Law enforcement and intelligence agencies in the U.S, U.K. and Australia have issued a joint advisory on unidentified Iran government-backed advanced persistent threat actors exploiting Fortinet and Microsoft Exchange ProxyShell vulnerabilities to attack organizations in their respective countries.
The specter of the May attack on Ireland's national health service loomed large at the IRISSCON 2021 cybercrime conference in Dublin, as cybersecurity experts gathered to detail the ongoing rise of ransomware and other types of online crime, as well as how to best combat such attacks.
Chipmaker Intel has issued a security advisory for two high-severity vulnerabilities in the BIOS reference code in Intel processors that may allow privilege escalation attacks. The vulnerabilities have a high CVSS v3 score of 8.2.
Hacker group MosesStaff has targeted Israeli organizations with encryption attacks, according to Check Point researchers. Archived records show that at least 16 organizations - including the Israel Post, the Ministry of Defense and Israeli Intelligence Corps Unit 8200 - were targeted.
Ari Redbord of TRM Labs, who has had an extensive career in law enforcement, points out that 2020 was a pivotal year for putting cybersecurity on the agenda throughout the government. He discusses securing cryptocurrecy, the blockchain and other elements of the "digital battlefield."
A recent FireEye report, based
on interviews with 800 CISOs, showed that more than half of all
businesses aren’t ready for a cyberattack.
Additionally, in a study by the Ponemon Institute, nearly two-thirds of all
businesses experienced a cyberattack or breach in the previous 12
months. 65% of respondents said...
The U.S. and Israel will expand their diplomatic relationship around cybersecurity, announcing a bilateral task force this week that will support cybersecurity and fintech innovation. The news follows recent action by the U.S. Department of Commerce to blacklist Israeli spyware firm NSO Group.
Google’s Threat Analysis Group has released details of a watering hole campaign targeting a macOS zero-day exploit chain to install a never-before-seen malware on devices of users visiting Hong Kong websites of a media outlet and a prominent pro-democracy labor and political group.
Cloud video conferencing provider Zoom has released patches for multiple vulnerabilities in its product that could have allowed criminals to intercept data from meetings and attack customer infrastructure.
Federal authorities have issued alerts about security vulnerabilities identified in medical device products from manufacturers Siemens and Philips. The two advisories cover 13 flaws in Siemens' Nucleus Real-Time Operating System TCP/IP stack and three issues in certain Philips MRI products.
The top cybercrime threats facing organizations in Europe and beyond include ransomware affiliate programs, more sophisticated mobile malware and cryptocurrency-hawking investment fraud, among other types of crime, according to Europol's latest Internet Organized Crime Threat Assessment.
The latest edition of the ISMG Security Report features an analysis of the progress made by law enforcement agencies in the effort to crack down on ransomware. Also featured: Evil Corp banking malware still active; XDR market trends.
The U.S. has joined an 80-nation agreement that sets collective goals for cyberspace, with a particular focus on internet integrity, electoral security, intellectual property theft, use of malign hacking tools and more. Vice President Kamala Harris confirmed U.S. entry into the multistate pact.
New Jersey state regulators have smacked two vendors with a hefty financial settlement and corrective action plan for their involvement in a 2016 printing and mailing mishap that compromised the health information of nearly 56,000 residents.
Vulnerabilities in Apple Pay, Samsung Pay and Google Pay allow attackers to make unlimited purchases using stolen smartphones enabled with express transport schemes, according to a research report from Positive Technologies. These findings were presented at Black Hat Europe this week.