Threats and vulnerabilities
Keeping up with the latest threats and vulnerabilities is a battle for any security pro. Get up-to-date information on email threats, nation-state attacks, phishing techniques, ransomware and malware, DDoS attacks, APTs, application vulnerabilities, zero-day exploits, malicious insiders and more.
Top Stories
-
News
09 Dec 2024
Attackers exploit vulnerability in Cleo file transfer software
Cleo disclosed and patched the remote code execution vulnerability in late October, but managed file transfer products have proved to be popular targets for threat actors. Continue Reading
By- Arielle Waldman, News Writer
-
News
06 Dec 2024
Ultralytics YOLO AI model compromised in supply chain attack
While Ultralytics has not released an official security advisory, the company pulled two recent versions of its YOLO11 AI model after reports said they contained a cryptominer. Continue Reading
By- Arielle Waldman, News Writer
-
News
23 Dec 2020
Security measures critical for COVID-19 vaccine distribution
The COVID-19 vaccine supply chain is already under attack, which comes as no surprise to experts. The biggest potential threats, however, are still to come. Continue Reading
By- Makenzie Holland, Senior News Writer
- Jim O'Donnell, News Writer
-
News
21 Dec 2020
SolarWinds backdoor infected tech giants, impact unclear
Reports that technology giants were also affected by the SolarWinds backdoor malware have been confirmed by several major vendors, though there's no evidence they were breached. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
18 Dec 2020
Risk & Repeat: SolarWinds backdoor shakes infosec industry
This week's Risk & Repeat podcast discusses the latest developments around the devastating SolarWinds backdoor attacks, which impacted several U.S. government agencies. Continue Reading
By- Rob Wright, Senior News Director
-
News
17 Dec 2020
Microsoft, FireEye create kill switch for SolarWinds backdoor
The kill switch follows several other moves Microsoft made against the malware, including the removal of digital certificates and quarantining the malware in Windows Defender. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 Dec 2020
SolarWinds struggles with response to supply chain attack
Security researchers discovered the Orion DLL component containing the backdoor used was still present in updates on SolarWinds' website as recently as Monday night. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 Dec 2020
SolarWinds breach highlights dangers of supply chain attacks
While the scope of the breach is still unknown, the cyber attack on SolarWinds shows what can happen when sophisticated attackers target just one link of a software supply chain. Continue Reading
By- Arielle Waldman, News Writer
-
News
14 Dec 2020
SolarWinds backdoor used in nation-state cyber attacks
Nation-state hackers conducted a supply chain attack on SolarWinds and planted a backdoor in software updates issued to customers such as FireEye and various government agencies. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
14 Dec 2020
Technology a double-edged sword for U.S. election security
Technologies were weaponized to undermine the 2020 U.S. presidential election, but IT systems have also helped to identify fraud and verify results in a hotly contested election. Continue Reading
By- Bridget Botelho, Editorial Director, News
-
News
09 Dec 2020
FireEye red team tools stolen in cyber attack
While no zero-day exploits were included in the red team tools, FireEye released detection rules and known vulnerabilities to help organizations defend themselves. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
08 Dec 2020
New Microsoft Teams RCE vulnerability also wormable
In his GitHub post, researcher Oskars Vegeris discussed Microsoft classifying the vulnerability as 'Important' rather than 'Critical,' despite it being exploitable via RCE. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
04 Dec 2020
New IBM encryption tools head off quantum computing threats
IBM rolled out a series of cloud-based services that improve hybrid cloud users' cryptographic key protection, in part to future-proof incursions by quantum computers. Continue Reading
By- Ed Scannell, Freelancer
-
Guest Post
03 Dec 2020
The challenge of addressing the IT and security skills gap
In the first of a two-part series, Jonathan Meyers examines the issues surrounding the security skills gap that companies must contend with due to limited budgets, training and more. Continue Reading
By- Jonathan Meyers
-
News
03 Dec 2020
Updated Trickbot malware threatens firmware security
Despite recent takedown efforts, the operators behind the malicious botnet are back with a new module called 'TrickBoot' that detects UEFI/BIOS firmware vulnerabilities. Continue Reading
By- Arielle Waldman, News Writer
-
News
01 Dec 2020
Online education vendor K12 hit with ransomware, pays ransom
A spokesperson for K12 told SearchSecurity that based on the current status of the investigation, the attack did not affect student devices or school networks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
18 Nov 2020
Sophos: Ransomware 'heavyweights' demand sky-high payments
Sophos principal research scientist Chet Wisniewski explains the presence of 'weight classes' in ransomware and offers his thoughts on its future. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 Nov 2020
CrowdStrike: Ransomware hit 56% of organizations in last year
A new survey from CrowdStrike revealed more than half of 2,200 respondents' organizations were hit with a ransomware attack at least once in the past 12 months. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
13 Nov 2020
Risk & Repeat: 2020 election security in review
This week's Risk & Repeat podcast looks back at the 2020 election, which was free of major cyber attacks or hacks but has seen a rise in disinformation campaigns online. Continue Reading
By- Rob Wright, Senior News Director
-
News
12 Nov 2020
25,000 criminal reports: Vastaamo breach sets new precedent
The recent data breach at the Vastaamo Psychotherapy Centre in Finland shows threat actors are willing to threaten and extort patients directly, setting a dangerous new precedent. Continue Reading
By- Arielle Waldman, News Writer
-
News
12 Nov 2020
Life after Maze: Is Egregor ransomware next?
