Is Australia's data breach wave a coincidence, bad luck or intentional targeting? Maybe all three. But the security weaknesses that have led to the incidents are not exotic. And the people behind these attacks are most likely workaday cybercriminals, not top-level nation-state attackers.
Cybereason has abandoned its IPO plans altogether and hired JPMorgan Chase to find a buyer, The Information reported Friday. Why is Cybereason no longer poised to make it to the IPO Promised Land? An unfavorable competitive environment and a muddled go-to-market strategy provide some clues.
If remote access to corporate networks is only as secure as the weakest link, only some dreadfully weak passwords now stand between hackers and many organizations' most sensitive data, according to new research from Rapid7 into the two most widely used remote access protocols - SSH and RDP.
Palo Alto Networks has scaled back its M&A ambitions, walking away from a $600 million deal for Apiiro in favor of buying Cider Security for $200 million. Palo Alto says it abandoned the negotiations over irreconcilable differences in the valuation of Apiiro's code risk platform business.
Researchers from cybersecurity firm Eset found a variant of Android stalkerware dubbed FurBall slightly modified in a semi-successful bid to evade detection. The malware, dubbed FurBall, is a tool used by a hacking group linked to the Iranian government.
Too many medical device makers don't pay close attention to the fine details and features of their product designs to ensure they are safe and secure, says Naomi Schwartz, a former product reviewer at the Food and Drug Administration and current cybersecurity adviser at security firm MedCrypt.
Australia's data breach debacle expanded on Thursday. Cyber extortionists who attacked Australian health insurer Medibank provided proof of their hack of medical data. Also, stolen data from Australian wine retailer Vinomofo was put up for sale on a Russian-language forum.
More Russian-speaking, ransomware-wielding attackers are gunning for Russian businesses and government agencies, researchers report. The unwritten rule of Russian cybercrime has historically been to never attack inside Russia or neighboring allies.
Security researchers spotted a previously undetected PowerShell backdoor disguising itself as part of the Windows update process that appears to have infected at least 69 victims. When SafeBreach Labs ran obfuscated scripts downloaded by the backdoor through VirusTotal, they came back as clean.
Certificate heavyweight DigiCert has landed Zscaler second-in-command Amit Sinha as its new leader and tasked him with boosting trust around connected device and user authentication. DigiCert brought in Sinha following a 12-year stint at Zscaler, where he became company president and a board member.
Multifactor authentication needs to move away from one-time passwords sent via text message and embrace modern standards that prevent man-in-the-middle attacks. Plus, excessive identity challenges online lead to 20% of e-commerce transactions being abandoned, say experts at Authenticate 2022.
A European ring of auto thieves used software branded as a diagnostic tool to perform fobless thefts of cars made by two French manufacturers. It looks as if the thieves found a vulnerability in the electronic control unit governing the authorization of new key fobs.
Multifactor authentication should be the default, not an option, says U.S. Cybersecurity and Infrastructure Security Agency Director Jen Easterly. She told an industry conference that vendors should "forcefully nudge" users into MFA and offer a more complete feature set for users who want it.
Multifactor authentication was supposed to be the standard, but the sharp rise in highly successful MFA bypass attacks shows the industry needs to go further in verifying identities. Keynote speakers at Authenticate 2022 said the future of passwordless technology could answer this latest threat.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.