The U.S. indictment charging that six Russian GRU military intelligence officers were responsible for numerous cyberattacks highlights Moscow's seemingly unending appetite for online destruction. Experts say more than indictments will be required to curb such activity.
The NSA is warning that Chinese-linked hacking groups are exploiting 25 vulnerabilities in software systems and network devices as part of cyberespionage campaigns - which means patching is urgent.
Many applications use open source components, which can make it challenging to pinpoint any security issues. How can organizations gain better visibility of risks?
U.S. officials have accused the Russian government of behaving "maliciously or irresponsibly" by taking steps such as crashing Ukraine power grids in the dead of winter and causing more than $10 billion in damages via NotPetya malware. But why make the accusations now? And how might Moscow respond?
Has the nation-state threat become like the weather - something everyone talks about, but no one can do anything about? It's time for a strategic change. A panel of experts offers a frank discussion of nation-state actors, their ongoing intrusions and what "taking off the gloves" might look like.
The recent "takedown" of Trickbot by Microsoft and others had only a temporary effect; the botnet's activity levels have already rebounded, according to Crowdstrike and other security firms.
The U.S. Justice Department unsealed indictments against six Russian military officers on Monday, alleging that they carried out a series of major hacking operations, including deploying destructive NotPetya malware - tied to more than $10 billion in damages - and attacking the 2018 Olympics.
Behavioral biometrics have evolved, and Michael Yeardley of LexisNexis Risk Solutions says the new generation of controls can not only identify the bad guy - but also "the really clever bad guy." He explains how.
As ransomware continues to slam organizations, a lively debate has ensued about whether ransom payments should be banned in all cases. Attempting to ban ransom payments, however, likely would only make the problem worse.
A newly identified financially motivated threat group, dubbed "FIN11," is deploying Clop ransomware and exfiltrating data from its targets for extortion efforts, according to researchers at FireEye Mandiant.
A hacking group with suspected ties to Iran's government is again targeting universities in the U.S. and around the world, according to researchers with security firm Malwarebytes. "Silent Librarian" typically attempts to steal intellectual property.
Banking institutions are seeing a significant spike in multi-channel financial crimes. But Duncan Ash and Julio Gomez of Splunk say data and analytics can be key differentiators in the effort to protect sensitive financial data.
Despite the takedown of the Trickbot botnet by Microsoft and others Monday, the malware is still functioning, and its operators retain the tools needed to rebuild their malicious network, some cybsersecurity experts say. So the impact, while significant, could prove to be temporary.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
Stop me if you think that you've heard this one before: The U.S., U.K. and some allied governments are continuing to pretend that criminals will get a free pass - and police won't be able to crack cases - so long as individuals and businesses have access to products and services that use strong encryption.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.