Calls are growing for an investigation into how commercial Pegasus spyware developed by Israel's NSO Group gets sold to autocratic governments and used to target journalists, lawyers, human rights advocates and others, with some lawmakers saying "the hacking-for-hire industry must be brought under control."
A newly discovered threat group dubbed Praying Mantis is targeting businesses in the U.S by exploiting vulnerabilities in internet-facing web applications to steal credentials and other data, the security firm Sygnia says.
Although Microsoft is slated to release the Windows 11 operating system in December, it's already available for a pre-release preview. And cybercriminals are taking advantage of that, slipping malware to those downloading a fake demo version, according to Kaspersky.
Security experts offer an analysis of Gartner's new strategic road map for SASE adoption that emphasizes the need for a detailed migration plan and offer tips for a successful rollout.
Remote management software company Kaseya says it obtained the ability to decrypt all victims of a massive REvil - aka Sodinokibi - attack via its software, without paying a ransom to attackers. But Kaseya has still not revealed how it obtained the decryption key, except to say it was supplied by a third party.
Malware developers increasingly are relying on "exotic" programming languages - such as Go, Rust, DLang and Nim - to create malicious code that can avoid detection by security tools and add a layer of obfuscation to an attack, according to a report released Monday by BlackBerry.
A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the security firm Malwarebytes.
A hacking campaign is targeting Kubernetes environments using misconfigured Argo Workflows to deploy cryptominers, a report by security firm Intezer finds.
Good news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. In addition, fewer victims are paying a ransom simply for a promise from attackers to delete stolen data.
With corporate America beginning to ask employees to come back to their offices in the fall, cybersecurity teams have the huge task of ensuring that the work environment is safe. This is particularly true of IoT devices, as many have been left unprotected for months.
Hack-for-hire group StrongPity deployed Android malware to target visitors to Syria's e-government website as part of its latest cyberespionage campaign, security firm Trend Micro reports.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the use of commercially available spyware and security risk management in the telecom sector.
A massive cyberattack has disrupted container operations at a port in Cape Town, South Africa, and a port in Durban also was affected, Reuters reports.
This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.
As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.