"Silent Librarian," a hacking group with apparent ties to the Iranian government, is continuing to revamp and refine its phishing techniques as it targets research universities in the U.S. and Europe in an attempt to steal intellectual property, according to the security firm Proofpoint.
The threat and risk surface of internet of things devices deployed in automobiles is exponentially increasing, which poses risks for the coming wave of autonomous vehicles, says Campbell Murray of Blackberry. Large code bases, which likely have many hidden software bugs, are part of the problem, he says.
The not-for-profit Libra Association, which would govern Facebook's new Libra cryptocurrency, launched Monday despite Visa, MasterCard and others dropping their participation. Meanwhile, Facebook CEO Mark Zuckerberg is scheduled to testify before Congress next week to address concerns about the project.
Despite a crackdown on some of its members in 2018, the FIN7 gang has returned with new malicious tools, including a revamped dropper and payload, according to analysts at FireEye. The hacking group is known for targeting point-of-sale machines and IT networks at a wide variety of businesses.
Pitney Bowes says it was infected by file-encrypting malware that has affected online accounts and mailing products but that client data doesn't appear to be at risk. The postage meter maker says "all options" are being considered for recovery, meaning that it could pay a ransom.
What's the purpose of ISO 27701, the new privacy extension to the ISO 27001 information security management standard? Matthieu Grall, CISO and DPO at SodiFrance, a French IT services company, who participated in development of 27701, explains the standard and discusses "privacy by design" compliance issues.
Law enforcement success inevitably sparks criminals to become more innovative, including shifting from centralized markets - such as Hansa and Wall Street Market - to encrypted and distributed marketplaces, says the University of Surrey's Alan Woodward.
Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
Cybersecurity vendor Imperva's breach post-mortem should serve as a warning to all those using cloud services: One mistake can turn into a calamity. The company accidently left an AWS API key exposed to the internet; the key was then stolen and used to steal a sensitive customer database.
Significant security events have many techniques in common, says Chris Hallenbeck of Tanium, who describes why security hygiene improvement, especially patch management, is so essential.
Defense and prosecution attorneys are asking for a delay in the trial of alleged Capital One hacker Paige A. Thompson, citing the overwhelming amount of digital evidence in the case and the ongoing forensics investigation. Prosecutors also expect to file additional charges.
Personalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million customers about a data breach in a timely manner or follow security best practices. The company was allegedly still using outdated SHA-1 to hash passwords, which can be easily cracked.
Nation-state attackers from outside the European Union pose the greatest threat to the continent's upcoming 5G networks, according to a new security assessment, which sidesteps the issue of Chinese firm Huawei's role in building these networks.
A Singapore man allegedly ran a large-scale cryptocurrency mining scheme that involved using stolen identities to access Amazon and Google cloud computing resources, according to a 14-count U.S. Justice Department indictment.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
