What's that IoT device on your network? A lot of organizations may not know. That's why Gartner analyst Tim Zimmerman says enterprises need to create IoT security policies and governance rules to reduce risk.
Canadian IoT device manufacturer Sierra Wireless reported Tuesday it had suffered a ransomware attack over the weekend, forcing it to halt production. The attack has disrupted its website and some internal operations.
The SolarWinds supply chain attackers manipulated OAuth app certificates to maintain persistence and access privileged resources, including email, according to researchers at Proofpoint.
This year's brisk cybersecurity sector M&A activity is continuing, with five more deals announced in the last two weeks. Here's a rundown of the latest activity.
Swiss cybersecurity firm Prodaft says it has accessed several servers used by an advanced persistent threat group tied to the SolarWinds supply chain attack. These attackers continue to target large corporations and public institutions worldwide, with a focus on the U.S. and the European Union, the researchers say.
Years ago, when he was working in systems integration, Mirza Asrar Baig envisioned the concept of digital risk protection technology. Today, as CEO of CTM360, he is promoting it as a way to provide “offensive defense.”
Acer, one of the world's largest PC and device makers, has been targeted by the ransomware gang REvil, aka Sodinokibi, according to news reports. The Taiwanese company has not confirmed it has been attacked, but data has been posted to the gang's darknet site.
Attackers are exploiting a critical remote code vulnerability in F5 Networks' BIG-IP server network traffic security management platform, for which the company released patches on March 10. The vulnerability is considered highly critical.
There has been a spike in web shells being detected as ransomware gangs and other attackers increasingly target vulnerable on-premises Microsoft Exchange servers following publication of proof-of-concept attack code for ProxyLogon, which is one of four zero-day flaws patched by Microsoft in early March.
Prevent attackers from getting a step ahead - watch on your own time this on-demand webinar where you’ll learn from the team that discovered the Golden SAML attack vector back in 2017 – an innovative technique now seen used for the first time in the SolarWinds attack.
A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
This edition of the ISMG Security Report features an analysis of the Microsoft Exchange on-premises server hacks – from who might have leaked the vulnerability exploits to how ransomware gangs are taking advantage of the flaws. Also featured: Tackling the cybercrime business model; assessing "zero trust."
Email security vendor Mimecast, which was targeted by the SolarWinds supply chain hack in January, reports in a Tuesday update that the hackers used the "Sunburst" backdoor as an initial attack vector to steal some source code. But Mimecast says it "found no evidence of any modifications" to that code.
U.S. intelligence agency reports conclude that Russia and Iran tried to interfere in the 2020 presidential election via disinformation campaigns, but found "no indication that any foreign actor attempted to alter any technical aspect of the voting process," including voting results.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.