

The global cybersecurity skills gap narrowed over the past year, from 3.1 million to 2.7 million people, and job satisfaction got a substantial boost, according to the newly-published 2021 (ISC)2 Cybersecurity Workforce Study. The narrower skills gap reflects an increase in people joining the field, the study found. “For 2021, our study estimates there are 4.19 million cybersecurity...

Read More

Microsoft to offer cyber security training in community colleges across US

Microsoft has announced that it is going to offer cyber security training to interested students who are studying in community colleges across the United States. To reach its aim, the American tech giant has announced that it is going to invest millions of dollars on nurturing new talent to fill 250,000 jobs lying vacant in various cybersecurity roles. Presently, the Redmond giant has focused on 936 public colleges and 73 independent community colleges operating under the American Association of Community College(AACC) banner in the United States. Plan...

Read More

How Can You Keep Your Personal Information Safe?

A few simple changes to your devices and accounts can help discourage cyber criminals from trying to access your data. Getting started is easy. This short guide presents some quick measures you can take to protect your privacy and keep your personal info safe. Prevent Data Breaches Giants like Facebook and Target have suffered breaches and password leaks, so it’s safe to say data from at least one of your online accounts could have been leaked. If you want to see whether luck was on your side, go to Have I Been Pwned? and enter your email. This...

Read More

Ranzy Locker Ransomware warning issued by FBI

US Federal Bureau of Investigation (FBI) has issued an alert that a new ransomware dubbed as Ranzy Locker is on the prowl in the wild and has so far attained success in victimizing over 30 companies operating in America. Confirming the same, the Cybersecurity and Infrastructure Security Agency (CISA) issued a warning that Ranzy Locker Ransomware has the potential to target its victims through brute force attacks launched on Remote Desktop Protocol (RDP). As usual, the said malware gang is reportedly spreading its wings by exploiting the vulnerability...

Read More

Ransomware attack on National Rifle Association of America

National Rifle Association, shortly referred as NRA, was reportedly hit by a ransomware attack stealing data and leaking it on the dark web. The details of the ransomware gang that breached the gun rights advocacy group’s network are yet to be out. However, sources reporting to our Cybersecurity Insiders have revealed that Grief gang linked to Evil Corp funded by the Russian intelligence could be behind the attack and are reportedly demanding millions to free the database from encryption. NRA mentioned in one of its recent tweets that it has taken...

Read More

New! Improvements to Your (ISC)² Cybersecurity Online Continuing Education

Growing your knowledge and earning continuing professional education (CPE) credits has never been easier. The education platform (ISC)² Learn has been fully revised to provide an updated and improved user experience. This refresh includes an improved navigation process with easier access to your courses and support. When you sign in to your (ISC)² member account, visit My...

Read More

Spok Sets Date to Report Third Quarter 2021 Results

ALEXANDRIA, Va.–(BUSINESS WIRE)–Spok Holdings, Inc. (NASDAQ: SPOK), a global leader in healthcare communications, today announced it will report operating results for the third quarter 2021 ended September 30, 2021, on Wednesday, November 3, 2021, after market close, at approximately 4:30 pm Eastern Time (ET). In addition, the Company will not be hosting a conference call...

Read More

6 Business functions that will benefit from cybersecurity automation

This blog was written by an independent guest blogger. Enterprises and small businesses alike are facing challenges that impact their ability to maintain adequate cybersecurity. Budget constraints and limited staff are just a couple of reasons why businesses have become more susceptible to cyberattacks. Hackers are becoming smarter, and the tools that teams deploy are growing in number, leading to fragmentation and increased vulnerabilities.  According to the IBM data breach report, the average cost of a data breach has reached $4.24 million...

Read More

Developer-First Application Security Platform Tromzo Nabs $3.1 Million From Leading CISOs

Innovation Endeavors and more than 25 CISOs including Robinhood’s Caleb Sima, SimpliSafe’s Adam Glick (SimpliSafe) and ICE/NYSE’s Steve Pugh have invested $3.1 million in Tromzo, a new developer-first application security management platform that launched this week with a mission to support application security teams who the company says are overwhelmed, frustrated, and struggling...

Read More

What is GLBA Compliance related to Data Security

According to the Gramm Leach Bliley Act (GLBA) of 1999, all financial institutions and those in lending stream should follow certain rules that help protect customer’s sensitive data. At the same time, they should maintain transparency while sharing information with other institutions and should evaluate their data security & protection practices from time to time to avoid any cyber incidents such as data breach and malware attacks. Interestingly, the law also applies to all third parties and affiliates linked to the financial institutions...

Read More

Over two-thirds of workers are at risk of a cyber security attack

A recent study by telecommunications provider, TextAnywhere, looked into the screen habits of 1,000 employees in the UK and revealed that over two-thirds (67.4%) are using their mobiles for work, imposing a serious threat to business security.  Businesses need to ensure they work hard to educate their employees around safe practices when accessing platforms via mobile. Third-party applications and unsecured WIFI can be easy gateways for cybercriminals to access sensitive information via business emails or chat messages. According to Carbon...

Read More

New certification in Network Defense, Ethical Hacking and Digital Forensics

EC Council, that can smartly abbreviated as the International Council of Electronic Commerce Consultants, has started a new certification program that offers MOOC certification series. Mooc stands for massive open online course, a training program that offers essential certifications in cybersecurity that includes courses related to network defense, ethical hacking and digital forensics. It will be a virtual education series, where students need to attend video lectures, lab tutorials and syllabi related security eCourseware and related to the...

Read More

Ransomware news trending on Google

First is the news related to a ransomware attack on a Candy maker that trade experts say could lead to chocolate scarcity when it is most needed by/for kids. And with only few days left for events such as Trick and Treat and Halloween night, Candy maker Brachs is making all arrangements that the malware attack doesn’t affect its production as the peak of the Christmas 2021 season on its way. Brachs spokesperson released a media update admitting the ransomware attack that took place on October 9th of this year, affecting the production severely...

Read More

What is 5G shared responsibility and how would it work?

5G is fundamentally different from anything we’ve ever seen. By 2023, the new technology is predicted to host 25 billion device connections, jumping to 75 billion by 2025. That’s more than 9 devices per person on earth.  5G offers more than just the ability to see videos faster. Compared to 4G, it offers a higher transmission speed, lower latency and increased bandwidth.  Large-scale implementation of 5G technology will present enormous opportunities for industries. For enterprises and subscribers, 5G will...

Read More

Security does not end with Implementing Controls

In cybersecurity, threat actors are relentless. To keep systems safe, we need a process of controls to oversee the entire chronology of a potential attack scenario – protection before an attack happens, effective mitigation and correction during an attack, and recovery afterwards. The tools of defense are vital, but not enough. Organizations need to decide how to deploy these...

Read More

Code similarity analysis with r2diaphora

Executive summary Binary diffing, a technique for comparing binaries, can be a powerful tool to facilitate malware analysis and perform malware family attribution. This blog post describes how AT&T Alien Labs is leveraging binary diffing and code analysis to reduce reverse-engineering time and generate threat intelligence. Using binary diffing for analysis is particularly...

Read More