Siemens is advising its SINEC NMS customers to update to version V1.0 SP2 or newer in order to prevent exploitation of vulnerabilities that could allow remote execution of malicious code. As an alternative, customers could just restrict access to affected systems to trusted IP addresses only.
A new Android malware that can steal financial data, credentials, crypto wallets, personal data and cookies; bypass multifactor authentication codes; and remotely control infected devices is targeting online banking customers and financial institutions, cybersecurity researchers at F5 Labs say.
Evolving to a zero trust architecture can be overwhelming for organizations, leaving many unsure of where they should even start. Cloudflare Chief Security Officer Joe Sullivan urges CISOs to break the journey into bite-sized chunks that can be easily digested.
The U.S. Department of Justice, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, has dismantled the infrastructure of a massive Russian botnet known as RSOCKS, which hacked millions of computers and other electronic devices around the world.
Interest in passwordless authentication architecture continues to grow among U.S. government agencies and departments as they embrace more modern approaches to identity and access management, says Sean Frazier, federal chief security officer at Okta.
Phishing is no longer restricted to just emails. As attackers broaden their arsenal, businesses today also need to be on the lookout for impersonation attempts via SMS text messages or voice calls, says Roger Grimes, a data-driven defense evangelist at KnowBe4.
SentinelOne has expanded its detection and response capabilities beyond the endpoint in recent years with the acquisition of data analytics tech developer Scalyr and identity and deception technology vendor Attivo Networks, says Nicholas Warner, president of security.
Throughout the pandemic, more organizations have embraced managed service providers, but the same economies of scale that attract customers also make MSPs an increasing target of attackers, says Candid Wüest, vice president of cyber protection research at Acronis.
The proliferation of IoT devices and cloud has created a more vulnerable attack landscape, while technologies such as AI and deep learning can potentially thwart zero-day threats, says Itai Greenberg, chief strategy officer at Check Point Software Technologies.
In his spare time, ransomware expert Allan Liska recently became a certified sommelier. Branching out from his day job as principal intelligence analyst at Recorded Future, Liska says he's found numerous parallels between the deductive tasting process and threat intelligence.
As the Russia-Ukraine war continues, many commentators continue to highlight the lack of Russian cyberattacks. But The Chertoff Group's Chad Sweet says Russian cyberattacks remain fast and furious, although Moscow continues to publicly downplay both the attacks and their relative failure.
Until its disruption earlier this year, the Russian-language Hydra marketplace was the world's largest darknet market. Studying how Hydra became such a success will be key to tracking and disrupting future darknet markets, says Ian Gray, senior intelligence director at Flashpoint.
A bipartisan U.S. proposal for a national privacy law also imposes new cybersecurity regulatory mandates onto the private sector. The inclusion of a data security section in draft privacy legislation shows the Washington consensus for voluntary industry measures is wearing thin.
The U.S. Department of Defense is seeking attorneys who are cybersecurity subject matter experts and can embed inside each agency and work closely with each other, says Lt. Col. Kurt Sanger, an attorney and deputy staff judge advocate of U.S. Cyber Command.
The discovery and subsequent exploitation of a critical zero-day vulnerability in Apache's Log4j open-source library has highlighted the importance of code security in today's threat landscape, says Steve Wilson, security chief product officer at Contrast.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.eu, you agree to our use of cookies.