Top Penetration Testing Toolkits Abused by Cybercriminals
Malware authors have been widely adopting open source security tools for cybercrime operations. Recently, Recorded Future released a report on the use of malicious C&C infrastructure throughout 2020 by tracking more than 10,000 C&C servers across more than 80 malware strains.
Cybersecurity teams are struggling with burnout, but the attacks keep coming
Coronavirus has obliged many organisations to force security teams to work remotely - and that's making the job of securing whole businesses against threats much harder.
Biometric security technology could see growth in 2021
Enterprise use of biometrics for security may see an uptick by organizations looking to defend themselves from attacks, but they must weigh the concerns against the benefits.
Microsoft, Google, Cisco, Dell join legal battle against hacking company NSO
Tech giants including Microsoft and Google on Monday joined Facebook’s legal battle against hacking company NSO, filing an amicus brief in federal court that warned that the Israeli firm’s tools were “powerful, and dangerous.”
Cybercriminals use psychology--cybersecurity pros should, too
Most successful cybercrimes leverage known human weaknesses. Isn't it time we stop getting psyched by the bad guys? Here are five steps cybersecurity pros can take now.
After Juspay, ClickIndia, ChqBook and WedMeGood have been reportedly hacked — data of over 10 million users up for sale on the dark web
After hacking masked credit and debit card data of crores of Juspay users, the same hacker possibly known as 'ShinyHunters' is now selling databases belonging to three more Indian companies on Dark Web, independent cyber security researcher Rajshekhar Rajaharia claimed on Wednesday.
Exfiltrating Data from Air-Gapped Computers via Wi-Fi Signals (Without Wi-Fi Hardware)
A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel—surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems.
Google Cloud Hires Goldman Sachs Man as First CISO
Google has hired the first security boss for its cloud business in the form of British-born Phil Venables. A 25+ year veteran of the industry with experience in CISO roles in some of the world’s biggest banks, Venables officially joined Google Cloud this month, according to his LinkedIn profile.
How COVID-19 has impacted the security threat landscape
A WatchGuard report reveals how COVID-19 has impacted the security threat landscape, with evidence that attackers continue to target corporate networks despite the shift to remote work, and a rise in pandemic-related malicious domains and phishing campaigns.
Cisco re-patches wormable Jabber RCE flaw
In September 2020, Cisco patched four Jabber vulnerabilities (including one wormable RCE flaw), but as it turns out, three of four have not been sufficiently mitigated.
Cyberattacks on the Rise for Digital Media and Entertainment Organizations
Cybercriminals are continuously attempting new and innovative ways to defeat security measures and controls to pilfer sensitive data.
A Broken Piece of Internet Backbone Might Finally Get Fixed
Efforts to secure the Border Gateway Protocol have picked up critical moments, including a big assist from Google.
IT-biztonság: felkészült munkavállaló, kisebb kockázat
As the Covid pandemic has brought about a sea change in the operations of most companies with work from home becoming the trend over the past 8-10 months, cyber security experts are of the view that several companies still need to be more proactive in terms of strengthening their systems against cyber attacks.
Researchers suggest 25 countries are using a kind of mobile spyware that monitors texts, location
A private surveillance firm that exploits mobile network vulnerabilities to spy on calls, texts and location data is doing business with at least 25 governments around the globe, including some with histories of human rights abuses, concludes a report released Tuesday.
Kibertámadások ostroma alatt a vállalati informatika
A koronavírussal érkező krízishelyzetben az üzletmenet folytonossága és a kiberbiztonság is forró téma lett szinte minden iparágban, a sürgető elvárásoknak pedig szinte lehetetlen megfelelni
CISOs say a distributed workforce has critically increased security concerns
73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals.
TikTok Awards Nearly $4,000 for Account Takeover Vulnerabilities
Vulnerabilities Could Have Allowed Hackers to Change Passwords of TikTok Accounts
How the pandemic has accelerated existing risk trends
COVID-19 has reorganized the risk landscape for chief audit executives (CAEs), as CAEs have listed IT governance as the top risk for 2021, according to Gartner. Analysts said the pandemic is giving rise to new sets of risks while exacerbating long-standing vulnerabilities.
Researcher Discloses Critical RCE Flaws In Cisco Security Manager
Cisco has published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) the networking equipment maker quietly released patches with version 4.22 of the platform.
Targeted Spear-Phishing on the Rise
The COVID-19-related phishing attempts targeting employees working from home.
Windows 10: Using Cisco's Webex Meetings for remote work? Patch now, warns Cisco
Cisco has fixes for high-severity security flaws in Cisco Webex Meetings for Windows and its recording playback apps.