Cybersecurity experts have noted similarities between newly discovered Egregor ransomware and the now-defunct Maze, but it's unclear whether the same threat actors are involved. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
02 Nov 2020
5 steps to get IoT cybersecurity and third parties in sync
Third parties often prove to be the weak links when it comes to IoT cybersecurity. Learn what you can do to minimize the risk while reaping the benefits that outside vendors bring. Continue Reading
-
Infographic
02 Nov 2020
COVID-19 cybersecurity data shows rising risk during remote pivot
When enterprises quickly pivoted to remote work during the pandemic, it prompted a wave of new threats while also widening existing gaps in cybersecurity postures. Continue Reading
-
News
02 Nov 2020
Maze gang shuts down its ransomware operation
Maze ransomware has shut down, according to an announcement it posted Sunday, although some evidence suggests that Maze operators have resumed attacks under a different name. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
29 Oct 2020
FBI, CISA warn of impending ransomware attacks on hospitals
Trickbot and Ryuk ransomware actors are targeting hospitals and other healthcare providers, according to a joint cybersecurity advisory from the CISA and the FBI. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
28 Oct 2020
'Lives at stake': How ransomware impacts hospitals
Some ransomware gangs pledged to not target medical facilities during the COVID-19 pandemic, but hospitals are still getting hit. And the attacks affect more than just IT systems. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 Oct 2020
Iranian hackers pose as far-right group to threaten U.S. voters
The FBI said Russia and Iran have obtained voter information, and Iranian hackers have also been sending threatening emails to voters that appeared to be from a far-right group. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
22 Oct 2020
McAfee launches IPO, raises $620 million
McAfee has returned to Wall Street, which comes months after the endpoint security vendor's previous CEO, Christopher Young, was replaced by Peter Leav in January. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
21 Oct 2020
Microsoft: 94% of Trickbot's infrastructure disabled
In a new blog post, Microsoft said its legal takedown last week, which sought to decrease Trickbot activity, disabled the vast majority of the botnet's servers. Continue Reading
By- Arielle Waldman, News Writer
-
News
20 Oct 2020
NSS Labs ceases operations amid financial turmoil
Product testing firm NSS Labs shut down last week, citing negative effects of COVID-19, but former employees say the company's troubles started well before the pandemic. Continue Reading
By- Rob Wright, Senior News Director
-
Guest Post
19 Oct 2020
Combating disinformation campaigns ahead of 2020 election
As the 2020 election approaches, more focus needs to be on overcoming disinformation campaigns that manipulate voters as they vote early or head to the polls on Election Day. Continue Reading
By- Jason Yakencheck
-
News
08 Oct 2020
Should ransomware payments be banned? Experts weigh in
Two events -- a new advisory and what might be the first ransomware-related death -- have reignited the debate of whether ransomware payments should be banned. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
07 Oct 2020
Raccine: A ransomware 'vaccine' with a few catches
Raccine, an open source 'vaccine,' prevents ransomware threat actors from using a Windows utility to delete shadow copies of a system's data, but there are a few drawbacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Oct 2020
Potential ransomware-related death still under investigation
German authorities say they are still investigating the death of a patient in connection with a ransomware attack on Düsseldorf University Hospital in Germany last month. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
28 Sep 2020
IBM: Ransomware attacks surged in Q2, ransom demands rising
IBM Security examined several concerning ransomware for this year, as well as an exponential increase in ransom demands and massive spike in attacks during the spring. Continue Reading
By- Arielle Waldman, News Writer
