Criminals wielding a new strain of ransomware called Cr1ptT0r are targeting network-attached storage users. The campaign was first discovered in February after owners of D-Link network storage enclosures reported that their devices were being crypto-locked.
More than half of 250 anti-virus applications available in Google's Play Store offer insufficient protection against malicious software, according to a new study by testing firm AV Comparatives. One clear takeaway for all Android anti-virus users: Select products carefully.
The latest edition of the ISMG Security Report features a discussion of the role of "prosilience" in IoT security, plus the problem of overnotification under GDPR and the notion of "Spartacus as a Service."
A closely held type of point-of-sale malware, DMSniff, is spreading further while another, GlitchPOS, has also emerged. Despite a surfeit of stolen payment card details on the black market, efforts to steal more continue, highlighting the continuing challenges around card security.
Few internet-connected devices are built to be secure by default, and the problem is getting worse because many devices are connecting to poorly secured cloud services, says Ken Munro of Pen Test Partners.
Today's workforce is increasingly working remotely and relying on a variety of devices and cloud services to accomplish their jobs. Organizations must support but also secure this push, or they risk driving employees to adopt shadow IT, warns Jon Oberheide of Duo Security.
To help ensure that their sensitive data cannot be exfiltrated, some organizations have adopted data diodes, which are hardware devices designed to provide a one-way link to stop exfiltration or block remote attackers, says Mike Timan of Owl Cyber Defense.
At the start of RSA Conference 2019, Jon Callas of the ACLU discusses how attitudes toward privacy continue to evolve and why the general tenor of the conversation is not as bad as some headlines suggest.