Many organizations have updated the authentication process for customers to help ensure frictionless transactions. Now, some are starting to take similar steps to streamline and enhance authentication of their employees - especially those working remotely.
The FBI and the U.S. Department of Homeland Security have issued a warning about Mamba ransomware that uses a weaponized version of the legitimate, open-source encryption software DiskCryptor to lock victims out of their systems.
A previously unknown threat group is deploying Hades ransomware as part of an ongoing campaign that has already targeted three U.S. companies, Accenture's cyberthreat intelligence group reports.
The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
Criminals operating online continue to tap ransomware in their pursuit of an illicit payday. That was the cybercrime reality throughout 2020, and unfortunately it still appears to be holding true in the first months of this year, the Cisco Talos Incident Response team reports.
The Council of the European Union has adopted a new cybersecurity strategy aimed at protecting EU citizens and businesses from cyberthreats by promoting best practices, such as strong encryption and threat information sharing.
Criminals continue to target on-premises Microsoft Exchange servers that have not yet been updated with four critical patches, including for a ProxyLogon flaw, which is now being targeted by Black Kingdom ransomware. One expert describes the attack code as being "rudimentary and amateurish" but still a threat.
What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
The REvil ransomware gang has added a new malware capability that enables the attackers to reboot an infected device after encryption, security researchers at MalwareHunterTeam report.
A recent phishing scheme used fake Microsoft Office 365 update messages to target financial executives and others in an effort to harvest their credentials, according to the security firm Area 1.
The developers behind the Purple Fox fileless downloader malware have upgraded their operation and are using worm capability to target internet-facing devices running Windows, the security firm Guardicore Labs reports.
Canadian IoT device manufacturer Sierra Wireless reported Tuesday it had suffered a ransomware attack over the weekend, forcing it to halt production. The attack has disrupted its website and some internal operations.
The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
As digital payments have skyrocketed as a result of the surge in e-commerce during the pandemic, more organizations have provided feedback on enhancing EMVCo's specifications to help fight fraud, two executives with the global technical body say.
The Accellion File Transfer Appliance data breach continues to cause anguish. The energy company Shell has disclosed that it has been affected. Meanwhile, some customers of a Michigan-based bank have been informed that personally identifiable data has been exposed via the FTA breach.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.