-
News
17 Sep 2020
Gartner: Paying after ransomware attacks carries big risks
The average cost of a ransomware payment in Q1 2020 was $178,254, according to a session at Gartner's Security & Risk Management Summit -- and that doesn't include downtime cost. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Sep 2020
CISA and FBI say there have been no hacks on voter databases
After a false Russian news report circulated on the internet, CISA and the FBI released a joint statement that denied any hacks to election security. Continue Reading
By- Arielle Waldman, News Writer
-
News
01 Sep 2020
Big ransomware attacks overshadowing other alarming trends
Large ransomware attacks on major enterprises have dominated the news, but security experts say there are other alarming trends. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
27 Aug 2020
North Korea's 'BeagleBoyz' target banks with ATM cash-out attacks
The U.S. Government issued a joint alert for an ATM cash-out scheme run by a newly identified North Korean nation-state hacking group known as 'BeagleBoyz.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
27 Aug 2020
Maze ransomware 'cartel' expands with new members
Two more ransomware groups have apparently joined the Maze 'cartel' in an effort to expose victims' data on leak sites and shame them into paying expensive ransoms. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Aug 2020
FBI and CISA issue vishing campaign warning
The FBI and CISA have issued a joint advisory related to a vishing campaign that began in mid-July, with numerous attacks that gained access to corporate VPN credentials. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 Aug 2020
Email enigma: Why is Canada hit with so many phishing attacks?
Canada has become an increasingly popular target for phishing attacks, according to several security vendors, but the reasons for the increase remain a mystery. Continue Reading
By- Arielle Waldman, News Writer
-
Guest Post
12 Aug 2020
What cybersecurity teams can learn from COVID-19
Nabil Hannan examines key similarities between medical and computer viruses that cybersecurity teams can use to keep businesses protected effectively. Continue Reading
By- Nabil Hannan
-
Answer
05 Aug 2020
How to send secure email attachments
Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently, negating security benefits. Continue Reading
By- Michael Heller, TechTarget
- Michael Cobb
-
Podcast
04 Aug 2020
Risk & Repeat: Sophos warns of evolving ransomware threats
Dan Schiappa and Chester Wisniewski of Sophos join the Risk & Repeat podcast to discuss how ransomware groups are evolving and embracing innovative evasion techniques. Continue Reading
By- Rob Wright, Senior News Director
-
News
29 Jul 2020
'BootHole' bug puts most Linux, Windows systems in jeopardy
Hardware security vendor Eclypsium discovered a bootloader vulnerability that bypasses Secure Boot protection and affects a majority of modern Linux and Windows systems. Continue Reading
By- Arielle Waldman, News Writer
-
News
27 Jul 2020
Emotet botnet hacked, malware replaced with humorous GIFs
Malware distribution network Emotet has been hacked by a potential threat actor of unknown origin, with malware payloads now being replaced with GIFs of James Franco and others. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
27 Jul 2020
Digital ad networks tied to malvertising threats -- again
Adsterra and Propeller Ads were implicated in past malvertising threats such the Master134 campaign. Now the two ad networks are linked to new malicious activity. Continue Reading
By- Rob Wright, Senior News Director
-
News
23 Jul 2020
Evasive phishing campaign hid inside Google cloud services
A new report by Check Point Software Technologies revealed attackers were abusing Google Cloud Functions to hide their phishing links within public cloud services. Continue Reading
By- Arielle Waldman, News Writer
-
News
17 Jul 2020
Identity theft subscription services uncovered on dark web
Identity theft subscriptions are now being offered on the dark web. This information is being used for carding operations, account generation and other cybercrime schemes. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
