With more than 1,000 IoT security guidelines, recommendations and best practices, which ones should an organization follow? Researchers at Carleton University in Canada say 91 percent of the guides are outcome-based, which are not necessarily easy for manufacturers to follow.
The developers behind the Purple Fox fileless downloader malware recently upgraded their operation and are now targeting two new vulnerabilities to gain access to networks, according to a report by security firm Proofpoint.
Ransomware-wielding attackers continue to pummel organizations. But labeling these as being just ransomware attacks often misses how much these incidents involve serious network intrusions, exfiltration of extensive amounts of data, data leaks and, as a result, reportable data breaches.
A Nigerian national who has been extradited to the United States allegedly laundered millions of dollars stolen in business email compromise scams, according to the Justice Department. He flaunted his lavish lifestyle on social media, prosecutors say.
The year 2020 will be remembered as the landmark date when enterprises strove for business resilience and achieved digital transformation. Heading toward 2021, how can enterprises continue to evolve and provide value? Pamela Kubiatowski of Zscaler offers guidance.
Andrew Shikiar, executive director at the FIDO Alliance, offers an update on the group's efforts to reduce reliance on passwords and discusses how to overcome barriers.
Voice-controlled assistants can be fooled by replaying a recording of someone's voice. But researchers with Australia's Commonwealth Scientific and Industrial Research Organization and Samsung Research say they've developed a lightweight software tool to detect such attempts, which are difficult to defend against.
A recent inspector general's report finds that NASA still struggles with implementing an agencywide cybersecurity policy despite spending approximately $2.3 billion on IT, networking and security technology in 2019. The oversite report lists a series of improvements that NASA should make.
Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
Rossella Mattioli, a network and information security expert at ENISA, the European Union Agency for Cybersecurity, discusses a new report offering insights on detecting network security incidents.
The latest edition of the ISMG Security Report discusses global progress on adopting standard digital identifiers. Plus, a former cybercriminal discusses emerging fraud trends, and an update on the evolution of e-signatures.
European police gained access to messages sent via the encrypted cellular service EncroChat, leading to the arrest of hundreds of alleged organized crime members across the Netherlands, France, Norway, Sweden and the U.K., the EU's law enforcement intelligence agency Europol reports.
Fraudsters are using a revamped version of the Alina Trojan to target Windows-based POS devices to steal payment card data, according to Century Link's Black Lotus Labs. The malware operators are using unsecured DNS protocols to exfiltrate the data.
Could your organization withstand an attack by the master hacking operation known as "Fxmsp"? Hollywood loves to portray hackers as having ninja-like skills. But Fxmsp often favored the simplest tools for the job, because they so often worked. Defenders: Take note.
Implementing trusted digital IDs will create benefits for end users as well as service providers, says Nick Mothershaw, chair and executive director at the Open Identity Exchange. But widespread international adoption of such IDs will take time to achieve, he acknowledges.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.