Threats & Malware, Vulnerabilities
March 24, 2020
Via: Dark ReadingOrganizations will be quickly overwhelmed if they try to treat all vulnerabilities equally. Given the sheer volume of vulnerabilities, limited resources, and varying objectives across the teams involved, effective cybersecurity requires the ability to view vulnerabilities in the proper context […]
Threats & Malware, Virus & Malware
March 23, 2020
Via: Security WeekThe ransomware attacks occurred between January 2018 and February 2020, and have put school districts and agencies on edge amid warnings of more technology terror, the Albuquerque Journal reports. The New Mexico victims were not targeted because they were perceived […]
March 13, 2020
Via: Security AffairsRecently security experts reported many Coronavirus-themed attacks carried out by cybercrime gangs, but now experts are warning of similar attacks launched by nation-state actors. State-sponsored hackers from Russia, China, and North Korea never stop their activities and seems to be […]
March 12, 2020
Via: CSO OnlineOne of the most challenging executive tasks for CISOs is quantifying the success and the value of the cybersecurity function. Indeed, security leaders and their organizations have used a myriad of metrics over the years. Yet, many executives and board […]
March 9, 2020
Via: Security IntelligenceHealthcare cybersecurity attacks are on the rise. As Protenus notes, industry data breaches increased by 48 percent between 2018 and 2019, with more than 41 million patient records compromised. Meanwhile, according to the 2019 HIMSS Cybersecurity Survey, 82 percent of […]
Cyber warfare, Cyber-crime, Malware
March 5, 2020
Via: Security AffairsAccording to the CrowdStrike 2020 Global Threat Report, the telecommunications and government sectors were the most targeted by the threat actors. Experts monitored operations carried out by nation-state actors and financially-motivated attackers. Most of the attacks against organizations in the […]
Threats & Malware, Vulnerabilities
March 3, 2020
Via: Dark ReadingIn today’s increasingly crowded threat landscape, it can be difficult to determine which threats companies should prioritize. For those who are stuck, it’s helpful to consider what major organizations are worried about and the steps they’re taking to combat those […]
February 20, 2020
Via: Dark ReadingOrganizations are more quickly detecting attackers in their networks and systems, but the majority of attacks are still being found by third parties and not by internal security groups. In 2019, companies needed 56 days, on average, to detect an […]
Application security, Security, Threats & Malware, Vulnerabilities
February 19, 2020
Via: CSO OnlineNew data from security and content delivery company Akamai shows that one in every five attempts to gain unauthorized access to user accounts is now done through application programming interfaces (APIs) instead of user-facing login pages. This trend is even […]
February 14, 2020
Via: Security IntelligenceAfter 20 years of prominence, distributed denial-of-service (DDoS) attacks may be causing more devastating effects than ever. The first DDoS attack occurred way back on July 22, 1999 when a network of 114 computers infected with a malicious script called […]
February 11, 2020
Via: Security WeekIBM’s 2020 X-Force Threat Intelligence Index summarizes the most prominent threats observed by the company’s researchers last year, including OT threats. Based on data derived from network event logs, IBM saw an increase of over 2000 percent in attacks targeting […]
February 10, 2020
Via: CSO OnlineRansomware attacks have matured over the years, adopting more stealthy and sophisticated techniques, while at the same time fixing many of the implementation errors that earlier iterations had. Moreover, some attacks are now gaining a new data leak component, which […]
Mobile, Mobile security, Threats & Malware, Vulnerabilities
February 7, 2020
Via: Security WeekA total of 25 vulnerabilities were fixed with Android’s February 2020 security updates, and the most important of them are two critical severity issues is System. One of these is CVE-2020-0022, a bug impacting the Bluetooth component, and which can […]
Threats & Malware, Vulnerabilities
February 5, 2020
Via: Security AffairsAccording to a report published by Microsoft, the company detects an average of 77,000 active web shells, spreading across 46,000 infected servers, on a daily base. A web shell is a code, often written in typical web development programming languages […]
January 15, 2020
Via: Help Net SecurityMore than one in four security managers attribute attacks against their organization to cyberwarfare or nation-state activity, according to Radware. Nation-state intrusions soaring In 2018, 19% of organizations believed they were attacked by a nation-state. That figure increased to 27% […]
January 14, 2020
Via: Computer WeeklyHackers spent an average of 95 days moving around inside business networks before launching their attacks in 2019, up 10 days on 2018, as increasingly organised criminal groups become adept at hiding their activities from defenders in targeted attacks. This […]
January 10, 2020
Via: Security WeekThe vulnerability, dubbed Cable Haunt and tracked as CVE-2019-19494, was identified by researchers from Lyrebirds and an independent expert. They’ve reproduced the attack on ten cable modems from Sagemcom, Netgear, Technicolor and COMPAL, but other manufacturers also likely use the […]
December 26, 2019
Via: Dark ReadingThe surge in ransomware attacks on cities, municipalities, schools, and healthcare organizations this year is just a foretaste of what is likely come in 2020. Threat actors have sensed a very real opportunity to make big returns attacking enterprise organizations […]
October 31, 2019
Via: TechRadarCyberattacks against schools have increased dramatically and this year has already seen almost as many incidents as the previous two years combined, according to Barracuda which analyzed data compiled by the K-12 Cybersecurity Resource Center (k-12 CRC) which has been […]
Data loss, Threats & Malware, Vulnerabilities
September 16, 2019
Via: Security WeekThe U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) last week published several advisories describing vulnerabilities in CODESYS products, many of which can be exploited remotely for arbitrary code execution, denial-of-service (DoS) attacks, and other purposes. 3S-Smart […]