North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their system, warns Google's Threat Analysis Group.
Good news on the cybercrime front: "Cryptocurrency-related crime fell significantly in 2020," compared to 2019, reports blockchain analysis firm Chainalysis. Unfortunately, in the same timeframe, ransomware profits surged 311%, stoking calls for a crackdown on ransom payments.
Businesses that have had to support virtual services and remote workers have taken bold digital transformation steps during the pandemic. The momentum they’ve achieved, as a result, will be difficult to let go. Securing the changes already implemented as well as the changes yet to come in the ‘next normal’ is...
The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a "limited subset of internal company emails."
Threat hunting and incident response are critical roles of security operations center (SOC) analysts. With the ever-rising sophistication of new and emerging attacks, analysts need an edge to stay ahead of adversaries.
This paper describes the MITRE ATT&CK framework including:
What the model offers to SOC...
Attacks have become increasingly sophisticated, and often are invisible and undetectable by legacy security solutions. You read about these successful data breaches almost on a daily basis. Security analysts do what they can with legacy tools, but these tend to swamp analysts with alerts that are difficult to...
Manufacturing System Protection from Cyber Attacks Industry 4.0 drives manufacturing efficiency by connecting systems to automate, share data, consolidate operations, and streamline production.
Police have arrested Riley June Williams of Pennsylvania, who a tipster alleges stole a laptop or hard drive belonging to House Speaker Nancy Pelosi. But is the tipsters claim that she had planned to pass the device to a friend in Russia credible?
The Scottish Environment Protection Agency says a ransomware attack last month continues to cause serious outages and warns that ransom-demanding attackers also stole some data. The Conti ransomware-as-a-service operation has claimed credit for the attack and begun to leak the stolen data.
It isn't that we struggle to define the zero trust security model. It's that we ignore the real challenge, says Jack Miller of Menlo Security. We need to shift our view of authentication and access from "innocent until proven guilty" to "guilty until proven innocent."
Cyber criminals are taking advantage of the
economic uncertainty plaguing the Oil & Gas industry.
Download this summary to learn more about the true cost of cyber dangers facing
the industry and how control your third party risk.
The physical breach of the U.S. Capitol by a violent mob, members of which allegedly accessed lawmakers' systems and stole devices, offers cybersecurity professional lessons to learn on authentication, encryption and more, says cybersecurity expert Brian Honan.
Google's Project Zero security team is describing its discovery last year of a complex "watering hole" operation that used four zero-day exploits to target Windows and Android mobile devices.
The new year has kicked off with a flurry of data security company acquisition activity; five deals have already been announced. Companies making acquisitions are striving to improve their secure access service edge - or SASE - posture, enter new markets or bolster their technology portfolios.
Among remote workers, senior managers apparently are taking cybersecurity hygiene far less seriously than rank-and-file employees, a recent survey shows. Kathy Ahuja of OneLogin offers an analysis.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
