Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
CISA has issued an alert on the Conti ransomware, just as a second major U.S. farming cooperative confirmed being hit by ransomware. [Read More]
Netgear warns that an attacker on the same network as a vulnerable device could intercept and manipulate router traffic to execute code as root. [Read More]
VMware releases an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure. [Read More]
Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands. [Read More]
Microsoft says it has been seeing various attempts to exploit the remote code execution vulnerability in the Open Management Infrastructure (OMI) framework. [Read More]
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
Limited in scope, the incidents abuse the Windows Subsystem for Linux (WSL) feature to cross the boundaries between operating systems and avoid detection. [Read More]
The Mirai botnet has started exploiting the OMIGOD vulnerability just as Microsoft released more guidance on protections. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
- 1 of 273
- ››
FEATURES, INSIGHTS // Malware
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
- 1 of 14
- ››
Get the Daily Briefing
- VMware Confirms In-the-Wild Exploitation of vCenter Server Vulnerability
- Encrypted Messaging App Signal Hit by Brief Outage
- Chrome 94 Update Patches Actively Exploited Zero-Day Vulnerability
- Threat Actor Targets Indian Government With Commercial RATs
- States at Disadvantage in Race to Recruit Cybersecurity Pros
- EU Denounces Alleged Russian Hacking Ahead of German Vote
- FamousSparrow Cyberspies Exploit ProxyLogon in Attacks on Governments, Hotels
- Google Says Threat Actors Using New Code Signing Tricks to Evade Detection
- SonicWall Patches Critical Vulnerability in SMA Appliances
- LG to Acquire Vehicle Cybersecurity Firm Cybellum
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy