Dark Reading Confidential: Meet the Ransomware Negotiators Episode 2: Incident response experts-turned-ransomware negotiators Ed Dubrovsky, COO and managing partner of CYPFER, and Joe Tarraf, chief delivery officer of Surefire Cyber, explain how they interact with cyber threat actors who hold victim organizations' systems and data for ransom. Among their fascinating stories: how they negotiated with cybercriminals to restore operations in a hospital NICU where lives were at stake, and how they helped a church, where the attackers themselves "got a little religion."
Patch Now: Cisco Zero-Day Under Fire From Chinese APT Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware.
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.
Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.
Stress-Testing Our Security Assumptions in a World of New & Novel Risks Categorizing and stress-testing fundamental assumptions is a necessary exercise for any leader interested in ensuring long-term security and resilience in the face of an uncertain future.
_Michael_Burrell-Alamy.jpg%20)
A CISO's Guide to Avoiding Jail After a Breach 
_Alexey_Kotelnikov_Alamy.jpg%20)
_StocktrekImagesInc_Alamy.jpg%20)
