Western intelligence agencies lent authority Thursday to a Ukrainian exposé unmasking a campaign by Russian military state hackers targeting battlefield Android devices. Agencies from the Five Eyes intelligence alliance collectively dub the malware components "Infamous Chisel."
The shift from traditional malware-led attacks to identity-based attacks in the realm of cybersecurity has become more prominent than ever. Attackers continuously adapt their tactics, seek the path of least resistance and focus on exploiting vulnerabilities in identity-related weaknesses.
This week, Cypher rolled out a futuristic compensation plan for victims, hackers exploited crypto users via a WinRAR bug and separately stole $900,000 from Balancer, the DEA lost $500K to a crypto scammer and the EU Data Act's smart contract provision raised questions.
CrowdStrike CEO George Kurtz said point product companies "are quickly going the way of legacy antivirus" as rivals SentinelOne and BlackBerry reportedly hunt for buyers. The endpoint security market is quickly consolidating from being "littered with dozens of companies" to having several vendors.
Facebook parent Meta unearthed a Chinese propaganda campaign active across dozens of social media sites in what the company calls the largest known cross-platform influence operation in the world. "Spamouflage" operates across more than 50 platforms and forums.
A recently updated guidance document developed by an advisory group to the Department of Health and Human Services can help all types of organizations within the healthcare sector be better prepared to deal with the latest cyberthreats, said attorney David Holtzman of HITprivacy LLC.
SailPoint has agreed to buy U.K.-based privileged access management vendor Osirium for $8.3 million to better protect privileged and non-privileged identities on a single platform. The deal will allow Osirium to benefit from SailPoint's increased scale and enhanced sector and regional capabilities.
The French data regulator is calling on operators of large-scale databases to shore up defenses against a slew of threats including nation-states and sophisticated hackers capable of exploiting the supply chain or zero-day flaws. Next year CNIL will publish a set of cybersecurity recommendations.
Hackers are deploying a novel Android malware using an uncommon communication method to steal banking login data from compromised devices primarily in Southeast Asia. Users download the malware from phishing websites disguised as app stores that target Vietnamese and Thai speakers.
Costa Rica will build a national cybersecurity operations center with substantial U.S. backing following a crippling cyberattack last year and will also commit to using only trusted 5G providers. The U.S. Department of State has extended $25 million to build a virtual security operations center.
In the evolving threat landscape, small-time threat actors are entering the ransomware space and targeting small and medium-sized businesses. These organizations must adopt a defense-in-depth approach to defend themselves, said Nick Biasini, head of outreach at Cisco Talos.
Chinese espionage hackers behind an eight-month campaign to hack Barracuda email security appliances intensified their focus on high-priority targets around the time the company moved to fix the zero-day flaw behind the campaign. A custom backdoor suggests China was prepared for remediation efforts.
Two organizations that operate clinics and hospitals in the Midwest are the latest medical care providers struggling with an enterprisewide IT outage affecting clinical and administrative applications. The incident appears similar to recent attacks on several other regional entities.
In today's evolving digital landscape, application security is crucial. That’s why it is increasingly important to normalize the use of two-factor authentication in the developer community to the point that it is "effectively ubiquitous," said John Swanson, director of security strategy at GitHub.
Government agencies are recognizing that the seven pillars of zero trust, as outlined by U.S. federal agencies such as CISA and the DOD, should be strategically applied across various elements, including data and identity management, said Manuel Acosta, senior director and security analyst, Gartner.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.