Category: Analyst Tips
-
Creation of IT Asset Portfolio
An organization’s choice between using a spreadsheet, a purpose-built CMDB, or another GRC tool depends on present and future needs, asset information volume, and user/stakeholder access. A spreadsheet may suffice for initial asset management, but a purpose-built GRC tool is essential for long-term governance, offering robust information capture, user access control, and workflow automation.
-
Criticality of an IT Asset Portfolio
An IT Asset portfolio is crucial for IT governance, providing a clear understanding of an organization’s assets. Key information includes business owner, technology owner, location, platform, and business impact assessment results. Regular review and metadata inclusion enhance reliability. Commercial CMDB software caters to this, but it can be created with minimal resources if budget is…
-
Microsoft Zero-Day Used by Lazarus in Rootkit Attack
The Lazarus Group, a North Korean state-backed actor, utilized a zero-day exploit in Microsoft’s AppLocker to execute a rootkit cyberattack. The flaw was fixed on February 13 following its discovery by Avast researchers, who noted the increased sophistication of Lazarus’ techniques. This incident underscores the importance of effective vulnerability management and the need for timely…
-
FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks
The U.S. government issued a warning about the resurgence of BlackCat ransomware attacks in the healthcare sector, following a law enforcement operation’s failure to dismantle the group. The ransomware has targeted critical infrastructure organizations, leading to the announcement of rewards for information on the group’s members. Cybercrime groups continue to compromise organizations using sophisticated tactics…
You must be logged in to post a comment.