While the Russian-linked hacking group known as The Dukes, Cozy Bear and APT29 in recent years appeared to have gone somewhat quiet, researchers from ESET report that the hackers have been targeting various European embassies and ministries as part of what the security firm dubs "Operation Ghost."
Scammers are using the notorious Phorpiex botnet as part of an ongoing "sextortion" scheme, according to Check Point researchers. At one point, the botnet was sending out over 30,000 spam emails an hour and the attackers made about $110,000 in five months, researchers say.
Organizations are accepting that the network perimeter no longer serves as the "ultimate defense" and thus adapting zero-trust principles, including least privilege, based on the understanding that they may already have been compromised, says Darran Rolls of SailPoint.
Robotic process automation aims to use machine learning to create bots that automate high-volume, repeatable tasks. But as organizations tap RPA, they must ensure they take steps to maintain data security, says Deloitte's Ashish Sharma.
Passwords have failed, so what's next?
Password security is one of the most important issues facing information security today, and multi-factor authentication (MFA) technology mitigates the risk of password-only security today when providing access to corporate networks. But unfortunately, traditional MFA...
Logging tools can be unnecessarily complex. Having a simplified interface that is both scalable and uncompromising can help sort through every day traffic, and draw attention to problems in real-time.
Download this white paper to learn more about:
Alerts for the good, not always the bad
Passwords are no longer sufficient to secure logins, with 81% of breaches involving weak or stolen passwords. Multi-factor authentication (MFA) protects users from attacks by ensuring that only the intended, authorized users can access critical, secure information.
Download this whitepaper to learn:
The best way to change user behaviour and create a culture of enhanced security awareness is through a comprehensive security program that leverages a wide variety of tools and techniques. During this webinar we'll explore how organisations can develop a fit-for-purpose cyber awareness strategy that engages employees,...
Lastminute.com is a worldwide travel company that helps customers in 40 countries search and book travel related products and services. The company operates a portfolio of well-known brands, each with a consumer website in multiple languages and its own security and performance needs. Their total combined traffic...
The Philadelphia Department of Public Health inadvertently exposed on its website the records of thousands of hepatitis patients, according to a local news report. The incident points to the need for better staff training, one expert says.
Private-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company Sophos in a $3.9 billion deal, the two companies announced Monday. The Sophos board will "unanimously recommend" the sale to shareholders, the company says.
Cybersecurity vendor Imperva's breach post-mortem should serve as a warning to all those using cloud services: One mistake can turn into a calamity. The company accidently left an AWS API key exposed to the internet; the key was then stolen and used to steal a sensitive customer database.
Personalized product retailer CafePress has been hit with a lawsuit alleging that it failed to notify 23 million customers about a data breach in a timely manner or follow security best practices. The company was allegedly still using outdated SHA-1 to hash passwords, which can be easily cracked.