An Iranian attacker has been targeting users who have failed to patch a remote code execution vulnerability in a Microsoft browser engine to spy on Farsi-speaking victims, paralleling a similar campaign being run by North Korean attackers, researchers warn.
The Israeli government's Ministry of Defense reportedly has cut the list of countries to which Israeli companies’ cyber spyware can be exported from 102 to 37, reducing Israel's surveillance tool export market by two-thirds. The list specifically restricts doing business with those involved in offensive cyber.
The latest edition of the ISMG Security Report features an analysis of how organizations can reduce risk especially over holidays and weekends, when attackers are most likely to strike. Also featured: Highlights from Ireland's IRISSCON 2021 cybercrime conference; what's ahead for COVID-19 and the workplace?
The NSO Group is the target of a lawsuit filed by Apple, which alleges that the spyware maker abused Apple's products and services to carry out spying operations. The news follows the NSO Group's blacklisting by the U.S. government, a score downgrade by Moody's, and a reportedly failed deal with France.
Chinese threat actors may increasingly look to steal sensitive, encrypted data in hopes of decrypting it with quantum computing technology in the years ahead, according to a new report. Researchers say Chinese threat actors may target government, business and academic data with long-term value.
North Korea-associated advanced persistent threat group TA406, aka Kimsuky or Thallium, has ramped up its cyberespionage operations in 2021, targeting diplomats and policy experts across Asia, the U.K. and the U.S., researchers say.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the status of the recommendations of the Cyberspace Solarium Commission today and what still needs to be enacted by the current Congress, addressing the increasing challenge of cyberattacks...
We know they are coming, and yet we are still ill-prepared. Cybereason surveyed 1,200 global cybersecurity professionals on ransomware. And while most are concerned about attacks, nearly one-quarter have no contingencies for weekends and holidays - the favored strike time. Sam Curry explains why.
The latest edition of the ISMG Security Report features an analysis of how cybercriminals are turning to cryptomixing services to conceal the proceeds of ransomware activities from law enforcement officials. Also featured: Criminals exploit a misconfigured FBI server and the future of zero trust.
Law enforcement and intelligence agencies in the U.S, U.K. and Australia have issued a joint advisory on unidentified Iran government-backed advanced persistent threat actors exploiting Fortinet and Microsoft Exchange ProxyShell vulnerabilities to attack organizations in their respective countries.
The specter of the May attack on Ireland's national health service loomed large at the IRISSCON 2021 cybercrime conference in Dublin, as cybersecurity experts gathered to detail the ongoing rise of ransomware and other types of online crime, as well as how to best combat such attacks.
Cryptocurrency-using criminals continue to rely on services designed to launder their virtual currency to give them "clean coins" that are tougher for law enforcement to trace. Experts say such services are widely marketed on cybercrime forums, and sometimes provided directly to ransomware groups' affiliates.
Ari Redbord of TRM Labs, who has had an extensive career in law enforcement, points out that 2020 was a pivotal year for putting cybersecurity on the agenda throughout the government. He discusses securing cryptocurrecy, the blockchain and other elements of the "digital battlefield."
The U.S. and Israel will expand their diplomatic relationship around cybersecurity, announcing a bilateral task force this week that will support cybersecurity and fintech innovation. The news follows recent action by the U.S. Department of Commerce to blacklist Israeli spyware firm NSO Group.
Google’s Threat Analysis Group has released details of a watering hole campaign targeting a macOS zero-day exploit chain to install a never-before-seen malware on devices of users visiting Hong Kong websites of a media outlet and a prominent pro-democracy labor and political group.