Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon flaw in on-premises Microsoft Exchange servers.
To mitigate the fraud risks posed by synthetic IDs, banks should use consumers' devices to help with authentication, says Karen Boyer, vice president of financial crimes and fraud intelligence at People’s United Bank, based in Connecticut.
Hacking incidents - including ransomware attacks, phishing scams and episodes involving vendors - are still the dominant culprits in major health data breaches being reported to federal regulators so far this year. Why?
U.S. public schools faced a record number of cyber incidents in 2020, with over 400 attacks reported. This led to a spike in school cancellations, as IT staff members struggled to get systems back online while dealing with the COVID-19 pandemic, reports the K-12 Cybersecurity Resource Center.
As the Biden administration makes final preparations to respond to the attacks against SolarWinds, it's been confronted by a second major cyberthreat: the hacking of Microsoft Exchange servers throughout the U.S. The response to this incident, however, will likely be much different.
Ahead of presenting a long-term review of national security strategy in Parliament on Tuesday, U.K. Prime Minister Boris Johnson issued a statement calling for a boost to the country’s capacity to conduct cyberattacks on foreign adversaries.
U.S. Rep. Suzan DelBene, D-Wash, has reintroduced a bill that would create a national-wide data privacy standard that in its latest incarnation makes an attempt to placate Republicans. The bill, if passed, would replace a patchwork of current state laws.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
A new malware spam email campaign is delivering the NanoCore remote access Trojan as a malicious Adobe icon to infect its victims, a new report by security firm Trustwave finds. The malware is designed to steal passwords and emails.
Attackers wielding DearCry - aka DoejoCrypt - ransomware have begun to exploit the serious proxy-logon flaw in unpatched versions of Microsoft Exchange running on premises. The vulnerability is one of four zero-day flaws patched last week by Microsoft, which APT attackers began exploiting in January.
An ongoing spear-phishing campaign by the threat group TA800 is distributing a new malware loader based on the Nim programming language that's designed to help avoid detection, according to the cybersecurity company Proofpoint.
John Matherly, founder of Shodan, a search engine that can find devices connected to the internet using a variety of filters, explains why some cyber insurers and companies considering mergers and acquisitions are using the search engine to probe for network vulnerabilities.
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
The Molson Coors Beverage Co. says it's in the process of responding to a cybersecurity incident that has caused system outages throughout the brewer's manufacturing process. The company did not identify the specific type of attack taking place.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.