February 25, 2021
Via: Security WeekOne of them, issued on Wednesday, said the agency’s National Coordination Center for Cybersecurity (NCCC) had observed attempts to deliver malicious documents through the System of Electronic Interaction of Executive Bodies (SEI EB), which is used by many government organizations […]
February 23, 2021
Via: Help Net SecurityMany organizations have maintained heavy investment in cybersecurity over the last year, even in an unpredictable time when other spending has faltered. Gartner estimates that IT security and risk management spending still grew 2.6 percent even as IT spending as […]
February 19, 2021
Via: Help Net SecurityBottomline and Strategic Treasurer released the results of a survey that gathered details about corporate and banking experiences, actions and plans regarding fraud. Results show that the pandemic accelerated both the threat of fraud and the response to it, with […]
Application security, Security
February 19, 2021
Via: Help Net SecurityAn organization’s web application firewall (WAF) is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are spending an outsized allotment of resources on modifying these mission-critical elements, a Neustar report […]
Threats & Malware, Virus & Malware
January 6, 2021
Via: CSO OnlineIf you use the recently compromised SolarWinds Orion monitoring products, you are already reviewing your infrastructure and possibly blocking network access to the servers in your domain. For those of you who do not use the SolarWinds software, this is […]
Network security, Security, Threats & Malware, Vulnerabilities
January 5, 2021
Via: Security WeekThe attacks, currently small in numbers, target CVE-2020-29583, a vulnerability affecting several Zyxel firewalls and WLAN controllers that was publicly disclosed at the end of December. Firmware updates that remove the bug are already available for some of the affected […]
December 24, 2020
Via: Help Net SecurityIn 2020, cybersecurity became a business problem for every industry, as well as the U.S. government. According to a new report by the Aspen Cybersecurity Group, there are several opportunities for the new presidential administration to increase cybersecurity efforts and […]
Threats & Malware, Vulnerabilities
December 23, 2020
Via: Help Net SecurityThe COVID-19 pandemic has had a profound impact on education, bringing about a sudden boom in remote and online learning. While the transition has forced many schools to implement innovative solutions, it has also revealed stark vulnerabilities in their cybersecurity […]
Cyber warfare, Cyber-crime, Threats & Malware, Vulnerabilities
October 21, 2020
Via: Help Net SecurityThe US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or have exploited in attacks. “Most of the vulnerabilities […] can be exploited to gain initial access […]
Threats & Malware, Virus & Malware
September 9, 2020
Via: Security WeekThe district said Tuesday that a virus infected some computer systems on Aug. 27 and prohibited access to some files. The district says current and former employees may have been affected and officials are notifying those whose names and Social […]
Threats & Malware, Vulnerabilities
May 29, 2020
Via: Security WeekRated critical, the vulnerabilities, tracked as CVE-2020-11651 and CVE-2020-11652, were made public at the end of April, when SaltStack patches were released. The issue, however, only appears when unsecure settings are used. The popular configuration tool uses a Salt Master […]
May 19, 2020
Via: Help Net SecurityVerizon has released its annual Data Breach Investigations Report (DBIR), which offers an overview of the cyber security incidents and data breaches that happened in/were discovered in the past year. Based on an analysis of incident and breach reports by […]
May 11, 2020
Via: CSO OnlineIoT systems in business and operational environments have increased the attack surface and introduced new risks to the confidentiality, integrity and availability of critical data and systems at many enterprises. Security leaders need to update their organization’s threat profile to […]
Threats & Malware, Virus & Malware
April 24, 2020
Via: Security WeekReferred to as VictoryGate and active since at least May 2019, the botnet impacted devices in Latin America the most, especially Peru, where more than 90% of the compromised devices are located. After sinkholing the C&Cs, ESET’s security researchers were […]
April 22, 2020
Via: Security WeekThe FBI has received thousands of complaints regarding scams and frauds related to the virus, FBI Assistant Director Matt Gorham said in a statement responding to queries from The Associated Press. “Unfortunately, there’s a lot of precedent for criminals taking […]
April 17, 2020
Via: Security WeekAccording to the Microsoft-owned company, many of its users have received phishing emails claiming that unauthorized activity has been detected or that a change has been made to their account. The links included in these emails lead to a fake […]
April 13, 2020
Via: Security WeekThe incident involved SFOConnect.com and SFOConstruction.com, two low-traffic websites designed to keep visitors informed on a variety of SFO-related topics, such as the COVID-19 crisis, alternate AirTrain routing, airfield operations, airport construction contracts, and the like. In March 2020, the […]
Cyber-crime, Malware, Phishing
April 10, 2020
Via: Help Net SecurityAs US citizens wait for President Trump’s final decision about whether quarantine will be over by Easter, malware peddlers have already “decided”: quarantine will be prolonged until August 2020. Phishing emails point to malware Researchers with anti-phishing startup Inky have […]
Cyber-crime, Malware, Phishing
April 7, 2020
Via: Help Net SecuritySince last December, over 136,000 new COVID-19-themed domains have popped up and, while many host legitimate websites, others have been set up to serve malware, phishing pages, or to scam visitors. SpyCloud researchers have also discovered that existing community threat […]
April 2, 2020
Via: Security WeekCybercriminals were quick to exploit the coronavirus crisis for their malicious attacks, including phishing, malware infections, and the likes, and it did not take long for state-sponsored threat actors to join the fray. In addition to banking Trojans targeting enterprise […]