A critical Linux kernel vulnerability exposed the server message block protocol to remote hacking with highest privileges. The vulnerability received the maximum possible severity rating of 10 on the CVSS scale owing to the kernel-level code execution privileges it gave to the attacker.
Stop the presses: Britain's Guardian Media Group has been hit by a "serious IT incident," believed to be ransomware, that appears to have encrypted numerous systems. Experts say ransomware groups love to strike over the holidays, adding pressure on victims to pay a ransom quickly and quietly.
In this episode of "Cybersecurity Unplugged," Joe Weiss, managing partner at Applied Control Systems, offers suggestions for how to harden our OT networks today, including what CISOs need to know and how guidance from the federal government needs to change.
Today, nearly 70% of organizations host more than half their workloads in the cloud, up from just 31% in 2020. But there’s a dangerous pothole on the fast track to cloud migration, and it grows larger the longer it’s ignored: application development security.
The good news is that wherever you are on the journey...
A banking Trojan is on a rampage thanks to its ability to mimic the appearance of more than 400 applications, including leading financial and crypto exchange applications, in 16 countries. Godfather is an upgraded version of the Anubis banking Trojan, reports cybersecurity firm Group-IB.
For many brands, especially large enterprises with a substantial online presence, it is important to be able to have eyes all over the internet in order to properly mitigate the effects of external elements on their brand’s reputation.
In the year ahead for cybersecurity, predicting risk and vulnerabilities will be a key area of innovation and adoption for forward-leaning enterprises, says Trend Micro's Dhanya Thakkar.
After years of digital transformation, cloud migration and deployment of hybrid workforces, enterprises have more endpoints than ever, which makes it important to take endpoint security to a whole new level. Pat Correia of Cisco Security shares five tips for choosing endpoint security.
Microsoft's last monthly dump of patches for 2022 includes a fix for a zero-day exploited by ransomware hackers to bypass the SmartScreen security mechanism for malware execution. The zero-day hinged on hackers creating a malformed Authenticode signature.
The purchase of healthcare security startup Medigate means Claroty can address the IoT, OT, IoMT and connected device needs of hospitals from a single platform. Claroty says its single-platform approach facilitates everything from network mapping and segmentation to continuous threat detection.
A novel botnet dubbed "Zerobot" by Fortinet researchers is taking advantage of vulnerabilities in a slew of networking equipment and networked cameras with an emphasis on equipment manufactured in East Asia. The botnet exploits 21 separate vulnerabilities.
Indian cybersecurity firm CloudSEK says another cybersecurity firm used a compromised collaboration platform credential to obtain access to its training webpages. CEO Rahul Sasi did not identify the alleged perpetrator and says the hacker did not obtain access to the company code base and database.
Microsoft Office's use of Internet Explorer to render HTML is the gift that keeps giving for North Korean hackers. Security researchers at Google say they spotted a Pyongyang threat actor using a now-patched JavaScript engine flaw via a malicious Office document.
Smartphone giant Apple says that starting later this year, users can enable end-to-end encryption of iPhone backups stored in the company's commercial cloud. Apple took pains to frame its announcement in the context of cloud computing data breaches.
SentinelOne plans to go after more Fortune 500 and Global 2000 organizations as the economic downturn prompts customers to shrink the size of their purchases. Over the past year, the company doubled the number of clients spending at least $100,000 and $1 million with SentinelOne annually.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.
