Organizations deploying deception technology must make sure to integrate it with other technologies to reap the full benefits of intrusion alerts, says Anuj Tewari, global CISO at IT Services HCL Technologies.
Experts predict that digital transformation and remote work will accelerate in the new normal. So will the need to secure every kind of endpoint and safeguard sensitive corporate data. To succeed in the new reality, solutions must meet the rigorous security requirement of IT leaders while also accommodating users'...
This report is a data-driven exploration of 5 areas of the attack surface where organizations lack visibility and the pathways hackers are using to exploit these blind spots.
Report highlights include:
The Global Attack Surface is much bigger than you think: RiskIQ observed 2,959,498 new domains (211,392 per...
How big is the step from humans using drones to kill other humans to building lethal autonomous weapons systems that can kill on their own? Ethically and technologically, that's a huge leap. But military planners are working to build what some call "killer robots." And the UN wants them banned.
The developers behind TrickBot have updated it to run from an infected device's memory to help better avoid detection, according to researchers at Palo Alto Network's Unit 42. The use of this malware has increased during the COVID-19 pandemic.
Verizon's Data Breach Investigations Report 2020 highlights the leading causes of breaches last year, including credential theft, phishing, ransomware as well as issues linked to cloud implementations and web applications. In an interview, Verizon's Ashish Thapar offers an in-depth analysis.
Ransomware-wielding attackers are typically breaking into victims' networks using remote desktop protocol access, phishing emails or malware that's sometimes used in drive-by attacks against browsers, experts warn, advising organizations to make sure they have the right defenses in place.
A Russian government-backed hacking group that's been tied to a series of cyberespionage campaigns has been quietly exploiting a critical remote code execution vulnerability in Exim email servers since 2019, the U.S. National Security Agency warns in an alert.
A recently revamped version of the Valak strain of malware is targeting Microsoft Exchange servers in the U.S. and Germany, according to recent research from Cybereason. The malware has been redesigned to act as an information stealer that can extract corporate data.
"Hack for hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group.
Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET.
Microsoft is warning Windows users about an ongoing "massive" COVID-19-themed phishing campaign that is attempting to install the NetSupport Manager on devices. Attackers can turn NetSupport into a remote access Trojan, or RAT.
Hackers tried two methods of exploiting a zero-day vulnerability in Sophos' XG firewall, but Sophos says it made a temporary fix that mitigated the risks. Attackers originally attempted to plant a Trojan, but then switched to ransomware.
A recent phishing campaign bypassed multifactor authentication protections within Microsoft Office 365 to steal users' credentials stored in the cloud or launch other attacks, according to the security firm Cofense.