A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
Finland's Security and Intelligence Service now believes that the 2020 hacking incident that targeted the country's Parliament was the work of a China-linked advanced persistent threat group APT31, also known as Zirconium.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Large enterprises generally have a good grasp on gathering and operationalizing threat intelligence. But when it comes to the midmarket, there are unique challenges. Neal Dennis of Cyware Labs tells how to overcome these obstacles and achieve value from a threat intel platform.
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.
The Pysa ransomware strain is increasingly targeting educational institutions in the U.S. and U.K., the FBI warns in a new flash alert. The hackers may threaten to leak exfiltrated data if a ransom is not paid.
As concerns about the number of attacks targeting domain name system protocols continue to grow, the NSA and CISA have released new guidance on how to choose and deploy a Protective Domain Name System service to strengthen security.
U.S. public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. This led to a spike in school cancellations, as IT staff members struggled to get systems back online while dealing with the COVID-19 pandemic, reports the K-12 Cybersecurity Resource Center.
He started his cybersecurity career as a pen tester. As a result, Gong CISO Jack Leidecker retains an affinity for the tech community and emerging tools. He shares insight on this passion and his drive to ensure security’s role in business enablement.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
An ongoing spear-phishing campaign by the threat group TA800 is distributing a new malware loader based on the Nim programming language that's designed to help avoid detection, according to the cybersecurity company Proofpoint.
Software is at the center of it all, placing increased pressure on developers, security managers, and DevOps leaders to develop applications faster. However, this need for speed comes at a price, and security can be seen as a blocker and not an enabler. Watch this webinar to understand why it's time to prioritize your...
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
Watch this episode of the "On The Road to DevSecOps" series to learn from a group of DevOps experts on why AppSec Awareness and Training matters and how to give your developers secure coding education that works.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.