Security Experts:

Cybercrime
long dotted

NEWS & INDUSTRY UPDATES

Proof-of-concept (PoC) exploit code has been published for recently patched vulnerability in Microsoft Exchange Server. [Read More]
New Tardigrade variant of Smoke Loader was detected within the networks of two biomanufacturing facilities roughly half a year apart. [Read More]
Claroty researchers document a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN. [Read More]
Security response agencies warn the Zoho flaw puts academic institutions, critical infrastructure and defense contractors are at high risk for APT attacks. [Read More]
GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months. [Read More]
The Danish wind turbine manufacturer confirms a cyber attack has impacted parts of internal internal IT infrastructure and that data has been compromised. [Read More]
Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti ransomware, which allowed them to gain insight into its inner workings. [Read More]
Iran's second-largest airline, Mahan Air, said it had been hit by a cyberattack Sunday, the latest of several targeting the company. [Read More]
Utah Imaging Associates has started informing over 583,000 former and current patients who might have been affected by the incident. [Read More]
The newly discovered Android banking trojan targets international banks and five different cryptocurrency services. [Read More]

FEATURES, INSIGHTS // Cybercrime

rss icon

Jeff Orloff's picture
Most organizations rely too heavily on their cybersecurity pros to protect them from threats, ignoring the painful reality that human error is by far the most common cause of security breaches.
Derek Manky's picture
Botnets are becoming more malicious, sometimes able to create hundreds of thousands of drones that can attack a variety of machines, including Mac systems, Linux, Windows systems, edge devices, IoT devices, and so on.
Idan Aharoni's picture
Despite having different infrastructure, goals and methods, threat actors do not work in a vacuum. They feed off of each other.
Derek Manky's picture
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Idan Aharoni's picture
Plausible deniability provides a massive operational leeway to military operations in cyberspace, enabling governments to take actions without risking an all-out war.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Idan Aharoni's picture
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Derek Manky's picture
We tend to focus on the attack surface when it comes to cybersecurity, but the reality is, much like an iceberg, there’s so much more lurking beneath the surface.
Gordon Lawson's picture
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.