A sophisticated attack campaign dubbed "Operation ShadowHammer" involved an advanced persistent threat group planting backdoors within Asus computers by subverting the Taiwan-based PC maker's third-party supply chain and updater software, Kaspersky Lab warns.
Passwords are still a persistent security threat, given their ubiquity as a form of authentication and the inability of users to create strong, unique passwords. John Bennet of LogMeIn discusses the issue and solutions.
A decade or more ago, this would have been unthinkable: Microsoft developing an anti-malware platform for macOS. But Windows Defender ATP is now available for Macs via a limited preview. Microsoft says the move will help protect customers running non-Windows machines.
OT, IoT and systems targeted by cryptominers - those are among the main network security concerns of Greg Young, VP of cybersecurity at Trend Micro. Which technology trends should security leaders follow to improve network security? Young shares his insight.
Overall, Password Strength Scores follow the trends for Security
Scores: As companies get bigger, on average their Password
Strength Score goes down.
For businesses with fewer than 25 employees, the average total
Password Strength Score is 53. At more than 10,000 employees,
the average score drops to...
Forget inside/outside the perimeter when mitigating
risks. That's the notion behind "zero trust," which means
applying risk-based controls to safeguard access.
Download this whitepaper to learn more about:
Cloud service attack trends;
Best practices for mitigating risks;
How to make the concept of "zero trust"...
Criminals continue to target organizations and individuals with extortion schemes, in part via such cybercrime schemes as infecting targets with Ryuk and GandCrab ransomware, say Raj Samani, chief scientist of McAfee, and John Fokker, McAfee's head of cyber investigations.
Script-based payment card malware continues its successful run, impacting a range of e-commerce sites, security researchers warn. With fraudsters continuing to refine their tactics, countering card-sniffing scripts continues to be difficult.
Aluminum giant Norsk Hydro has been hit by LockerGoga ransomware, which was apparently distributed to endpoints by hackers using the company's own Active Directory services against it. To help safeguard others, security experts have called on Hydro to release precise details of how it was hit.
Mirai, the powerful malware that unleashed unprecedented distributed denial-of-service attacks in 2016, has never gone away. And now a new version has been equipped with fresh exploits that suggest its operators want to harness the network bandwidth offered by big businesses.
Organizations may have great cybersecurity intentions, but translating those desires into a robust security reality is often challenging, says Ratinder Ahuja, CEO of ShieldX Networks. That's why he advocates automation to ensure intention equals reality.
Is your security team blind to the activities in more than half of its IT assets? That was just one of the findings in a new report from 451 Research, based on in-depth interviews with security leaders across 150 large enterprises and focused on the challenges facing their teams. On average, the report found SIEMs...
With 96% of businesses now relying on cloud computing,
including 81% that use multiple cloud environments*, cloud
adoption is no longer a trend but the new normal.
This requires enterprises to place more emphasis on a critical
issue related to cloud computing and storage: how to ensure the