In the latest "Troublemaker CISO" post, security director Ian Keller discusses killware - "a hack of critical services and or infrastructure that can lead to the loss of life" - and asks: "Why should the power grid - or hospitals, water treatment plants or your pacemaker - be internet-accessible?
Google's threat analysis team has detected a new remote code execution flaw leveraged by North Korean nation-state attackers targeting cryptocurrency, fintech and other industries. Although not named in the report, there appears to be a link to the notorious Lazarus cybercrime group.
Online attackers are increasingly targeting the financial services sector. John Fokker, head of cyber investigations at Trellix, says his firm has charted a 22% quarterly increase in ransomware attacks on financial services, and APT detections have risen by 37%. Here's how the industry must respond.
A security researcher found two critical vulnerabilities and one high-severity vulnerability in two separate Veeam products that may allow attackers to perform remote code execution and allow local privilege execution on victims' systems, respectively. Veeam has issued patches for all three bugs.
The current and former owners of CafePress, a site for selling customizable merchandise, have agreed to a draft Federal Trade Commission settlement tied to multiple security shortcomings that failed to prevent or detect a 2019 data breach that exposed 22 million users' account details.
This report analyzes how sanctions levied against Russia and Belarus for the invasion of Ukraine are affecting security researchers in those countries who participate in bug bounty programs. It also examines lessons to be learned from data breaches and developments in passwordless authentication.
Russian state-sponsored threat actors are exploiting default MFA protocols, along with PrintNightmare, the Windows Print Spooler vulnerability, to illegally access the network of a nongovernmental organization, the U.S. Cybersecurity and Infrastructure Security Agency and the FBI say.
Video game developer Ubisoft has confirmed that a cybersecurity incident caused temporary disruption to some of its games, systems and services, and the ransomware gang Lapsus$, which was behind the breaches at Samsung and Nvidia, is implying that it may have been responsible.
Ts. Saiful Bakhtiar Osman is the head of IT - APAC at The Ascent Group. In this interview, he discusses how to make cloud security effective, interweave IT disaster recovery with business continuity plans, move to a Zero Trust environment and improve authentication and access management controls.
The U.S. OMB recently released its latest deliverable as part of President Biden's cybersecurity executive order. Former federal CISO Grant Schneider discusses this guidance and shares best practices for agencies and organizations to improve the security of their software supply chain.
Cybersecurity in Russia right now is complicated, owing to reprisals over its Ukraine invasion, leading to Russia launching its own root certificate to keep sites online; facing down "Russians only" RURansom wiper malware; and Avast being the latest business to suspend all operations in the country.
Federal authorities are warning about seven vulnerabilities affecting a software agent used to remotely manage an array of medical devices and other connected gear. If exploited, the vulnerabilities could enable hackers to gain full control of the affected devices or alter their configurations.
Ransomware gang Lapsus$ has leaked credentials of 71,000 Nvidia employees on a Telegram page, Information Security Media Group has found. The data was stolen in a breach, data breach notification service Have I Been Pwned confirms.
A previously undocumented advanced persistent threat campaign named Daxin has been found. It uses a stealthy rootkit backdoor to enable remote actors to communicate with secured devices not connected directly to the internet. Researchers say Chinese attackers used it to run an espionage campaign.
Belarus has renounced its nonnuclear status and is set to support moving the Kremlin's nuclear weapons into the country - within striking distance of Ukrainian capital Kyiv. This has sparked backlash from cyber hacktivist groups, who have now targeted and disrupted Belarus' critical services.