Microsoft is warning that hackers with connections to Iran, as well as other threat actors, are attempting to exploit a critical vulnerability in Windows Server dubbed Zerologon, for which it has issued a partial patch.
Security researchers with the Chinese company Qihoo say they've spotted a new IoT botnet that brute forces telnet ports on routers and other devices and is coded with a command to erase infected devices.
A recent ransomware attack on a provider of software used by firms involved with COVID-19 vaccine development and other drug clinical trials illustrates increasing cyberthreats facing medical industry supply chain partners.
John McAfee, the founder of the cybersecurity firm that bears his name who also is a serial entrepreneur and a former presidential candidate, has been charged with federal income tax evasion. Plus, the SEC is accusing him of promoting initial virtual coin offerings without disclosing he was paid to do so.
2020's health crisis has created an unexpected boom in telemedicine initiatives. But with this rapid innovation and adoption comes a corresponding uptick in fraud. Dean Nicolls of Jumio Corporation talks about how improving identity verification can help curb the trend.
Organizations around the world must build stronger cyber resilience programs to help ensure they can bounce back from cyberattacks, says Craig Rice, group director of cyber resilience at Aviva, a British multinational insurance firm, who describes how regulatory requirements will evolve.
Using intrusive technologies to check staff behavior in an effort to fight against supply chain fraud is ineffective, says Richard Dailly, managing director in Hong Kong at the security firm Kroll, who explains why.
A Chinese-speaking hacking group used a rare Unified Extensible Firmware Interface bootkit dubbed "MosaicRegressor" to target nongovernment organizations and diplomatic missions with an espionage campaign for two years, the security firm Kaspersky reports.
Security researchers are warning of a fresh wave of phishing emails with election-related lures that are designed to get users to click, opening the door to spreading the Emotet botnet or harvesting users' credentials.
Privacy regulators in Germany have slammed clothing retailer H&M with a $41 million fine for collecting and retaining private employee data in violation of the EU's General Data Protection Regulation. H&M has apologized, instituted changes and promised to financially compensate employees.
Organizations in all sectors need to end "the dichotomy between privacy and security" and avoid a checklist approach to privacy protection, says digital ethics expert Ivana Bartoletti, who explains why ensuring customers' privacy is essential to a company's survival.