Clicky

SC Media

SC Media SC Media arms information security professionals with the in-depth, unbiased business and technical information they need. The official page for all things IT security.

Operating as usual

In addition to testing for accuracy and equity, the General Services Administration study will also look at how differen...
04/28/2022
GSA tees up equity study to explore potential of facial recognition for Login.gov

In addition to testing for accuracy and equity, the General Services Administration study will also look at how different vendor products perform and match up to NIST standards when it comes to the non-biometric aspects of identity assurance. #cybersecurity #infosec

In addition to testing for accuracy and equity, the GSA study will also look at how different vendor products perform and match up to NIST standards when it comes to the non-biometric aspects of identity assurance.

New report from ChannelE2E says much of the spending growth in the government market was driven by the American Rescue P...
04/27/2022
Government sector relies on MSPs for IT and security services

New report from ChannelE2E says much of the spending growth in the government market was driven by the American Rescue Plan Act of March 2021. #cybersecurity #infosec #MSPs

New report from ChannelE2E says much of the spending growth in the government market was driven by the American Rescue Plan Act of March 2021.

Proofpoint researchers say the Emotet botnet's use of low volume attacks via Microsoft OneDrive URLs may be the first ro...
04/27/2022
Is Emotet trojan testing new email attack tactics using OneDrive URLs?

Proofpoint researchers say the Emotet botnet's use of low volume attacks via Microsoft OneDrive URLs may be the first round of larger campaigns to come. #cybersecurity #infosec

Proofpoint researchers say the Emotet botnet's use of low volume attacks via Microsoft OneDrive URLs may be the first round of larger campaigns to come.

Two-thirds of financial service institutions experienced attacks targeting their “market strategies ... [in a way that] ...
04/27/2022
Cyberattacks on financial firms are more damaging, target sensitive data

Two-thirds of financial service institutions experienced attacks targeting their “market strategies ... [in a way that] aligns with economic espionage, according to a new report from VMware. #cybersecurity #infosec #fintech

Two-thirds of financial service institutions experienced attacks targeting their “market strategies ... [in a way that] aligns with economic espionage, according to a new report.

Six officers from Russia's intelligence unit known as Sandworm are wanted for 2017 wiper malware attack that escaped Ukr...
04/27/2022
US offers $10 million for information on Russians involved in NotPetya attacks

Six officers from Russia's intelligence unit known as Sandworm are wanted for 2017 wiper malware attack that escaped Ukraine and damaged networks globally. #cybersecurity #infosec

Six officers from Russia's intelligence unit known as Sandworm are wanted for 2017 wiper malware attack that escaped Ukraine and damaged networks globally.

Two separate healthcare sector resources from HEALTH-ISAC and HSCC aim to support CISOs with communicating medical devic...
04/27/2022
Groups target communications, pharma risks with new healthcare resources

Two separate healthcare sector resources from HEALTH-ISAC and HSCC aim to support CISOs with communicating medical device vulnerabilities and understanding pharma supply chain risks. #cybersecurity #infosec #healthIT

Two separate healthcare sector resources from Health-ISAC and HSCC aim to support CISOs with communicating medical device vulnerabilities and understanding pharma supply chain risks.

Leading managed service providers (MSPs) to work closely with the health care sector to meet the security requirements i...
04/27/2022
MSPs say healthcare providers must give more urgency to cybersecurity

Leading managed service providers (MSPs) to work closely with the health care sector to meet the security requirements in HIPAA and Hitrust. #cybersecurity #infosec #MSPs

Leading managed service providers (MSPs) work closely with the healthcare sector to meet the security requirements in HIPAA and Hitrust.

A follow-up notice from Smile Brands about its 2021 ransomware attack and that initially reported 199,683 patients being...
04/26/2022
Breach update shows 2.6M individuals affected by Smile Brands data theft

A follow-up notice from Smile Brands about its 2021 ransomware attack and that initially reported 199,683 patients being affected leads this week’s healthcare data breach roundup. #cybersecurity #infosec #ransomware #healthIT

A follow-up notice from Smile Brands about its 2021 ransomware attack and that initially reported 199,683 patients being affected leads this week’s healthcare data breach roundup.

One of the primary tensions within efforts by the U.S. Department of Defense (DoD)  to raise the cybersecurity bar for i...
04/26/2022
Should government help manage cybersecurity for small businesses?

