Security researchers are tracking a variant of the prolific Mirai botnet called Mukashi, that's taking advantage of vulnerabilities in network-area storage devices made by Zyxel and giving its operators the ability to launch DDoS attacks. Zyxel has issued a patch for the vulnerability.
Microsoft is warning that attackers are exploiting a pair of critical, zero-day flaws in Windows that allow for remote code execution, which could enable a threat actor to take over an infected device. Although a patch for the flaws is not expected until April, the company described workarounds.
Following the Bangladesh Bank heist in 2016, many banks in the nation have invested in new technologies, including SOCs, to better detect and analyze threats, says cybersecurity expert Rubaiyyaat Aakbar, who formerly worked at several local banks.
An emerging technology, Vvendor Privileged Access Management (VPAM) can provide both operational efficiencies and increased security in your projected ROI analysis. And that is a rare combination in InfoSec these days.
Finastra, a large financial services software provider based in London, continues to recover from a ransomware attack that forced the company to take its IT operations offline Friday to prevent further damage to its corporate network, according to the company's CEO.
Disinformation campaigns with ties to Russia are continuing in an attempt to impede other governments' responses to the COVID-19 pandemic, complicating public health efforts to combat the disease, European officials warn.
The SOC has evolved from a log collector to a threat intelligence tool that helps organizations prepare in advance for attacks, says Anand Pande, CISO of the Goods and Services Tax Network, a non-profit, organization that manages the entire IT system of the goods and services tax portal in India.
Not knowing where all the data resides in an organization is a major hurdle when it comes to protecting and securing that data, says Prakash Kumar Ranjan, senior manager and lead, IT and information security audit, Airtel Payments Bank.
As the global COVID-19 pandemic worsens, security firms and law enforcement, including the FBI, are warning of increasing phishing and other the cybercriminal scams targeting a largely at-home workforce.
TA505, a notorious cybercriminal group believed to be operating in Russia, is using business email compromise tactics to target a new group of victims - HR departments, according to security researchers, who describe the new scheme.
As automobile manufacturers and others rush to shift to production of ventilators and other medical equipment and supplies to help fight the COVID-19 pandemic, they must take steps to ensure security, privacy and safety risks are addressed, says technology attorney Steven Teppler.
With the declaration of COVID-19 as a pandemic, and the global shift to work from home, Tom Kellermann of VMware Carbon Black sees a corresponding increase in hacking and espionage attempts against U.S. agencies, businesses and citizens. He says add "digital distancing" to your precautions.
The Trump administration is reportedly in talks with tech companies, including Facebook and Google, to explore whether it's possible to use real-time location data from smartphones to support efforts to slow the spread of COVID-19. But some privacy advocates are raising concerns about such tracking efforts.
When it comes to detecting an advanced persistent threat attack, the key to success is not only looking at what anomalies are in the network, but also understanding why certain activities are suspicious, says cybersecurity specialist Mahesh Sogane of the global oil company Shell.