The law enforcement agencies behind this week's disruption - dubbed “Operation Ladybird” - of Emotet are helping victims by pushing out an update via the botnet’s infrastructure that will disconnect their devices from the malicious network.
Some people run from change. Arun DeSouza of Nexteer Automotive runs toward it. "Now is my time," says the veteran chief information security and privacy officer, who shares his leadership and technology insights in this exclusive interview.
New Zealand’s financial regulator has issued a searing report about IT security failures at NZX, the country’s stock exchange, that contributed to a disruptive DDoS attack. The regulator says NZX had inadequate IT security and failed to prepare for DDoS attacks.
The latest edition of the ISMG Security Report features an analysis of this week’s police takedowns of Emotet and Netwalker cybercrime operations. Also featured: Updates on passwordless authentication and the use of deception technology.
Former Obama White House cybersecurity official Chris DeRusha has been appointed federal CISO by the Biden administration after having served as CISO for the Biden campaign. He joins a number of newly appointed officials who will have cybersecurity oversight.
Does your organization have a plan in place if one of your employees is accused of being an insurrectionist? If your software was being used to spread plans for a riot, could you detect that? Threat modeling expert Adam Shostack discusses how companies should be prepared to respond to issues in the news.
A recently discovered 10-year-old bug, if exploited, could give hackers root access to vulnerable Linux and Unix operating systems, according to Qualys. Security experts are urging users to immediately implement a patch to mitigate the risk.
With ransomware continuing to fuel a massive surge in illicit profits, some experts have been calling on governments to launch offensive hacking teams to target cybercrime cartels. They're also calling for a review of cyber insurance payouts being used to fund ransoms.
A targeted phishing campaign is using a fake Microsoft Office 365 update to steal email credentials from business executives, and the credentials are then being offered for sale in underground forums, security firm Trend Micro reports.
Norway's privacy watchdog has proposed fining location-based dating app Grindr nearly $12 million after finding that it violated Europeans' privacy rights by sharing data with many more third parties than it had disclosed.
More breach victims are emerging as a result of exploits of an unpatched vulnerability in an aging file transfer application from Accellion. The latest announcement comes from the Australian Securities and Investments Commission, which says recent credit license applications were accessed.
North Korean hackers have been "targeting security researchers working on vulnerability research and development at different companies and organizations" to trick them into installing backdoored software that gives attackers remote access to their systems, warns Google's Threat Analysis Group.
When he co-founded the firm Beyond Identity in 2020, serial entrepreneur Jim Clark said he felt somewhat responsible for the proliferation of passwords. Now he and partner Tom Jermoluk are doing something about it. They are providing access to their passwordless technology for free. Clark explains why.
Police in the Netherlands have arrested two health ministry workers for allegedly stealing COVID-19 patient data from the agency's systems and offering it for sale online.
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.