One of the primary tensions within efforts by the U.S. Department of Defense (DoD) to raise the cybersecurity bar for its defense contractors is doing it in way that doesn’t further erode the military’s base of small business innovators. And yet, the current bottom up approach by most hackers makes small businesses a primary threat to federal security efforts. https://www.scmagazine.com/analysis/compliance/should-government-help-manage-cybersecurity-for-small-businesses/

One of the primary tensions within DoD’s efforts to raise the cybersecurity bar for its defense contractors is doing it in way that doesn’t further erode the military’s base of small business innovators. And yet, the current bottom up approach by most hackers makes small businesses a primary t...

"We had been incubating for a while and are now launching Trend Micro One because we fundamentally believe that you need...
04/26/2022
Trend Micro leadership: Unified platforms are more than shedding vendors

"We had been incubating for a while and are now launching Trend Micro One because we fundamentally believe that you need to have a unified, comprehensive cybersecurity platform instead of trying to knit together different offerings from a bunch of different people," said Kevin Simzer, chief operating officer at Trend Micro. #cybersecurity #infosec

Trend Micro Monday relaunched its flagship software-as-a-service offering as a unified security platform, making it the latest vendor to emphasize the complexity of competing consoles in the security operations center.

In a newly posted release, Tenet Healthcare is currently investigating a “cybersecurity incident,” which prompted the se...
04/26/2022
Tenet Health investigating cybersecurity incident, IT outage

In a newly posted release, Tenet Healthcare is currently investigating a “cybersecurity incident,” which prompted the security team to pull impacted IT systems and apps offline. #cybersecurity #infosec #healthIT

In a newly posted release, Tenet Healthcare is currently investigating a “cybersecurity incident,” which prompted the security team to pull impacted IT systems and apps offline.

The U.S. Department of Energy is putting $12 million in new grant funding behind six university-led cybersecurity resear...
04/26/2022
Energy puts $12 million behind cybersecurity research projects for energy grid

The U.S. Department of Energy is putting $12 million in new grant funding behind six university-led cybersecurity research projects that look for innovative ways to securely build or design the nation’s next generation of energy systems. #cybersecurity #infosec

The Department of Energy is putting $12 million in new grant funding behind six university-led cybersecurity research projects that look for innovative ways to securely build or design the nation’s next generation of energy systems.

Explore the next evolution of data collection and correlation across multiple layers by attending this LIVE eSummit TODA...
04/26/2022

Explore the next evolution of data collection and correlation across multiple layers by attending this LIVE eSummit TODAY. Dive into the results from CyberRisk Alliance’s XDR Research Survey and how it can help you choose between an open or closed XDR solution for your organization.
Register here > http://ow.ly/YpES50IRYxG

A settlement has been reached in the class action data breach lawsuit against Solara Medical Supplies over a months-long...
04/25/2022
Proposed $5M settlement in Solara Medical lawsuit mandates security overhaul

A settlement has been reached in the class action data breach lawsuit against Solara Medical Supplies over a months-long, undetected email systems hack. #cybersecurity #infosec #healthIT

A settlement has been reached in the class action data breach lawsuit against Solara Medical Supplies, over a months-long, undetected email systems hack, requiring a long list of security requirements.

The cloud has emerged as a highly effective ransomware-killer, says Nasuni's Russ Kennedy in this commentary.
04/25/2022
Will the cloud bring a sunset to ransomware?

The cloud has emerged as a highly effective ransomware-killer, says Nasuni's Russ Kennedy in this commentary.

By combining the cloud with modern backup and recovery technologies, companies can potentially bring an end to ransomware.

Despite a surge in cybercrime, Visa reported record-lows in cyber fraud as the company has invested in security innovati...
04/25/2022
Visa takes a more aggressive stand on cybersecurity

Despite a surge in cybercrime, Visa reported record-lows in cyber fraud as the company has invested in security innovation and analytics. #cybersecurity #infosec #fintech

Despite a surge in cybercrime, Visa reported record-lows in cyber fraud as the company has invested in security innovation and analytics.

ALPHV, which the FBI – Federal Bureau of Investigation referred to as BlackCat in its alert, has been tracked to attacks...
04/24/2022
FBI seeks information on ALPHV ransomware group, aka BlackCat

ALPHV, which the FBI – Federal Bureau of Investigation referred to as BlackCat in its alert, has been tracked to attacks on two major German oil companies and Florida International University. #ransomware #infosec #cybersecurity

ALPHV, which the FBI referred to as BlackCat in its alert, has been tracked to attacks on two major German oil companies and Florida International University.

The insights from HHS can support provider organizations in light of the Lapsus$ ransomware group's penchant for preying...
04/23/2022
Healthcare sector risk from Lapsus$ group prompts HHS brief on insider threats

The insights from HHS can support provider organizations in light of the Lapsus$ ransomware group's penchant for preying on healthcare insiders. #healthIT #ransomware #cybersecurity #infosec

The insights from HHS can support provider organizations in light of the Lapsus$ ransomware group's penchant for preying on healthcare insiders.

