Creating a cyber intelligence strategy involves operational and tactical measures as well as technical approaches, says Jeff Bardin, chief intelligence officer at Treadstone 71.
The lessons of the Mirai botnet's abuse of internet-connected devices four years ago have been taken to heart, says Aaron Guzman of OWASP, which is working with others to improve security benchmarks and testing for connected devices.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
The Mac malware originally labeled as "EvilQuest," which researchers initially identified as a poorly designed ransomware variant, apparently is primarily an information stealer with ransomware-like elements designed to confuse security tools, according to the security firm Malwarebytes.
U.S. prosecutors this week unsealed an indictment against the alleged hacker "Fxmsp" after his identity was revealed in a cybersecurity firm's report. That sequence of events has raised questions about information sharing and highlighted law enforcement's reliance on private cybersecurity researchers.
In this new era, every enterprise is suddenly "cloud first." But there are significant data security gaps to avoid before putting critical data in the cloud. Imperva's Terry Ray shares strategies to maximize simplicity and regulatory compliance.
In this Ebook on cloud security Ray discusses:
Biggest cloud security...
A little-known advanced persistent threat group dubbed Evilnum has been targeting fintech firms in the U.K. and Europe over the past two years, using spear-phishing emails and social engineering to start their attacks, according to the security firm ESET.
Did a private cybersecurity firm's report into the "Fxmsp" hacking operation that deduced the identity of the group's alleged leader disrupt a U.S. law enforcement investigation?
Apache Guacamole, an open-source application that allows for remote connections to devices, contains several vulnerabilities that could enable attackers to steal data or run remote code execution, Check Point Research found. These bugs come at a time when many employees are still working remotely.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.
