One mystery with the recently discovered payment card sniffing attacks against such organizations as British Airways and Newegg has been how attackers might have first gained access to the victims' networks. But a number of cybercrime markets sell such access, in some cases for as little as 50 cents.
Attack code known as EternalBlue, designed to exploit a Windows SMB flaw, continues to work for attackers despite Microsoft having issued patches more than a year ago. One major U.S. business was a recent victim as part of a cryptocurrency-mining malware campaign, a researcher reports.
Intel has had a challenging time lately on the vulnerability front. It has issued yet another patch for its Management Engine after a researcher was able to extract two types of encryption keys. The problem was a repeat of one that Intel patched just last year.
Keeping endpoint security up to date is a struggle for small to mid-sized companies that have less resources than larger companies, yet have the same risk of attack. And that risk is only increasing. In 2017, the number of ransomware attacks increased by 30x and the number of breaches increased by 40%.
While tech-support scams have proliferated for years, the FBI says losses tied to such fraud are now higher than ever. Google has pledged to crack down on fake tech-support listings. But fraudsters regularly employ a variety of channels, including cold calls, pop-up windows and phishing emails.
A lawsuit accuses Google of "the surreptitious location tracking of millions of mobile phone users." The legal action was sparked by a report demonstrating that some Google apps tracked and time-stamped users' locations even if a user deactivated the "location history" setting.
Why are attacks so successful? Legacy endpoint security products are creating more problems than they solve. There is too much cost and complexity, defenses aren't keeping up, and security staff is stretched thin.
The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks.
Today's reality is that attackers are always present. Deception technology is purpose-built to stop advanced attacks and align security operations to top business risks.
In this white paper, we offer three examples of how financial services organizations are leveraging deception technology to get ahead of advanced...
The most costly attacks on ATMs are likely to be executed through the bank's corporate network. Although from inside the network, attackers cannot execute financial transactions on the ATM machines themselves, they can potentially gain access to the entire network of ATMs, as well as the related patch management...
Every day your organization's employees help cyber-attackers - not intentionally, but because the ordinary activity of sharing data and accessing corporate resources creates an "access footprint" that attackers can use to move toward your critical systems.
Download this whitepaper to learn more about:
Ovum, a market-leading research and consulting business that helps enterprises thrive in the connected digital economy, explains why every enterprise should put stronger authentication service on their radar as a means of better securing their companies data and minimizing their fraud exposure risk all while...
After years of focus, the needle is moving positively toward improving medical device security. But what about the growing cybersecurity issues associated with enterprise IoT? Mac McMillan of CynergisTek shares his concerns.