Besides hospitals and academic institutions, dozens of nonprofits, including nongovernmental organizations - or NGOs - around the world must protect their COVID-19 research and related activities from those seeking to steal data or disrupt their operations, says cyber risk management expert Stanley Mierzwa.
Organizations must carefully re-examine their security procedures to make sure they're adequate for the new work-from-home environment during the COVID-19 crisis, says Shelton Newsham, a British law enforcement official who specializes in cybersecurity. He reviews key questions to ask.
A sophisticated hacking group associated with the North Korean government that's been tied to a number of high-profile attacks, including WannaCry, is using three new malware variants, according to the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency.
The increasing use of internet-connected devices in manufacturing facilities is opening up new ways for hackers to target so-called "smart" factories with unconventional attack methods, according to an analysis by security firm Trend Micro and the Polytechnic University of Milan.
A recently discovered cyberespionage toolkit called Ramsay is designed to infiltrate air-gapped networks to steal documents, take screenshots and compromise other devices, according to the security firm ESET.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Magellan Health, a U.S. managed care company that focuses on specialty areas of healthcare, says it was hit by a ransomware attack that involved the exfiltration of data. Ransomware gangs are increasingly going beyond encrypting data, stealing information to put more pressure on victims to pay ransoms.
From 2016 to 2019, sophisticated nation-state attackers preferred to target 10 vulnerabilities more than all others, the U.S. Cybersecurity and Infrastructure Security Agency and FBI warn in a new alert. They say many of these flaws are years old, yet remain unpatched and actively exploited.
Australian shipping giant Toll Group has vowed to again not pay a ransom after suffering its second ransomware attack of the year. In the latest incident, however, the company warns that attackers also stole corporate data - and it may get leaked.
New research shows it's possible to unlock a password-protected Windows computer in about five minutes by exploiting vulnerabilities in Intel's Thunderbolt hardware controller. The vulnerabilities add to a growing list of issues around Thunderbolt, which is used for connecting peripherals.
The surge in e-commerce as a result of the COVID-19 pandemic means more payment card transactions - and more card fraud, says Jordan McKee of 451 Research, who discusses the latest trends.
Zoom has reached a settlement with the New York state attorney general's office to provide better security and privacy controls for its videoconferencing platform. Meanwhile, the company announced it's acquiring a start-up encryption company.
In honor of World Password Day, here's a task for every organization that uses remote desktop protocol: Ensure that all of your organization's internet-facing RDP ports have a password - and that it's complex and unique.
Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.
Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.