Mandiant researchers said state-sponsored groups are the primary actors exploiting zero-day vulnerabilities, led by Chin...
04/23/2022
Zero-day vulnerabilities more than doubled in 2021, say Mandiant and Google

Mandiant researchers said state-sponsored groups are the primary actors exploiting zero-day vulnerabilities, led by Chinese threat groups. #cybersecurity #infosec

Mandiant researchers said state-sponsored groups are the primary actors exploiting zero-day vulnerabilities, led by Chinese threat groups.

Security analysts say the merger combines Devo’s analytics with artificial intelligence (AI) from Kognos to aim for the ...
04/23/2022
Devo acquires Kognos to build the ‘Autonomous SOC’

Security analysts say the merger combines Devo’s analytics with artificial intelligence (AI) from Kognos to aim for the “holy grail” of XDR. #cybersecurity #infosec #cloudsecurity

Security analysts say the merger combines Devo’s analytics with artificial intelligence (AI) from Kognos to aim for the “holy grail” of XDR.

ALPHV, aka BlackCat, recently emerged as a large player in the ransomware marketplace using an updated version of BlackM...
04/22/2022
Error in ALPHV/BlackCat ransomware code may offer some Linux users a shield

ALPHV, aka BlackCat, recently emerged as a large player in the ransomware marketplace using an updated version of BlackMatter/Darkside malware. #ransomware #infosec #cybersecurity

ALPHV, aka BlackCat, recently emerged as a large player in the ransomware marketplace using an updated version of BlackMatter/Darkside malware.

The U.S. will partner with Canada, Japan, South Korea, Singapore, the Philippines and Taiwan to establish a Global Cross...
04/22/2022
US, 6 other nations to develop cross-border privacy and security standards

The U.S. will partner with Canada, Japan, South Korea, Singapore, the Philippines and Taiwan to establish a Global Cross Border Privacy Rules forum. #cybersecurity #infosec

The U.S. will partner with Canada, Japan, South Korea, Singapore, the Philippines and Taiwan to establish a Global Cross Border Privacy Rules forum.

Christian Dameff, a doctor and hacker, says healthcare needs incentives to boost cybersecurity via congressional action ...
04/22/2022
Dr. Hacker: With ‘no carrot,’ healthcare can’t overcome cybersecurity failures

Christian Dameff, a doctor and hacker, says healthcare needs incentives to boost cybersecurity via congressional action similar to HITECH for EHR adoption. #healthIT #cybersecurity #infosec

Christian Dameff, a doctor and hacker, says healthcare needs incentives to boost cybersecurity via congressional action similar to HITECH for EHR adoption.

Christian Dameff, a doctor and hacker, says healthcare needs incentives to boost cybersecurity via congressional action ...
04/22/2022
Dr. Hacker: With ‘no carrot,’ healthcare can’t overcome cybersecurity failures

Christian Dameff, a doctor and hacker, says healthcare needs incentives to boost cybersecurity via congressional action similar to HITECH for EHR adoption. #healthIT #cybersecurity #infosec

Christian Dameff, a doctor and hacker, says healthcare needs incentives to boost cybersecurity via congressional action similar to HITECH for EHR adoption.

FiVerity Inc., Fortanix, and Intel announced Tuesday that they would be working together to address digital identity fra...
04/21/2022
Partnership aims to provide better financial ID security with ‘Confidential Computing’

FiVerity Inc., Fortanix, and Intel announced Tuesday that they would be working together to address digital identity fraud within the financial industry. #cybersecurity #infosec #fintech

FiVerity Inc., Fortanix Inc., and Intel Corp. announced Tuesday that they would be working together to address digital identity fraud within the financial industry.

The #cybersecurity authorities of the Five Eyes intelligence alliance — the United States, Australia, Canada, New Zealan...
04/21/2022
US, allies warn of Russian cyber threats to critical infrastructure

The #cybersecurity authorities of the Five Eyes intelligence alliance — the United States, Australia, Canada, New Zealand and the United Kingdom — released an alert Wednesday warning of potential malicious cyber activity resulting from Russia's invasion of Ukraine. #infosec

The cybersecurity authorities of the Five Eyes intelligence alliance — the United States, Australia, Canada, New Zealand and the United Kingdom — released an alert Wednesday warning of potential malicious cyber activity resulting from Russia's invasion of Ukraine.

