More organizations are taking a "privacy by design" approach to their applications, says Barry Cook, group data protection and privacy officer at VFS Global, a Dubai-based visa outsourcing and technology services company. It's part of an effort to balance privacy and the benefits of convenience.
A hacker breached the blockchain-based Poly Network platform to steal more than $600 million in cryptocurrency, the platform announced Tuesday. But Wednesday, it appeared the hacker had returned some of the stolen assets.
On Tuesday, the Senate, by a vote of 69-30, passed a $1 trillion infrastructure spending bill that would provide additional money for cybersecurity over the next several years, including extra funds for the Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency.
NIST is updating "cyber resiliency" guidance to focus on mitigating modern cyberthreats to IT networks, especially ransomware and nation-state attacks. A draft encourages security defenders to move away from a perimeter-based defense to building resilient IT systems.
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Researchers at Group-IB say Chinese threat actors apparently were responsible for an attack on Russian federal executive authorities in 2020. Meanwhile, Positive Technologies reports that Chinese hacking group APT31 is now using a new dropper to infect Russian systems with malware.
Some patched on-premises Microsoft Exchange email servers are still proving to be vulnerable. The Conti ransomware group is now leveraging backdoors that persist, cybersecurity consulting firm Pondurance reports.
The Federal Trade Commission has issued a warning about a new smishing scheme targeting millions of smartphones nationwide that impersonates state workforce agencies in an attempt to obtain personal data.
Flaws uncovered in tractor manufacturer John Deere's systems underscore the cyber risks that come with the productivity gains from high-tech farming. John Deere claims the issues would not affect machines in use, but a researcher who presented at the Def Con security conference disagrees.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
An unidentified hacking group with suspected Chinese ties is targeting critical infrastructure in Southeast Asia as part of a cyberespionage campaign to exfiltrate information about the victims' SCADA systems, says a report by security firm Symantec.
The FDIC has failed to properly update its policies for mobile device usage, conduct regular control assessments of its mobile device management solution or adequately log and monitor mobile cybersecurity practices, according to a new report from the Office of the Inspector General.
Two bipartisan bills introduced in Congress this week seek to address cyberthreats. One calls for imposing sanctions against countries that allow ransomware gangs to operate within their borders. Another would require law enforcement agencies to better track cybercrime statistics to identify trends.
The decision by the Russian-speaking darknet forums XSS and Exploit to ban all chatter relating to ransomware attacks has had a limited impact on cyber gangs' ability to communicate, according to the threat intelligence firm Digital Shadows.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.