Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.
Authorities in the U.S. and U.K. are warning medical institutions, pharmaceutical companies, universities and others about "password-spraying campaigns" by advanced persistent threat groups seeking to steal COVID-19 research data. Security experts outline defensive steps that organizations can take.
Several malicious spam campaigns using COVID-19 as a lure are attempting to install the Remcos remote access Trojan on victims' devices, according to Microsoft.
Declaring that threats to the United States' power grid are a national emergency, President Donald Trump is taking steps designed to help defend the grid from foreign interference by focusing on the supply chain.
In an apparent attempt to spread TrickBot malware, cybercriminals are sending fake emails designed to look like notifications from the Labor Department concerning changes to the Family and Medical Leave Act, according to IBM X-Force.
Cyber Threat Intelligence (CTI) isn't the exclusive domain of specialized organizations anymore. Yet many CTI practitioners - the analysts, researchers and threathunters who collect and manage Open Source Intelligence (OSINT) gleaned from the open, deep and Dark Web - report a lack of training, tools and internal...
To facilitate investigations across the vast expanses of the open, deep, and dark web, Authentic8 engineers built a guide to 21 easily accessible Open Source Intelligence (OSINT) research tools. The report provides a brief overview of each tool, where and how to get it, a supporting visual, and use case.
Advance...
Many attackers continue to camp out in networks for months, conducting reconnaissance and stealing sensitive data before unleashing ransomware. Experts say many recent efforts trace to gangs wielding the RobbinHood, Valet Loader, NetWalker, PonyFinal, Maze and Sodinokibi strains of crypto-locking malware.
Proactive threat modeling must be embedded at the beginning of the software development life cycle to identify and address design flaws before their implementation into code.
However, can your team take on such a burdensome and manual process?
Download this white paper and learn about:
Challenges with...
It's not so much that the threats have changed amidst the COVID-19 pandemic. It's that the attack surface has broadened, and it's more challenging for defenders to coordinate intelligence, tooling and processes, says Jimmy Astle of VMware Carbon Black.
The U.S. National Security Agency and the Australian Signals Directorate offer guidance on how to mitigate the growing threat posed by attackers using web shells to create backdoors.
VictoryGate, a recently discovered botnet that infected about 35,000 devices with malware, has been disabled by researchers from security firm ESET. The botnet's main purpose was mining monero cryptocurrency.
The lines are rapidly blurring between traditional fraud and rising cybersecurity threats. Financial services leaders are challenged to find ways to rapidly increase visibility across their environments while accelerating responses to threats effectively and efficiently.
Join Jason Pfeiffer, VP of Product Management...
Two recently uncovered spear-phishing campaigns targeted oil and gas firms in the U.S., Asia and South Africa with AgentTesla, a notorious information stealer, according to Bitdefender. These campaigns appear tied to the global oil crisis.
A bipartisan Senate Intelligence Committee report released this week affirms that the U.S. intelligence community and its various agencies correctly assessed that Russia interfered in the 2016 U.S. presidential election.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.