The hackers who hijacked 130 high-profile Twitter accounts as part of a cryptocurrency scam earlier this month used a telephone-based spear-phishing attack to obtain employee credentials, the social media company says.
The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere. Phishing campaigns spreading the malware are using COVID-19 themes as a lure.
A vulnerability that can impede the boot-loading process of an operating system could potentially affect billions of Linux and Windows machines, according to Eclypsium. The flaw, called "BootHole," could enable an attacker to gain near total control of an infected device.
How many different shades of bizarre is the data breach notification issued by software vendor Blackbaud? Over the course of three paragraphs, Blackbaud normalizes hacking, congratulates its amazing cybersecurity team, and says it cares so much for its customers that it paid a ransom to attackers.
Numerous unanswered questions persist concerning a ransomware outbreak at Blackbaud, which provides cloud-based marketing, fundraising and customer relationship management software used by thousands of charities, universities, healthcare organizations and others.
The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
As part of their latest COVID-19 economic relief legislation unveiled this week, Senate Republicans are proposing to allocate about $53 million to the U.S. Cybersecurity and Infrastructure Security Agency to help combat hackers targeting virus vaccine research.
Suddenly, onboarding, servicing and securing digital accounts with advanced authentication techniques isn't just a priority for global enterprises; it is the priority. Dean Stevenson of HID Global previews an upcoming virtual roundtable discussion.
Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.
Security experts say that ransomware victims too often treat the malware infection as an isolated event, when they should instead assume that attackers remain in their network until proven otherwise. Here are eight tips for dealing with ransomware and other intrusions and making a full recovery.
Changes in the privacy policies of social media companies have rendered many free open source intelligence tools unworkable, says Mason Wilder, senior research specialist at the Association of Certified Fraud Examiners. He describes the evolution of these tools and offers tips on how to apply them.
The shift to working from home has changed the threat landscape, forcing organizations to rethink and revamp their business continuity strategies, says Steve Winterfeld of Akamai, who offers insights on mitigating the risks that come with remote work and ensuring employees can access the resources they need.