The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story.
A tax variable in the software implementing the Dingo Token allows the creators to charge 99% in fees per transaction, essentially stealing funds, an analysis finds.
Security teams can use a blocklist containing tens of thousands of proxy IP addresses used by the pro-Russian hacktivist group to defend their organizations from DDoS attacks.
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign.
The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group.
Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.
The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort.
The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks.
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security.
An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage.
Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information.
The average organization does business with 11 third parties, and 98% of organizations do business with a third party who has suffered a breach, an analysis finds.
Noting 13% year-over-year growth in fraudulent instruction as a cause of loss, report predicts organizations must get smarter about educating employees to spot fraudulent tactics.
Killnet is building its profile, inspiring jewelry sales and rap anthems. But the impact of its DDoS attacks, like the ones that targeted 14 major US hospitals this week, remain largely questionable.
Companies need to be aware of the work culture they foster. Diversity and inclusion aren't just buzzwords. Increasing female visibility and improving female mentoring to help women enter and advance within the cybersecurity industry are key steps forward.
KnowBe4 partners with the Center for Cyber Safety and Education to support Black Americans in recognition of Black History Month to help further education.
Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.
Login
FreshRSS