An advanced persistent threat espionage campaign with suspected ties to the Chinese government quietly targeted businesses and governments in 10 countries for two years, bypassing two-factor authentication, according to a report by Fox-IT.
Building a good incident response plan requires analytical skills, says Anish Ravindranathan, lead, cybersecurity detection and response, at General Mills, who offers insights on creating a playbook.
Apple and Google have stopped distributing a popular messaging app marketed to English and Arabic speakers called ToTok. The New York Times has reported that U.S. intelligence agencies believe ToTok was developed by the United Arab Emirates government to spy on its citizens. The government bans rival offerings.
The year 2019 saw a marked increase on breach responses services for small-to-midsized businesses. Kristin Judge, CEO of the Cybercrime Support Network, outlines the state of cybersecurity for the midmarket.
Tom Kellermann, former cybersecurity adviser to the Obama administration, doesn't mince words when he describes the nation-state threat to the U.S. as the "axis of evil in cyberspace." Nor does he hold back about the threat from destructive attacks, 5G deployment and other trends to watch in 2020.
The gang behind Maze ransomware now lists 21 alleged victims on its website that it says have not paid a demanded ransom, including the Florida city of Pensacola. But Canadian construction firm Bird, which was listed as a victim, subsequently disappeared from the list.
Identity and Access Management is at the epicenter of many corporate security vulnerabilities. Markku Rossi of SSH Communications Security discusses how a "Just-in-Time" approach to credential management eliminates standing privileges.
The Wawa convenience store chain is investigating why malware planted on point-of-sale devices at nearly all of its over 850 locations throughout the East Coast went undetected for nearly eight months.
The National Institute of Standards and Technology has released three biometric datasets to help organizations research new types of secure digital identification systems and authentication processes. NIST also released a study on facial recognition technology that raises some concerns.
The user-friendly aspects of apps can enable malicious bots to infiltrate, says Eddie Doyle of Check Point Research, who offers insights on addressing the issue.
The latest edition of the ISMG Security Report discusses the recent ransomware attacks on the city of New Orleans as well as other units of local government and schools. Also featured: discussion on security issues for IoT and legacy medical devices.
In 2017, the U.S. Army ordered that the use of drones made by Chinese manufacturer DJI be discontinued, citing security concerns. Now, a second classified memo used to support that decision has been released, revealing serious concerns about how cyberspies could intercept video and other encrypted data.
Video conferencing and collaboration systems are must-have tools for global companies. But new research by Forescout illustrates that elementary security errors in one vendor's system could have allowed attackers to snoop on meetings and view sensitive documents.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.