The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
The U.S. Justice Department has filed a civil forfeiture complaint in an effort to recover millions in cryptocurrency from 280 accounts that allegedly was stolen by North Korean hackers. Prosecutors believe much of the money was laundered through Chinese exchanges.
"Charming Kitten," a hacking group with ties to Iran, is now using LinkedIn and WhatsApp messages to contact potential victims and persuade them to visit a phishing page, according to ClearSky. The threat actors initially posed as journalists looking to contact sources.
The operators behind the "Lemon Duck" cryptominer have developed new techniques to better target enterprise-grade Linux systems, according to Sophos. In the latest cases, potential victims are spammed with COVID-19-themed emails.
U.S. agencies have issued a warning about increases in bank heists worldwide spearheaded by a hacking group called "BeagleBoyz," a subset of the Lazarus Group, which has ties to the North Korean government.
The Lazarus Group, which has ties to the North Korean government, recently targeted an employee of a cryptocurrency exchange with a fake job offer in order to plant malware and steal virtual currency, according to F-Secure.
CISOs need to fully integrate SD-WAN features with legacy infrastructure to help ensure the security of remote access, says Alain Sanchez, a CISO at Fortinet.
A hack-for-hire campaign targeting an "international architectural and video production company" serving high-end real estate ventures likely involved corporate espionage driven by a developer eager for insider data, according to an analysis from security firm Bitdefender.
Ransomware gangs are increasingly not just claiming that they'll leak data if victims don't pay, but following through. On average, about a quarter of all successful ransomware attacks feature a gang claiming to have first stolen data. But in recent months, the number of gangs actually doing so has surged.
An advertising software development kit called Mintegral that's embedded in 1,200 iOS apps misattributes ad clicks and logs potentially sensitive app data, security firm Snyk alleges. But Apple says there's no evidence the SDK is harming users.
Erika Dietrich of the payments system company ACI Worldwide analyzes statistics on how card-not-present transactions, fraud and chargebacks have changed this year, compared to last year.
Freepik Co. says an SQL injection attack led to the leak of 8.3 million email addresses and 3.7 million hashed passwords for users of its Freepik graphic resources app and Flaticon icon database platform.
Card-not-present fraud is rising as fraudsters inject malware into e-commerce websites to harvest account information, says Gord Jamieson of Visa. But the artificial intelligence models used to detect this fraud need to be refined to better mitigate this threat, he says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.