U.S. Rep. Suzan DelBene, D-Wash, has reintroduced a bill that would create a national-wide data privacy standard that in its latest incarnation makes an attempt to placate Republicans. The bill, if passed, would replace a patchwork of current state laws.
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
A new malware spam email campaign is delivering the NanoCore remote access Trojan as a malicious Adobe icon to infect its victims, a new report by security firm Trustwave finds. The malware is designed to steal passwords and emails.
Attackers wielding DearCry - aka DoejoCrypt - ransomware have begun to exploit the serious proxy-logon flaw in unpatched versions of Microsoft Exchange running on premises. The vulnerability is one of four zero-day flaws patched last week by Microsoft, which APT attackers began exploiting in January.
John Matherly, founder of Shodan, a search engine that can find devices connected to the internet using a variety of filters, explains why some cyber insurers and companies considering mergers and acquisitions are using the search engine to probe for network vulnerabilities.
An ongoing spear-phishing campaign by the threat group TA800 is distributing a new malware loader based on the Nim programming language that's designed to help avoid detection, according to the cybersecurity company Proofpoint.
The latest edition of the ISMG Security Report features cybercrime deterrence lessons learned from the disruption of the Emotet botnet operation. Also featured: An update on attacks tied to Microsoft Exchange flaw exploits; a discussion of the need to update business continuity plans.
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
The Molson Coors Beverage Co. says it's in the process of responding to a cybersecurity incident that has caused system outages throughout the brewer's manufacturing process. The company did not identify the specific type of attack taking place.
The $1.9 trillion economic relief package known as the American Rescue Plan, which the House approved Wednesday and President Biden signed Thursday afternoon, includes about $2 billion for cybersecurity and IT modernization, rather than the $10 billion the president originally proposed.
Serious vulnerabilities in Microsoft Exchange have been exploited by at least 10 APT groups that have been collectively been hitting thousands of companies over the last three months, including prior to when Microsoft was first alerted to the flaws and issued a patch, security researchers warn.
Police say they have disrupted Sky ECC - a global encrypted communications network allegedly used by numerous criminals to plan their operations - and made numerous arrests. Authorities say starting in February, they "unlocked" 3 million messages exchanged daily by the service's 170,000 users.
Computer security researchers have acquired an enormous list of compromised email servers from the perpetrators of the mass Microsoft Exchange compromises. But a big question looms: How bad is this situation going to get?
Microsoft is warning users of its Azure cloud platform that hackers are using several "living off the land" attack techniques to evade security measures, escalate privileges and deploy cryptominers. The software giant released a threat detection and mitigation strategy for the platform.
Russian hackers apparently weren't the only ones targeting SolarWinds customers. An attack last year by the Spiral hacking group, believed to be based in China, against one organization used malware that targeted a vulnerability in SolarWinds' Orion software, according to the Secureworks Counter Threat Unit.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.