13 Jul 2020
RSA finds two-thirds of phishing attacks directed at Canada
RSA Security researchers found that nearly 70% of phishing attacks were directed at users in Canada, while the majority of attacks come from U.S.-based ISPs and hosting providers. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Jul 2020
Cybercriminals auction off admin credentials for $3,000
Threat actors are auctioning off domain administrator accounts, selling access to the highest bidder for an average of $3,139 and up to $140,000, according to Digital Shadows. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
09 Jul 2020
Data theft in ransomware attacks may change disclosure game
Many ransomware attacks aren't publicly disclosed. But as ransomware gangs continue to steal, encrypt and threaten to publicly release data, that may be changing. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
09 Jul 2020
How cyber warfare laws limit risk on a digital battleground
Retired Navy cryptologist implores enterprises to build key cyber warfare laws into their infosec strategy to improve survivability on the digital battleground in his new book. Continue Reading
By- Katie Donegan, Social Media Manager
- Packt Publishing
-
Feature
09 Jul 2020
The future of cyber warfare requires infosec's attention
The future of cyber warfare places enterprise security and survivability in the crosshairs. Learn more about cyber warfare threats and capabilities and how infosec can prepare. Continue Reading
By- Katie Donegan, Social Media Manager
-
News
08 Jul 2020
Microsoft seizes malicious domains used in COVID-19 phishing
Microsoft went to court to seize several malicious domains that were used by cybercriminals in extensive phishing and BEC attacks on Office 365 accounts amid the current pandemic. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
08 Jul 2020
5 steps to help prevent supply chain cybersecurity threats
Follow five steps to lower the risk of supply chain cybersecurity threats, from creating third-party risk management teams to using blockchain and hyperledger and more. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
01 Jul 2020
Snake ransomware poses unique danger to industrial systems
The new ransomware family known as Snake, or Ekans, is designed for organizations with industrial control systems and has already struck at least two enterprises. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
26 Jun 2020
Maze ransomware hit biggest target yet with LG breach
The operators of Maze ransomware claim to have breached LG, offering three screenshots as proof. One of those screenshots features LG product source code. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
23 Jun 2020
MSPs scramble to bolster security amid ransomware spike
After a flurry of devastating ransomware attacks in 2019, MSPs and vendor partners are improving security to prevent history from repeating during the pandemic. Continue Reading
By- Rob Wright, Senior News Director
-
News
11 Jun 2020
Italian company implicated in GuLoader malware attacks
While analyzing the network dropper GuLoader, researchers found an almost identical commercial software tool called CloudEye offered by a legitimate-looking Italian company. Continue Reading
By- Arielle Waldman, News Writer
-
News
10 Jun 2020
New 'Thanos' ransomware weaponizes RIPlace evasion technique
Recorded Future's Insikt Group uncovered a new ransomware-as-a-service tool named 'Thanos' that's the first ransomware to use the hard-to-detect RIPlace technique. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
10 Jun 2020
How security teams can prevent island-hopping cyberattacks
Learn how to prevent island-hopping cyberattacks to keep hackers from gaining the confidence of a phishing victim who could then accidentally commit corporate financial fraud. Continue Reading
By- Nick Cavalancia, Techvangelism
-
News
05 Jun 2020
Chinese, Iranian hackers targeted Trump and Biden campaigns
Shane Huntley, director of Google's Threat Analysis Group, announced that two state-backed APT groups targeted campaign staff for both Joe Biden and President Donald Trump. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
05 Jun 2020
Risk & Repeat: Are ransomware groups joining forces?
