Russian hackers apparently weren't the only ones targeting SolarWinds customers. An attack last year by the Spiral hacking group, believed to be based in China, against one organization used malware that targeted a vulnerability in SolarWinds' Orion software, according to the Secureworks Counter Threat Unit.
Legislation introduced in the House would allow U.S. citizens to file lawsuits against foreign governments - and employees and agents of those countries - to hold them liable if a cybersecurity incident causes damages. But one legal expert says such a law could do more harm than good.
As head of information security at FirstPort property management services in the U.K., Sawan Joshi puts a heavy emphasis on ongoing education – for himself, as well as for his cybersecurity team. He discusses how this dedication makes him a better leader.
A new phishing campaign distributes ZLoader malware using advanced delivery techniques that demonstrate sophisticated understanding of Microsoft Office document formats and techniques, the security firm Forcepoint X-Labs reports.
Traditionally, software development training falls short on security. And as enterprises embrace the “shift left” movement, that gap puts them at risk. Veracode’s Dave Ferguson discusses the gap and how Veracode’s new Security Labs was developed to fill it.
Nearly four years after the WannaCry ransomware hit the world, targeting the EternalBlue vulnerability in Microsoft SMB version 1, security firms say the malware continues to be a top threat detected in the wild by endpoint security products. Why won't WannaCry just die?
The cybersecurity firm McAfee Corp. announced Monday it will sell its enterprise business unit to the private equity firm Symphony Technology Group for $4 billion cash and then focus solely on its consumer business. STG also owns RSA.
Cybersecurity entrepreneur John McAfee, who already faces tax evasion charges, has now been indicted for allegedly using his vast social media following to run cryptocurrency pump-and-dump schemes as well as promote virtual currencies to investors without revealing his stake in them, federal prosecutors say.
COVID-19 infection rates are down from their record highs, and vaccination numbers grow each day. Are we rounding the corner in this pandemic battle? Keep an eye on the virus variants, says pandemic expert Regina Phelps. We may be on the cusp of yet another surge.
A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm Zcaler says. The company says it prevented more than 2,500 phishing emails tied to the campaign.
Supermicro and Pulse Secure have each issued advisories warning users that some of their products are vulnerable to an updated version of Trickbot malware that features a bootkit module, nicknamed Trickboot, which can search for UEFI/BIOS firmware vulnerabilities.