Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency are urging local government agencies to patch the Netlogon vulnerability known as Zerologon ahead of next Tuesday's presidential election to improve security. A "small number" of attacks exploiting the flaw are continuing, Microsoft says.
Almost eight months after Microsoft warned of a critical vulnerability in Windows called SMBGhost, more than 100,000 unpatched devices remain vulnerable, according to security researchers. The COVID-19 pandemic and ensuing rush to move workers into home offices may have led to delays in applying the fix.
So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.
The U.S. Cybersecurity and Infrastructure Security Agency and the FBI have issued an alert providing details on the activities of a North Korean hacking group dubbed Kimsuky. The group, which has primarily focused on South Korean targets, has also conducted espionage campaigns in the U.S. and Japan.
How fast is your IT? You need speed and adaptability to adjust as big changes in the global economy and our daily lives keep coming. Are you prepared for what's next? What are IT organizations saying about it all?
This spring, 2,200 IT professionals and senior IT leaders participated in a survey and shared:
The U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Experts say more than indictments will be required to curb such activity.
MAXEX, a company that develops a digital trading platform for the secondary mortgage market in the U.S., leaked 9 GB of internal documentation as well as full mortgage applications for 23 individuals. The data was released by a Swiss-based developer who apparently was unaware it was sensitive.
Has the nation-state threat become like the weather - something everyone talks about, but no one can do anything about? It's time for a strategic change. A panel of experts offers a frank discussion of nation-state actors, their ongoing intrusions and what "taking off the gloves" might look like.
A security researcher recently discovered an unsecure Elasticsearch database cluster exposed on the internet that contained transcripts of sensitive voicemail messages, including some for medical clinics and financial service companies.
The FCC is asking the Justice Department and other executive branch agencies if China Unicom's operations within the U.S. pose a significant enough national security threat to merit revoking the company's business license.
As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases. Attempting to ban ransom payments, however, likely would only make the problem worse.
Whether you are just starting a digital transformation or you're running completely digitized processes, the right tech can make a significant impact on reducing risk and increasing customer value. But with so many solutions, how do you cull the herd?
Join us for an interactive session where we'll discuss a few...
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.