Spammers are increasingly turning to common file-sharing and object storage services such as Google Drive and Microsoft Azure, in an attempt to evade ever-better corporate filters.
Universities must do more to protect themselves, and the sensitive information they hold, against the ever-expanding range of increasingly sophisticated threats.
Card fraud is evolving, with amateur fraudsters able to “enrol” in online “classes” where they can learn how to use stolen card details to buy smaller-value items.
Survey results indicate that vendors need to be able to provide actionable intelligence out of the mass of data they collect and not just focus on indicators of compromise which would only address past problems.
You should keep your guard up when communicating with Internet people who you don’t know, even if their email address and website domain look legit and their DKIM signatures check out. Also, remember that it’s extremely easy to overlook a large number of inconsistencies and oddities if you believe someone’s underlying story, especially if this story makes you feel good.
The average FTSE 250 company exposes 35 different avenues of attack for would-be hackers, according to a report, despite the vast majority having “serious issues” with keeping business-critical systems up to date.
£1,000 would be enough to tempt 25% of employees to give away company information. Shockingly, 5% would give it away for free. The What Is the Price of Loyalty Report reveals how 10% of respondents would also sell intellectual property, such as product specifications, product code and patents, for £250 or less.
Baltimore this month joined Atlanta, San Diego and Newark in the list of US cities hit by ransomware attacks as the cyber intrusions are expected to continue. City agencies are especially ripe targets because they often maintain databases of vital and sensitive information while having constrained information security budgets and inadequate technological safeguards. Municipal governments and hospitals … just don’t have the top cybersecurity out there, and the criminals know this.
The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked.
The vulnerability, designated CVE-2019-0708 and dubbed BlueKeep, can be exploited by miscreants to execute malicious code and install malware on vulnerable machines without the need for any user authentication: a hacker simply has to be able to reach the box across the internet or network in order to commandeer it.
Smart TVs and other internet-connected household devices will be made to carry labels setting out how secure they are, under proposals being put forward by the government. The problem is what happens to those who don’t follow the guidelines. Or, more importantly, who is going to check that a device does follow whatever the eventual guidelines are.
There is nothing to stop fraudsters changing the caller ID to mirror that of your bank.
Network intruders are staying longer and going after wider swathes of machines with their attacks. This additional attention being paid to making sure they're undetected is part of a larger strategy by attackers to stay in the networks they infiltrate for longer. With that extra time, the hackers are looking to get more out of the systems they compromise. Hackers will now not simply look to compromise a large business, but also to steal its identity to an extent.
Eight out of the ten most exploited vulnerabilities tracked by threat intelligence in 2018 targeted Microsoft products.
IT security leaders across Europe are considering quitting their job over the stress they’re suffering due to mounting threats, compliance pressures and growing complexity
A surge in ransomware and trojans in the first three months of the year led to a massive 235% year-on-year increase in detected cyber-threats to businesses in Q1 2019.
Increasingly, email, Office documents and now PDFs are the vehicle of choice for malware and fraud in the cyber landscape.
A service provider hired by the likes of Oracle, SAP, BT, and many others, to manage their IT systems has been hacked – and its client data held to ransom.
Researchers have discovered that "smart" alarms can allow thieves to remotely kill your engine at speed, unlock car doors and even tamper with cruise control speed. The Pandora API also allowed researchers to remotely enable the car's microphone, allowing nefarious people to eavesdrop on the occupants.
Weaponization of code signing is direct evidence that machine identities are a beachhead for cyber-criminals. The only way to protect against these kinds of attacks is for every software development organization to make sure they are properly protected.