"Hack for hire" groups operating in India are spoofing World Health Organization emails to steal credentials from financial services and healthcare firms around the world, according to Google's Threat Analysis Group.
The Russian blogging platform LiveJournal confirmed this week that it suffered several brute-force attacks in 2011 and 2012. But it insists that the 26 million usernames and passwords that are now available for sale on darknet forums came from other sources.
A bipartisan group of lawmakers has introduced a bill that calls for investing $100 billion in research on science and emerging technologies, including cybersecurity, quantum computing and artificial intelligence.
Small and midsize companies don't need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies.
As cyberthreats to medical research on COVID-19 - and other intellectual property - grow, organzations must take critical steps to prevent the theft of their "innovation capital," says Russell Koste, chief security officer of Alexion Pharmaceuticals.
Last week, security researcher Bill Demirkapi said that Trend Micro used a trick to get one of its drivers to pass Microsoft's approval process. Trend Micro has withdrawn the driver and says it's working with Microsoft on incompatibility issues that are unrelated to the researcher's findings.
A federal watchdog agency has established key goals and objectives - including protecting the security of IT infrastructure as well as combating fraud - that drive its oversight of the Department of Health and Human Services' COVID-19 response and recovery activities.
As a result of the COVID-19 pandemic, work-from-home employees have rushed to adopt videoconferencing tools. But Kroll's Alan Brill warns that sound security and privacy practices - backed by legal, risk management and HR teams - too often lag. Here are his top concerns and tips on how to address them.
The FBI has arrested another alleged member of the FIN7 cybercrime gang, which has been stealing millions of payment cards and other financial data since at least September 2015. It's the fourth arrest of those tied to the group.
Ransomware, wire transfer fraud, destructive attacks: In recent months, the financial sector has seen these and other online attacks surge by 238% as criminals continue to exploit the pandemic, warns Tom Kellermann of VMware Carbon Black, who shares findings from his firm's third "Modern Bank Heists" report.
Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET.
Britain is reconsidering whether Huawei's technology will be used its national 5G rollout as a result of increased White House sanctions against the Chinese telecommunications giant, which could result in Huawei having to source semiconductors from less reliable sources.
A bipartisan group of U.S lawmakers is requesting more information from the FBI and CISA about efforts to crack down on hacking groups linked to China's government that are targeting American facilities conducting COVID-19 research.
Security practitioners need to know what data their organization has and where it is kept so they can ensure it's protected. That inventory process that can be simplified by creating an information asset register, says Bilal Ghafoor, a data protection consultant.
As more organizations rely more heavily on cloud-based applications as a result of a remote workforce, they must avoid taking identity and access management shortcuts, says James Gosnold of the cloud consultancy CloudKubed, who calls for the addition of another layer of authentication.