Data Breaches

Managed security services provider Open Systems has announced the launch of Ontinue, a new managed detection and response (MDR) division. It has also unveiled a new managed extended detection and response (MXDR) service, Ontinue ION, along with a new add-on service called Managed Vulnerability Mitigation (MVM). Ontinue ION offers advanced capabilities that enable faster detection and response, a deeper understanding of a customer’s environment and the ability to maximize Microsoft security investments for greater efficiency,…

Read More

Security operations provider Expel has announced the general availability of Expel managed detection and response (MDR) for Kubernetes. The firm said the product enables customers to secure their business across their Kubernetes environment and adopt new technologies at scale without being hindered by security concerns. It has also been designed to align with the MITRE ATT&CK framework to help teams remediate threats and improve resilience, Expel added. Kubernetes is an open-source orchestration system that relies…

Read More

A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy. On one hand business leaders struggle to understand information risk (because they usually are from a non-cyber background), while on the other, security practitioners get caught up in too much technical detail which ends up confusing, misinforming, or misleading stakeholders. In an ideal scenario, security practitioners must…

Read More

Threat groups who target operational technology (OT) networks have so far focused their efforts on defeating segmentation layers to reach field controllers such as programmable logic controllers (PLCs) and alter the programs (ladder logic) running on them. However, researchers warn that these controllers should themselves be treated as perimeter devices and flaws in their firmware could enable deep lateral movement through the point-to-point and other non-routable connections they maintain to other low-level devices. To exemplify…

Read More

Israel’s Technion university on Sunday suffered a ransomware attack, which has forced the university to proactively block all communication networks. A new group calling itself DarkBit has claimed responsibility for the attack.   “The Technion is under cyberattack. The scope and nature of the attack are under investigation,” Technion, one of Israel’s top universities, wrote in a Tweet.   Established in 1912, Haifa-based Technion — otherwise known as the Israel Institute of Technology — has become a global pioneer…

Read More

Responses to recent cyber breaches suggest organizations can struggle to get the message right in the midst of an incident. While managing the communications around an incident is outside the direct purview of the CISO, having an existing communications plan in place is an essential element of cyber preparedness. “Communications are a critical component of a good cyber strategy, and it should be prepared and practiced in organizations before an incident occurs,” says Eden Winokur,…

Read More

It’s common for operational technology (OT) teams to connect industrial control systems (ICS) to remote control and monitoring centers via wireless and cellular solutions that sometimes come with vendor-run, cloud-based management interfaces. These connectivity solutions, also referred to as industrial wireless IoT devices, increase the attack surface of OT networks and can provide remote attackers with a shortcut into previously segmented network segments that contain critical controllers. Industrial cybersecurity firm Otorio released a report this…

Read More

Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world’s biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight. Global concern over cybersecurity has never been higher, with attacks coming fast and furious and…

Read More

After the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a recovery script for organizations affected by a massive ransomware attack targeting VMWare ESXi servers worldwide, reports surfaced that the malware evolved in a way that made earlier recovery procedures ineffective. The attacks, aimed at VMware’s ESXi bare metal hypervisor, were first made public February 3 by the French Computer Emergency Response Team (CERT-FR), and target ESXi instances running older versions…

Read More