Vulnerabilities in the Microsoft Windows print spooler, an aging but important component, will be discussed at the Black Hat security conference on Thursday. The vulnerabilities are rooted in patches that Microsoft created to fix issues exploited by Stuxnet, the malware that hampered Iran's nuclear program.
The NSA has issued an alert warning those working in the national security and defense sectors to mitigate the risks posed by mobile and internet of things devices, along with apps, that collect location data.
The FBI is warning organizations that are still using Microsoft Windows 7 they are in danger of attackers exploiting vulnerabilities in the unsupported operating system to gain network access. The agency points to an uptick in such attack attempts.
For the second year in a row, the House of Representatives has voted to lift the ban on the Department of Health and Human Services funding the development or adoption of a unique, national patient identifier. But will it be derailed again in the Senate?
It's a new and permanent extended enterprise, as cybersecurity leaders budget for 2021. What are the top threats and vulnerabilities? How have enterprises hardened their endpoint defenses? Stacia Tympanick of VMWare Carbon Black previews a new virtual roundtable.
A California-based organization that helps telemarketing companies avoid lawsuits for unsolicited calls exposed its internal files to the internet. Ironically, the breach exposed the phone numbers of those who've filed complaints about unsolicited telemarketing.
Adobe Flash Player, which has been patched hundreds of times during its lifetime to address vulnerabilities, will no longer be supported after Dec. 31, leaving an attack vector that can be exploited by malicious actors unless it's removed. That's why eliminating all instances of Flash Player is so urgent.
A trio of U.S. government agencies is warning organizations about a hacking campaign using a malware strain that has previously been tied to Chinese hackers. The Taidoor RAT, which has been around for over 10 years, has recently been spotted in several campaigns against IT service providers.
A 31-year-old man who allegedly distributed versions of the GandCrab ransomware to target users has been arrested in Belarus for possession and distribution of malware, according to the country's Ministry of Internal Affairs.
In this on-demand webinar, a panel of experts from eSentire and VMware Carbon Black discuss how the MITRE ATT&CK framework can be leveraged to better understand the tactics and techniques used by threat hunters and defenders to classify attacks and assess an organization's risk.
Suspects in the epic attack against Twitter were uncovered, in part, by the use of their real photo identification for cryptocurrency accounts they used to broker the sale of stolen usernames. The mistakes proved crucial to their identification, according to court documents.
As more reports emerge regarding data breaches at pharmacy chains as a result of earlier break-ins and looting incidents during civil unrest, security experts are calling attention to important security issues, including the need to check physical security measures as well as encrypt mobile devices.
Phishing, pandemic-themed malware and ransomware - the threat landscape is familiar. But what is the deeper impact on cybersecurity visibility and response? Keith McCammon of Red Canary shares insight in advance of a virtual roundtable.