An alert from U.S. National Security Agency and the FBI warns of a recently discovered Russian-deployed malware variant called Drovorub that's designed to target Linux systems, creating a backdoor into targeted networks to exfiltrate data.
Since 2018, an advanced persistent threat group dubbed RedCurl, which has served as a team of for-hire hackers specializing in corporate espionage, has hit at least 14 targets in Canada, Russia, the U.K. and beyond, says cybersecurity firm Group-IB.
Fortinet's FortiGuard Labs is out with its latest Global Threat Landscape Report, and it tracks cyber adversaries exploiting the COVID-19 pandemic at a worldwide scale. The best response? A shift to proactive defense, says FortiGuard's Derek Manky, Chief, Security Insights & Global Threat Alliances.
The Domain Name System, which is at the heart of the internet, is a rich source of data that can help organizations defend themselves against cybercrime. DNS pioneer Paul Vixie says monitoring DNS traffic is crucial, and it's advisable to run your own recursive resolver.
Cybercriminals have shifted their focus from individuals and smaller businesses to target governments, critical health infrastructure and major corporations to maximize their profits and disruption during the COVID-19 pandemic, a new Interpol report warns.
Quantity of threat intelligence isn't an issue. Quality of intel and integrating it effectively into security programs - that's where many organizations struggle. Casey Martin of ReliaQuest shares insight on the keys to a mature threat intel program.
The "zero trust" model can play a critical role in mitigating emerging threats. That's why Information Security Media Group will host on Aug. 4 a virtual cybersecurity summit for Southeast Asia on applying the model.
The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
The 2020 Vulnerability and Threat Trends Report Mid-Year Update
shows how criminals have taken advantage of the disruption caused
by the pandemic. While organizations were vulnerable and distracted,
hackers developed new ransomware samples and advanced existing
tools to attack critical infrastructure - including...
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
Many organizations get stuck in the vortex of endless endpoint security operational challenges. Solving this operational chaos is a must, especially when 68% of organizations have seen an increase in the frequency of attacks against endpoints in the last 12 months.
The need to boost efficiencies is clear. To get...
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.