Some units within the U.S. Energy Department lack adequate security controls and practices to mitigate risks posed by peripheral devices, such as USBs, printers, scanners and external hard drives, according to an inspector general report.
Malware designed to provide backdoor access to corporate networks, gain administrative privileges and deliver additional payloads was hidden in tax software the Chinese government requires companies doing business in the nation to use, researchers at the security firm Trustwave report.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
The British government has officially reversed course and will now ban Huawei's telecom gear from its 5G networks. The ban on use of the Chinese firm's equipment, based in part on U.S. sanctions against the manufacturer, goes into effect at year's end.
An Israeli court has dismissed a petition filed by Amnesty International that sought to revoke the security export license of NSO Group, a tech firm that's been accused of selling hacking tools to governments for targeting dissidents, journalists and lawyers.
It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.
Data analytics can help auditors identify high-risk areas - a far better approach than relying on random samples, says forensics expert Vincent Walden.
Wells Fargo, the fourth largest bank in the U.S., has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The news comes after Amazon sent mixed signals to its employees about use of the social media app.
A Russian national has been found guilty of hacking LinkedIn, Dropbox and the now defunct Formspring to steal millions of user credentials, some of which were later sold on underground markets.
How do you proactively manage policy changes, protect devices and stop new threats? You need a radically new approach to network security that can scale faster than manual approaches.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
The U.S. Secret Service is combining its electronic and financial crime units into a single task force that will focus on investigating cyber-related financial crimes, such as BEC schemes and ransomware attacks. The move comes as lawmakers push for the Secret Service to take a more active role in fighting cybercrime.
Five billion unique user credentials are circulating on darknet forums, with cybercriminals offering to sell access to bank accounts as well as domain administrator access to corporate networks, according to the security firm Digital Shadows.
For the second time this year, security researchers have found malware embedded in low-cost Android smartphones distributed through a U.S. government program, security firm Malwarebytes reports.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.