Two years after WannaCry wreaked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.
The Securities Exchange Board of India has come out with new cybersecurity guidelines for the commodities market. But the recommendations either rehash earlier guidelines or offer vague details on implementation.
Cybercrime is surging thanks, in part, to the availability of inexpensive hacking tools and services. A recent look by security firm Armour at black market offerings finds stolen payment card data, RDP credentials, ransomware and DDoS services are widely available for sale.
Apple is criticizing recent Google research that describes an expansive iPhone hacking campaign, accusing Google of "stoking fear" among users of its products. Google says it stands by its blog post, which focused on technical findings.
Online encyclopedia Wikipedia is investigating a DDoS attack that temporarily blocked access to several of its European and Middle Eastern sites over the weekend.
In the wake of major data breaches in Singapore, the nation's Personal Data Protection Commission has come out with stricter rules for collection and disclosure of the National Registration Identity Card, or NRIC, and other national identification numbers.
Three weeks after a ransomware attack slammed 22 Texas municipalities' systems, state officials say more than half of the cities have returned to normal operations and the rest have advanced to system restoration. Meanwhile, officials have shared lessons learned for managed service providers and customers.
Paige A. Thompson, who prosecutors allege hacked into Capital One's network to access millions of credit card applications, has pleaded not guilty to federal computer crime charges. Her tentative trial date is Nov. 4.
Account takeover (ATO) attacks result in billions of dollars of fraud and damage to brand reputation each year. These are the costs and risks associated with ATO.
This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China. Plus: Do ransomware gangs target organizations that have cyber insurance?
With widespread use of Active Directory across industries and organizations of all sizes, it is frequently a target for bad actors who can use a cracking dictionary or exposed credentials to gain unauthorized access to an employee's account.
Facebook has confirmed that unprotected databases containing more than 419 million users' phone numbers contained data scraped from the social network. TechCrunch, which first reported on the development, says many of the exposed phone numbers can be tied to Facebook IDs and remain accurate.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
Cyber defense is no longer about staying a step ahead - it's about trying to remain no further than a step behind the adversaries, says Moshe Ishai of HolistiCyber, who shares insights on how to regain an advantage.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.