A previously undetected botnet called "Prometei" is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency, according to Cisco Talos.
The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.
The FBI is warning of an increase in distributed denial-of-service attacks using amplification techniques that are targeting U.S. organizations. The bureau notes that it's seen an uptick in attack attempts since February.
Companies can use data analytics and artificial intelligence to help mitigate the risk of collusion between their employees and vendors, says Amine Antari, managing director at the consultancy Kroll.
Following Twitter's admission that cryptocurrency scammers socially engineered its employees to gain control of 45 high-profile accounts, one reaction has been: Why didn't anyone crack Twitter sooner? Unfortunately, the answer is that they have, especially if you count nation-states bribing insiders.
A group of spoofed cryptocurrency trading apps is targeting devices running macOS to install malware called Gmera, security firm ESET reports. The malware can steal users' data as well as their cryptocurrency wallets.
The U.S. should restore the position of cybersecurity coordinator at the White House because the number of threats against the nation is increasing, several security experts testified this week at a House hearing. But some Republicans question whether the move would create unnecessary bureaucracy.
COVID-19 contract-tracing applications that help monitor individuals' possible exposure to those who have tested positive for the virus present a variety of privacy issues that must be addressed, says regulatory attorney Nancy Perkins.
Malware designed to provide backdoor access to corporate networks, gain administrative privileges and deliver additional payloads was hidden in tax software the Chinese government requires companies doing business in the nation to use, researchers at the security firm Trustwave report.
Creating a cyber intelligence strategy involves operational and tactical measures as well as technical approaches, says Jeff Bardin, chief intelligence officer at Treadstone 71.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
The lessons of the Mirai botnet's abuse of internet-connected devices four years ago have been taken to heart, says Aaron Guzman of OWASP, which is working with others to improve security benchmarks and testing for connected devices.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
For the second time this year, security researchers have found malware embedded in low-cost Android smartphones distributed through a U.S. government program, security firm Malwarebytes reports.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.