Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.
Despite the shift to e-commerce during the pandemic, attacks against POS devices persist. For example, Visa's payment fraud disruption team uncovered recent malware attacks on POS devices used by two North American hospitality companies.
The latest edition of the ISMG Security Report analyzes cybersecurity firm McAfee's plans to again become a publicly traded company. Also featured: 'Zero trust' strategic insights and an IoT security flaw saga.
McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
A fresh round of Joker malware that targets Android users has been found in Google Play as well as third-party app stores, according to reports from Zscaler and Zimperium. The Joker apps can steal SMS messages, contact lists and device information from infected smartphones.
An internet-connected coffee machine is the latest IoT device to show security problems. The security firm Avast infected the Smarter Coffee machine with ransomware that causes uncontrollable spinning of its grinder and dispensing of hot water. The only option to stop it? Unplug the machine.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.
Revisiting remote workforce security defenses, simplifying cloud access controls and pursuing risk-based vulnerability management and passwordless authentication are among the 10 security projects that all organizations should consider for this year and next, according to advisory firm Gartner.
It might be new, but are we ready to call this "normal?" In this latest in a series of CEO/CISO panels, cybersecurity leaders talk frankly about the new risk surface and the role emerging technologies play in helping us keep pace with our adversaries.
What will be the impact of the leak of investigatory documents from FinCEN - the U.S. Treasury Department's Financial Crimes Enforcement Network? For starters, experts warn that FinCEN reports may reveal sensitive information tied to banks and law enforcement agencies' investigatory tools and tactics.
A hacking group targeting Iranian dissidents has developed malware that can bypass two-factor authentication protection on Android devices to steal passwords, according to Check Point Research. The hackers have also targeted victims' Telegram accounts.
Mozi, a relatively new peer-to-peer botnet, is now dominating global IoT network traffic, according to a new report from IBM's X-Force unit. The malware is being used to launch DDoS attacks as well as mine for cryptocurrency.