Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
The new 'Aviary' dashboard will help visualize and analyze output from Sparrow, a CISA-developed tool for detecting potentially malicious activity in Microsoft Azure and Microsoft 365 environments. [Read More]
Threat actors are abusing organizations’ reliance on communication services such as Discord and Slack to circumvent network protections and ensure effectiveness of attacks. [Read More]
Cisco patches a critical vulnerability in an SD-WAN software product but warned that a different high-risk bug in end-of-life small business routers will remain unpatched. [Read More]
NEWS ANALYSIS: Google’s decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development. [Read More]
Belden shared an update on the data breach disclosed in November 2020 and said health-related information was also exposed. [Read More]
Cring ransomware operators exploit an old vulnerability in the FortiOS SSL VPN web portal to access enterprise networks, including the ones of industrial organisations. [Read More]
PHP developers have shared an update on the recent breach and while they no longer believe the Git server was compromised, it’s possible that a user database was leaked. [Read More]
Proofpoint warns that attackers are leveraging compromised supplier accounts and supplier impersonation to send malware, steal credentials and perpetrate invoicing fraud. [Read More]
Researchers have discovered FlixOnline, new Android malware that uses Netflix as its lure and spreads malware via auto-replies to WhatsApp messages. [Read More]
Facebook cracks down on deceptive networks, including five that mainly targeted individuals outside their countries and nine focused on domestic audiences. [Read More]
FEATURES, INSIGHTS // Cybercrime
With law enforcement’s ability to adapt, showing consistent results despite cybercriminals’ adoption of new technologies, as well as the increase in awareness of cyber attacks, there’s still a room for optimism – not only for the next year, but also for the next decade.
Facts, data, and evidence are extremely important to properly detecting, preventing, and investigating both security incidents and fraud incidents.
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Speak with security professionals who are involved in monitoring the Dark Web and you will probably end up getting varied responses as to what it is and what it is comprised of.
Vishing is a form of criminal phone fraud, combining one-on-one phone calls with custom phishing sites.
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
Many organizations are steadfast in their belief that dark web monitoring is a critical part of their security operations and the security industry is happy to fuel that belief.
Researchers have undertaken a deep dive into the shadowy, cyber world of those whose work involves abusing others online through trickery, extortion, fraud, and theft resulting from COVID-19.
CISA has recently designated many cyber security positions ‘essential roles', and our understanding of essential businesses and essential employees will continue to change as the pandemic evolves.
The barriers to entering the field of cybercrime have been significantly lowered, and for modest amounts of money, would-be scammers can buy high-quality phishing tools online.
Get the Daily Briefing
- Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack
- Cloud Forensics Firm Cado Security Raises $10 Million in Series A Funding
- Domain Name Security Neglected by U.S. Energy Companies: Report
- IBM: 44 Organizations Targeted in Attacks Aimed at COVID-19 Vaccine Cold Chain
- Reddit Launches Public Bug Bounty Program
- NSA: Russian Hackers Exploiting VPN Vulnerabilities - Patch Immediately
- US Expels Russian Diplomats, Imposes Sanctions for Hacking
- Exploit for Second Unpatched Chromium Flaw Made Public Just After First Is Patched
- Months After Hack, US Poised to Announce Sanctions on Russia
- NVIDIA Unveils 'Morpheus' Cybersecurity Framework
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy