Decommissioned domains that were part of the pervasive Magecart web-skimming campaigns are being put to use by other cybercriminals who are re-activating them for other scams, including malvertising, according to researchers at RiskIQ.
The crypotmining botnet Smominru, which has been around since at least 2017, has resurfaced with a new campaign that has infected 90,000 devices worldwide, including in the U.S., China and Russia, according to security analysts at Guardicore.
U.S. Senators Chuck Schumer, D-N.Y., and Tom Cotton, R-Ark., are asking the Federal Communications Commission to reconsider operating licenses granted to two Chinese telecommunications companies, citing concerns over national security and foreign espionage.
An unsecured database owned by an Ecuadorian consulting company left over 20 million records on the South American country's citizens exposed to the internet, according to a report from two independent security researchers. An official investigation is underway.
Two years after WannaCry wreaked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.
As part of its September Patch Tuesday security update, Microsoft issued software fixes for two vulnerabilities in several versions of Windows that it says are being exploited by attackers in the wild. Security experts are urging IT teams to quickly patch these flaws.
Every week seems to bring a fresh installment of "patch or perish." But security experts warn that patch management, or the larger question of vulnerability management, must be part of a much bigger-picture approach to managing risk. And the challenge continues to get more complex.
Security by design, as its name suggests, is exactly that kind of a proactive approach. By ensuring that system components have been securely designed in the first instance, and that the system components will operate securely together, system architects can go a long way toward providing security and privacy by...
Cyber defense is no longer about staying a step ahead - it's about trying to remain no further than a step behind the adversaries, says Moshe Ishai of HolistiCyber, who shares insights on how to regain an advantage.
With the number of vulnerabilities on the rise, and their severity increasing, how can you identify the biggest cyber threats to your business - and know what to fix first?
Download this eBook to learn more about:
Discover the 3 critical steps to building an effective vulnerability remediation plan
Explore...
Digital transformation is the buzz across all sectors, but it poses significant security risks to enterprises. PJ Maloney of DXC Technology and William "Buck" Houston of Micro Focus Global Alliances weigh in on new strategies for securing the transformation.
Mike Krygier of the New York City Cyber Command outlines threats to connected cities and critical infrastructure, including ransomware, and what steps can be taken to mitigate risks
In light of emerging cyberthreats, including ransomware, organizations must change how they assess their cyber insurance options, says Ken Suh of Beazley.
With new threats targeting the nation's critical infrastructure, partnerships among government and private-sector security professionals are more critical than ever, says Brian Harrell of the new U.S. Cybersecurity and Infrastructure Security Agency.
Organizations need to create a "defensible" cybersecurity program that has a mandate and executive endorsement, says Gartner's Tom Scholtz. I. Here are some points to keep in mind when drafting a program.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.
