A security researcher who goes by the alias Watchful_IP has discovered a command injection vulnerability that could potentially affect millions of Hikvision's IoT devices. The video security solutions provider says it has fixed the flaw and rolled out a firmware update for its end users.
For combating ransomware, doing the security basics is essential, including keeping systems updated and patched. Don't follow in the footsteps of one technology firm, which Sophos found got hit by Cring ransomware after attackers exploited ColdFusion software that hadn't been patched in 11 years.
GSS, the Spanish and Latin America division of Europe's largest call center provider - Covisian, has informed customers that it has been subjected to a ransomware attack that froze its IT systems and crippled call centers across its Spanish-speaking customer base.
Ransomware-wielding attackers love to lie to victims. But REvil - aka Sodinokibi - has reportedly been running double negotiations to make affiliates think a victim hasn't paid a ransom, using a backdoor in the malware that allows administrators to decrypt victims' systems, so affiliates don't get their cut.
Two proposed class action lawsuits filed this week in a California federal court allege negligence and a variety of other claims against UC San Diego Health in the wake of a phishing incident that affected nearly 496,000 individuals.
The Australian Cyber Security Center has issued a critical vulnerability alert in a Zoho Corp. password management service that could enable a threat actor to take control of the targeted host. The company has issued a security patch.
Chinese security researcher Pan Xiaopan has discovered a malware targeting Mac users. The malware, spread via a paid advertisement on search engine Baidu, is intended to harvest user credentials, he says. The advertisement has now been taken down.
During testimony before a U.S. Senate committee hearing Thursday, CISA Director Jen Easterly told lawmakers that a recent joint alert issued by her agency, the FBI and the Coast Guard Cyber Command stemmed from an attempted attack against the Port of Houston in August.
Four editors at Information Security Media Group discuss important cybersecurity issues, including the rise of quadruple extortion attacks employed by ransomware gangs, the FBI reportedly withholding the Kaseya ransomware decryption key for weeks, and raising security posture during a pandemic.
The ransomware attack on Tamil Nadu's Public Department puts the spotlight on the preparedness to identify and stave off attacks. Some security experts say outdated servers, lack of advanced security measures and inadequate cyber laws make state government institutions vulnerable.
Researchers have identified a new malware sample that is targeting Indian defense personnel. Cyber threat intelligence firm Cyble says the target and attack method of the malware point to the work of APT group SideCopy.
A new and still little-known ransomware group called Karma has been pursuing a novel strategy to pressure victims into paying: Get journalists to publicize businesses hit by the ransomware operation, adding pressure on victims to pay the ransom demand.
The pace of Conti ransomware attacks has been increasing, with more than 400 organizations globally having fallen victim, warns a joint cybersecurity advisory from the U.S. Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency, which details essential defenses.
The COVID-19 crisis has posed an unparalleled challenge for cybersecurity. Like COVID-19, cyberattacks spread fast and far - creating more and more damage. But the pandemic has also had a positive impact on the cybersecurity function, which Tarun Kumar, CISO at Nissan, describes here.
Russian cybersecurity firm Rostelecom-Solar reports that it prevented what it believes is the Mēris botnet from an attempted takeover of 45,000 new devices. The company's president says it also stopped 19 distributed denial-of-service attacks targeting Russia’s remote electronic voting system.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