This week's Risk & Repeat podcast discusses the prospect of ransomware gangs working together and what it could mean for enterprises and the overall threat landscape. Continue Reading
By- Rob Wright, Senior News Director
-
News
04 Jun 2020
Attacks on Exim vulnerability continue one year later
Though the Exim mail transfer agent vulnerability was publicly disclosed in June 2019, a significant number of unpatched versions remain online and are at risk of attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
01 Jun 2020
12 Microsoft 365 security best practices to secure the suite
Migrating to or operating cloud-based Microsoft 365 can bring with it a host of problems and misconfigurations. Check out 12 best practices to tighten Microsoft 365 security. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
26 May 2020
StrandHogg 2.0 allows attackers to imitate most Android apps
A new elevation-of-privilege vulnerability on Android, dubbed StrandHogg 2.0, allows threat actors to gain access to most apps, according to Norwegian mobile security firm Promon. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
26 May 2020
Mandiant dishes on notorious Maze ransomware group
Mandiant threat researchers navigate the tools, tactics and procedures of the Maze ransomware group, which has become notorious for "shaming" victims with stolen data. Continue Reading
By- Arielle Waldman, News Writer
-
News
22 May 2020
Ragnar Locker ransomware attack hides inside virtual machine
Threat actors have developed a new type of attack method by hiding Ragnar Locker ransomware inside a virtual machine to avoid detection. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
18 May 2020
Texas struck by two ransomware attacks in one week
The Texas Department of Transportation was hit with a ransomware attack last Thursday, marking the second ransomware incident on a state agency in less than a week. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
14 May 2020
CISA identifies malware from North Korean hacking group
The Cybersecurity and Infrastructure Security Agency, in conjunction with the FBI and DoD, has identified three variants of malware used by the North Korean government. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Feature
08 May 2020
How a security researcher spots a phishing email attempt
When security expert Steven Murdoch spotted a phishing email in his inbox, the researcher in him decided to investigate. Here's what he learned about criminal phishing tactics. Continue Reading
By- Katie Donegan, Social Media Manager
-
Tip
08 May 2020
How to protect the network from ransomware in 5 steps
Stronger network security could be the key to preventing a ransomware infection. Follow these five steps to protect your network from ransomware. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
Tip
07 May 2020
Prevent spyware through user awareness and technical controls
Find out how to protect devices from spyware and educate users to avoid the most common traps from which spyware infections might come, including phishing attacks and rogue apps. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
- Michael Heller, TechTarget
-
News
06 May 2020
Healthcare organizations sitting on 'unexploded' ransomware
While threat reports show ransomware attacks against healthcare organizations are down, experts say threat actors may be lurking in networks and waiting to strike at a later date. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Answer
06 May 2020
The risks and effects of spyware
Spyware can steal mundane information, track a user's every move and everything in between. Read up on the types of spyware and how to best fix infected devices. Continue Reading
By- Michael Heller, TechTarget
- Michael Cobb
-
News
05 May 2020
Research finds ransomware payments, demands increasing
Research from incident response vendor Coveware and national law firm BakerHostetler show massive increases in both ransomware demands and payments from victims. Continue Reading
By- Arielle Waldman, News Writer
-
Opinion
01 May 2020
Why nation-state cyberattacks must be top of mind for CISOs
Even though organizations face threats coming from many sources, one type of cyberattack should be top of mind for CISOs: those backed by nation-states. Here's why. Continue Reading
By- Johna Till Johnson, Nemertes Research
- 01 May 2020
-
News
01 May 2020
Shade ransomware decryptor released with 750,000 keys
Kaspersky Lab released a decryptor tool after operators behind the ransomware variant announced a shutdown of operations and issued an apology for any harm caused. Continue Reading
By- Arielle Waldman, News Writer
-
Feature
30 Apr 2020
Words to go: Types of phishing scams
IT teams must take proactive measures to address security awareness when it comes to email. Learn about the types of phishing scams to mitigate risk. Continue Reading
By- Katie Donegan, Social Media Manager
-
Feature
29 Apr 2020
Mitigating ransomware and phishing attacks during a pandemic
Where most see crisis, cybercriminals see opportunity. Learn how security leaders can meet the challenges of mitigating ransomware threats and phishing attacks during a pandemic. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Feature
24 Apr 2020
Coronavirus phishing threats force heightened user awareness
As coronavirus phishing threats ramp up, organizations must turn to user education, in addition to traditional network security, as their best defense. Continue Reading