Despite another looming regulatory process, U.S. Department of Defense (DoD) officials and contracting experts are indic...
04/21/2022
CMMC leader hopes for quieter rulemaking process, floats ‘cybersecurity-as-a-service’

Despite another looming regulatory process, U.S. Department of Defense (DoD) officials and contracting experts are indicating that the CCMC program is unlikely to undergo another major overhaul. #cybersecurity #infosec

Despite another looming regulatory process, DoD officials and contracting experts are indicating that the CCMC program is unlikely to undergo another major overhaul.

Researchers for ESET reported discovering at least three vulnerabilities affecting hundreds of Lenovo consumer laptops w...
04/21/2022
Vulnerabilities in Lenovo laptops exposes millions of users to firmware-level malware

Researchers for ESET reported discovering at least three vulnerabilities affecting hundreds of Lenovo consumer laptops with millions of users worldwide. #cybersecurity #infosec

Researchers for ESET reported Tuesday discovering at least three vulnerabilities affecting hundreds of Lenovo consumer laptops with millions of users worldwide.

The campaign targets rank-and-file employees at #cryptocurrency firms through social media and other communications. #cy...
04/20/2022
North Korea hackers target blockchain and gaming companies, posing as job recruiters

The campaign targets rank-and-file employees at #cryptocurrency firms through social media and other communications. #cybersecurity #infosec

The campaign targets rank and file employees at cryptocurrency firms – namely system administrators and IT or software developers – through social media and other communications. Threat actors have posed as job recruiters offering high paying gigs, slick-looking websites and links a malware-infe...

Address

400 Madison Ave
New York, NY
10017

Opening Hours

Monday 9am - 5pm
Tuesday 9am - 5pm
Wednesday 9am - 5pm
Thursday 9am - 5pm
Friday 9am - 5pm

Products

SC Magazine US, SCMedia.com; SC Media Awards

Alerts

Be the first to know and let us send you an email when SC Media posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to SC Media:

Videos

Nearby media companies


Other Media/News Companies in New York

Show All

Comments

The gas station and convenience store sector has been moving in the right direction toward more secure payments, but there’s room for improvement, says Ruston Miles, founder and cybersecurity advisor for Bluefin, in this commentary.
Confluera reported that 97% of IT leaders surveyed say that their technology strategy includes the expansion of cloud deployments. #cybersecurity #infosec #cloudsecurity
New guidance from the U.S. Department of Health and Human Services Cybersecurity Coordination Center urges the use of red and blue teaming, in combination with endpoint detection and response to combat ongoing EMR risks. #cybersecurity #infosec #healthIT
NTT Application Security researchers say just 27% of sites tested were vulnerable less than 30 days. #cybersecurity #infosec
For every officer trained at a "Cyber West Point," we’ll need thousands of private sector cyber-workers defending our critical infrastructure, shielding personal data of all Americans, and protecting the intellectual property that’s the lifeblood of our economy, says Conor Godfrey, cyber and analytics portfolio manager at Tulsa Innovations Labs, in this commentary.
Compiled from data collected from 1.1 million global sources, SonicWall researchers saw a 71% increase in IoT malware against healthcare clients. #cybersecurity #infosec #healthIT
Right now, companies with a direct presence in the Ukraine or those that have a supply chain that touches the Ukraine are scrambling to ensure redundancies, says Sam Curry, chief security officer at Cybereason, in this commentary.
During a Clearwater discussion on patient data privacy, former OCR Director Roger Severino continued his advocacy for HIPAA’s right of access standard and hopes for the current administration. #cybersecurity #healthIT
“We believe that the Russian government is responsible for widescale cyberattacks on Ukrainian banks this week,” Deputy National Security Advisor for Cyber Anne Neuberger said.
Agency leaders from the United States, United Kingdom and Europe discussed greater international cooperation and improved cyber postures during Thursday's Munich Cyber Security Conference. #MCSC22 #cybersecurity #infosec
One of the leaders in DevSecOps, Snyk aims to build a cloud platform “by and for developers with the acquisition of the cloud security posture management company Fugue. #cybersecurity #infosec #cloudsecurity
Have you truly done enough to protect your company from a #ransomwareattack? One way to find out is through a Ransomware Readiness Index (RRI), created by a trio of Massachusetts Institute of Technology (MIT) researchers, designed to score your ongoing preparedness against an attack. Join us next week to hear from RRI co-creator Taylor Reynolds where he will offer a status update on his team’s case study and offer suggestions on how to best make ransomware-readiness metrics actionable to achieve consequential improvements in prevention. Register today! #cybersecurity #ransomware #virtualevent https://www.scmagazine.com/esummit/preventing-ransomware-and-data-exfiltration/?utm_source=facebook