4 ways to keep the cybersecurity conversation going after the crisis has passed
CISO Bill Brown knows how high-profile cybersecurity breaches like SolarWinds can raise alarm bells among executives and board members when they become headline news.
Similar Posts
Scripps Health notifies patients of data breach after ransomware attack
Nonprofit healthcare provider, Scripps Health in San Diego, has disclosed a data breach exposing patient information after suffering a ransomware attack last month. The healthcare provider has five hospitals and 19 outpost facilities with over 3,000 affiliate physicians. Every year, Scripps Health treats more than 700,000 patients. On April 29th, Scripps Health suffered a cyberattack…
Risk in OT and IIoT
Critical Infrastructure Security , Endpoint Security , Governance & Risk Management CEO and CISO Panel Discusses Critical Infrastructure Protection Tom Field (SecurityEditor) • August 6, 2021 OT, IoT, IIoT – each has critical distinctions, and each is increasingly vital to protecting the world’s critical infrastructure from crippling cyberattacks. In a…
What to Know and Commentary
One of the largest disruptions of U.S. critical infrastructure by cyber-attack – the Colonial Pipeline Hack – occurred on Friday and continues to develop. Here’s what you need to know. The Colonial Pipeline company operates a pipeline transporting gasoline, diesel, and natural gas from Texas to New Jersey, serving most of the East Coast. A…
CISA Adds Single-Factor Authentication to the List of Bad Practices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added single-factor authentication to the short list of “exceptionally risky” cybersecurity practices that could expose critical infrastructure as well as government and the private sector entities to devastating cyberattacks. Single-factor authentication is a method of signing in users to websites and remote systems by using…
North Korean .Gov Hackers Back With Fake Pen-Test Company
A North Korean government-backed APT group has been caught using a fake pen-testing company and a range of sock puppet social media accounts in an escalation of a hacking campaign targeting security research professionals. The notorious hacking group, first exposed by Google earlier this year, returned on March 17th with a website for a fake…
CVE-2021-20454 – Alert Detail – Security Database
Executive Summary Informations Name CVE-2021-20454 First vendor Publication 2021-04-21 Vendor Cve Last vendor Modification 2021-04-21 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…