A zero-day vulnerability detected in the Java logging library Apache Log4j can result in full server takeover and leaves countless applications vulnerable, according to security researchers, who say that the easily exploitable flaw was first detected in the popular game Minecraft.
A Nov. 16 ransomware attack on Frontier Software leaked "significant personal information" of thousands of South Australian government employees on the dark web, according to a Friday statement by Rob Lucas, treasurer of South Australia.
Jeremy Grant, coordinator of the Better Identity Coalition, joins three ISMG editors to discuss important cybersecurity issues, including how the Biden administration’s executive order will advance the identity cause, and whether we are any closer to finally abandoning the password.
The SideCopy APT group's attacks on military and government institutions in India and Afghanistan used new lures, payload delivery mechanisms, and other tactics, according to a report by researchers at threat intelligence firm Malwarebytes.
The U.K. High Court has upheld the U.S. government's request to extradite WikiLeaks founder Julian Assange, after receiving assurances about the conditions in which the 50-year-old would be held. Assange reportedly plans to appeal the ruling.
SonicWall is urging users of its Secure Mobile Access 100 series gateways and remote access products to immediately apply patches, as a majority of the devices are affected by eight critical- to medium-severity vulnerabilities even after enabling their web application firewall.
Hellman Worldwide Logistics, one of the world's biggest logistics and shipping firms, is warning that its operations remain disrupted following an online attack of unspecified nature. The attack comes amid a busy season for e-commerce and shipping, with supply lines already stretched thin, experts say.
Open-source analytics and interactive visualization solutions provider Grafana Labs has released an emergency security update to patch a high-severity zero-day vulnerability on its dashboard. The company had to issue the fix before schedule to limit exploitation after a researcher reported it.
As the final weeks of 2021 wrap up, the federal health data breach tally continues to show hacking incidents by far dominating as the top category of breaches being reported. That includes the addition of several major ransomware incidents reported by healthcare entities and vendors in recent weeks.
Ifigeneia Lella, cybersecurity officer at ENISA describes findings from the agency's Threat Landscape 2021 report, which assesses the motives, capabilities, targeting and evolution of four different types of threat actors: state-sponsored, cybercrime actors, hacker-for-hire actors and hacktivists.
Since Emotet malware returned last month, it's been dropping the Cobalt Strike penetration-testing tool directly onto infected endpoints shortly after infection, researchers say. The move could be a bid to more rapidly identify high-value systems for targeting with ransomware, some experts warn.
Once, in another role, Rent-A-Center CISO Jason Fruge was asked by senior management to develop a "security scorecard," but he resisted. What were his objections, and how did he address them? Fruge explains in this exclusive leadership discussion.
In 2021, the supply of cybersecurity professionals increased across the globe, with the exception of the Asia-Pacific region and some parts of Europe, says (ISC)² CEO Clar Rosso. She discusses factors behind the workforce gap and how a diverse team can improve resolution of cybersecurity problems.
A botnet operation called Glupteba has been disrupted by Google's Threat Analysis Group. The botnet targeted more than 1 million Microsoft Windows users in the U.S, India, Brazil and Southeast Asia. Also, Google has filed a lawsuit against two Russians alleged to be the botnet's operators.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.