Investigators probing the violent storming of the U.S. Capitol by a mob on Wednesday have been seeking images and help in identifying suspects. The FBI, which is leading the investigation, has a range of investigative tools and technologies to help, including facial recognition software.
The "remote workforce" of 2020 is gone. Now we're talking about the new, permanent "branch office" - and it comes with its own unique set of cybersecurity concerns, says Derek Manky of FortiGuard Labs. He discusses new social engineering trends and how to respond.
Why Start With Identity?
As more government organizations move their citizen services to mobile and cloud-based platforms, ensuring the validity of those benefits claims is more important than ever. Many are adopting an identity centric security model as a framework for prevention of risk and fraud.
The FBI has issued a warning about the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group. Since September, the crypto-locking malware has been associated with nearly 100 attacks worldwide.
Twitter permanently suspended the official account of President Donald Trump, with the social media firm citing concerns over violence following the riot by pro-Trump supporters at the Capitol. Facebook had already suspended Trump's account through the remainder of his term.
A Russian national who pleaded guilty to hacking JPMorgan Chase and other financial institutions has been sentenced to 12 years in federal prison. The hacking scheme affected more than 100 million bank customers.
The U.S. federal court system is investigating an "apparent compromise" of a confidential electronic filing system used for sensitive legal documents. Meanwhile, it has suspended its use of the hacked SolarWinds' Orion system and changed document security procedures while conducting an audit.
The U.S. Department of State has announced plans to create a Bureau of Cyberspace Security and Emerging Technologies to enhance its security and help it deal with international cybersecurity issues. But it remains to be seen if those plans will be carried out by the incoming Biden administration.
A Baltimore medical center that suffered a ransomware attack a month ago and pulled its electronic health record system offline as a precaution is finally beginning to restore access to the system, the organization's CEO says. It's the latest example of how cyberattacks can derail EHRs.
As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S. cybersecurity czar Chris Krebs and former Facebook CSO Alex Stamos as advisers.
Security researchers are warning that attackers appear to have stepped up scanning for vulnerable Zyxel products, including VPN gateways, access point controllers and firewalls. A recently disclosed vulnerability in the company's firmware can create a hard-coded backdoor.
This edition of the ISMG Security Report features an analysis of the very latest information about the SolarWinds hack. Also featured are discussions of "zero trust" for the hybrid cloud environment and data privacy regulatory trends.
Reacting to reports claiming hackers may have used JetBrains' TeamCity tool as an initial infection vector during the attack against SolarWinds, JetBrains CEO Maxim Shafirov says the company has not been contacted by investigators. But he says customer misconfiguration of TeamCity could have enabled a hack.
A recently uncovered remote access Trojan, dubbed ElectroRAT, has been stealing cryptocurrency from digital wallets over the past year, according to researchers at Intezer Labs. The malware, written in Golang, can target Windows, Linux and macOS platforms.