The latest edition of the ISMG Security Report analyzes whether a leaked database compiled by a Chinese company should be a cause for serious concern. Also featured are discussions on vulnerability disclosure challenges and risks posed by using social media apps for payments.
The U.S. Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government allegedly used to run a years-long malware campaign that targeted Iranian dissidents, journalists and others.
Two Iranian nationals have been charged with participating in a years-long hacking campaign that targeted vulnerable networks in the U.S., Europe and the Middle East to steal "hundreds of terabytes" of data, according to the U.S. Department of Justice.
Federal prosecutors have unsealed indictments charging five Chinese suspects - alleged members of the China-linked APT41 hacking group - with breaching more than 100 companies, government agencies and other organizations around the world.
The hacking group "Pioneer Kitten," which has suspected ties to the Iranian government, is taking advantage of several unpatched vulnerabilities and using open source tools to target U.S. businesses as well as federal government agencies, according to the Cybersecurity and Infrastructure Security Agency.
As organization adopt new technologies and utilize the cloud for business innovation and growth, security teams are challenged with ensuring that those initiatives and missions are successful. To do that they are faced with creating an effective security program from a fragmented patchwork of solutions and data...
It's hard to ignore the ubiquity of the internet of things (IoT). Even if you're one of those holdouts that doesn't own consumer IoT devices such as a smart speaker, internet-connected thermostat, or a smart watch, industrial IoT (IIoT) devices - a subset of the IoT landscape - are already playing a part in your daily...
National Guard units are commonly called up to help deal with the aftermath of a natural disaster. And they played a role in responding to the COVID-19 pandemic and civil unrest. But some states are now calling out the National Guard to help safeguard elections from online attacks and interference.
The U.S. Cybersecurity and Infrastructure Security Agency warns that hacking groups backed by the Chinese Ministry of State Security are exploiting several unpatched vulnerabilities to target federal agencies.
Russian, Chinese and Iranian hackers are targeting organizations and individuals associated with the Republican and Democratic U.S. presidential campaigns, Microsoft reports, noting that the majority of the attacks appear to have been blocked.
In a court filing, online voting startup Voatz argues that most security research should be limited to those who have clear permission to probe systems and software for vulnerabilities. The amicus brief is part of a U.S. Supreme Court case that could redefine a federal computer law.
So-called "cybersquatting" attacks are surging, with financial and e-commerce websites - including those of PayPal, Royal Bank of Canada, Bank of America and Amazon - among the most frequent targets, according to Palo Alto Networks' Unit 42.
Outdated threat hunting procedures hold your security program back - both in the time it takes to seek out attacker behaviors, and the level of effort involved to ascertain whether the threat still persists. In this talk, Samer Faour of Exabeam will explain how to modernize and galvanize your threat hunting program...