Ransomware dominated the cybercrime landscape in 2020 and looks set to do so again this year, as criminals seek fresh new ways to make victims pay. Experts predict gangs will double down on whatever works, which lately includes data exfiltration.
An ongoing global cryptomining campaign has connections to an Iranian software firm, according to a report from Sophos. The MrbMiner malware has targeted thousands of vulnerable Microsoft SQL Servers.
A hacking group with apparent ties to China is targeting airlines and semiconductor firms to steal intellectual property and personal data in repeated exfiltration efforts, according to NCC Group.
What really makes a "strong" password? And why are your end-users tortured with them in the first place? How do hackers crack your passwords with ease? And what can/should you do about your authentication methods?
For decades, end-users have borne the brunt of the password tyranny, a result of the IT industries'...
Targeted ransomware - or as Microsoft refers to it, “human-operated ransomware” - is a new type of ransomware created by an attacker that’s designed to target a specific organization, and is increasingly using “lock and leak” as a tactic to try and increase the number of successful payouts.
Download this...
Big game hunters are targeting financial services companies in an effort to extort larger payouts by bringing their services to a screeching halt using Denial of Service (DoS) and threats to leak the data.
Download this white paper and learn:
Top tactics, techniques and procedures used to deploy ransomware
The...
Whether it is from the SolarWinds attack, another nation-state APT, or the new generation of advanced (human-operated) ransomware, the mission is still the same. We must have a security strategy and tactics that quickly identifies an attacker once they have established a beachhead inside the infrastructure - attacker...
The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a "limited subset of internal company emails."
Researchers at Check Point Research are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. The malware is creating a malicious network that has the potential to launch DDoS attacks.
Symantec Threat Intelligence says it's uncovered another malware variant used in the SolarWinds supply chain hack - a loader nicknamed "Raindrop" that apparently was used to deliver Cobalt Strike, a legitimate penetration testing tool, to a handful of targets.
The FBI is warning that hackers are increasingly using voice phishing, or vishing, to target remote and at-home workers as a way of harvesting VPN and other credentials to gain initial access to corporate networks.
To help mitigate supply chain risks, organizations should leverage web scraping tools, social media analytics tools and robotics to verify third-party providers, says Arpinder Singh of Ernst & Young.
Police have arrested Riley June Williams of Pennsylvania, who a tipster alleges stole a laptop or hard drive belonging to House Speaker Nancy Pelosi. But is the tipsters claim that she had planned to pass the device to a friend in Russia credible?
According to Gartner, “Through 2023, BEC attacks will continue to double each year to over $5 billion and lead to
large financial losses for enterprises.”
In today’s rapidly evolving environment, traditional email security solutions aren’t enough to protect businesses anymore. You must also effectively...
Manufacturing System Protection from Cyber Attacks Industry 4.0 drives manufacturing efficiency by connecting systems to automate, share data, consolidate operations, and streamline production.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.