By- Michael Heller, TechTarget
-
News
24 Apr 2020
Emsisoft: U.S. ransomware attacks declined during pandemic
In the first quarter of 2020, the number of successful ransomware attacks on government and healthcare organizations in the U.S. decreased to a level unseen in years, Emsisoft said. Continue Reading
By- Arielle Waldman, News Writer
-
News
22 Apr 2020
New spear phishing campaign targets oil and gas industry
Bitdefender researchers identified new spear phishing campaigns against the oil and gas industry that include emails with no typos and perfect usage of industry terminology. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
22 Apr 2020
How to prepare for ransomware and phishing attacks
Follow these best practices to properly prepare for ransomware and phishing attacks, as well as further steps to stay secure in the face of a pandemic or widespread health event. Continue Reading
By -
News
22 Apr 2020
Ransomware, cloud attacks more than doubled in 2019
New research by Trustwave shows 2019 saw huge increases in ransomware and cloud services attacks, as well as a big shift from spam toward business email compromise. Continue Reading
By- Arielle Waldman, News Writer
-
News
20 Apr 2020
Cognizant discloses Maze ransomware attack
Cognizant was attacked by the Maze ransomware gang, the company confirmed Saturday. It's unclear whether Cognizant clients were also breached or infected with ransomware. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
17 Apr 2020
Ransomware attacks see 148% surge amid COVID-19
VMware Carbon Black saw a 148% increase in ransomware attacks in March over baseline levels in February, plus a massive spike in attacks on financial institutions. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
16 Apr 2020
Hackers embrace cryptocurrency laundering to evade the law
Cybercriminals are turning to cryptocurrency laundering methods to hide illicit proceeds as law enforcement agencies find success in tracing bitcoin transactions. Continue Reading
By- Arielle Waldman, News Writer
-
News
15 Apr 2020
Malware found on 45 percent of home office networks
New research by BitSight compared malware infections on home office networks versus corporate networks, and the results were unsettling for remote enterprise users. Continue Reading
By- Arielle Waldman, News Writer
-
News
14 Apr 2020
Russian threat group suspected of hacking SFO
San Francisco International Airport disclosed a data breach affected employees and third-party contractors, and ESET researchers said a Russian APT was likely behind the attack. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
09 Apr 2020
APTs infiltrated Linux servers undetected for nearly 10 years
New BlackBerry research shows how five APT groups operating on behalf of the Chinese government infiltrated enterprise Linux environments undetected for nearly a decade. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
03 Apr 2020
Microsoft warns hospitals of impending ransomware attacks
Microsoft warned "dozens" of hospitals with vulnerable gateway and VPN software that an infamous ransomware group known as REvil is scanning the internet for such flaws. Continue Reading
By- Arielle Waldman, News Writer
-
News
02 Apr 2020
Beazley: Ransomware attacks on clients 'skyrocketed' in 2019
The 2020 Beazley Breach Briefing reported a 131% increase in reported attacks against clients last year, and the insurance giant isn't expecting the trend to slow down. Continue Reading
By- Arielle Waldman, News Writer
-
News
30 Mar 2020
Coronavirus phishing lures continue to dominate threat landscape
Overall cybercrime activity isn't necessarily going up amid COVID-19, experts say. However, coronavirus-themed emails are becoming the dominant form of phishing attacks. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
27 Mar 2020
Cyberinsurance carrier Chubb investigating possible data breach
Insurance giant Chubb confirmed it is investigating an incident that may involve the Maze ransomware group, which claims to have stolen sensitive data from the company. Continue Reading
By- Arielle Waldman, News Writer
-
Podcast
27 Mar 2020
Risk & Repeat: COVID-19 boosting social engineering attacks
This episode of the Risk & Repeat podcast looks at how social engineering attacks have become more successful by taking advantage of the coronavirus pandemic. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
26 Mar 2020
Coronavirus phishing scams increase amid pandemic's spread
Organizations must account for a sharp uptick of coronavirus phishing scams in their pandemic and business continuity plans. Learn about the trend here, with steps for mitigation. Continue Reading
By- Katie Donegan, Social Media Manager
-
News
25 Mar 2020
China's APT41 attacks Citrix ADC flaws in cyberespionage campaign
A dual cyberespionage and cybercrime group known as APT41 exploited vulnerabilities in Citrix NetScaler/ADC and other products in an extensive, global threat campaign. Continue Reading
By- Arielle Waldman, News Writer
-
News
19 Mar 2020
Deepfakes: Security experts undecided on the threat level
Deepfakes may seem like a scary new threat in today's world, but should the world be worried? SearchSecurity asked numerous experts to weigh in at RSA Conference 2020. Continue Reading
By- Alexander Culafi, Senior News Writer