Hack-for-hire group StrongPity deployed Android malware to target visitors to Syria's e-government website as part of its latest cyberespionage campaign, security firm Trend Micro reports.
A massive cyberattack has disrupted container operations at a port in Cape Town, South Africa, and a port in Durban also was affected, Reuters reports.
This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whether the commercial spyware business model should be banned.
As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares essential steps and guidance for recovery.
Building business resilience through a "zero trust" approach requires role-based authentication, user access velocity checks, and monitoring people, processes, and technologies, a panel of experts says.
A patch is forthcoming for a privilege escalation vulnerability in the Windows operating system that can allow hackers to gain a foothold. Meanwhile, Linux OS users also need to adopt system upgrades to fix a flaw, and Oracle and Juniper have announced product patches.
Cybereason, Rapid7 and Microsoft announced acquisitions this week designed to boost their security capabilities. Meanwhile, DevOps security firm Sysdig made a move to add infrastructure-as-code security to its portfolio.
Researchers at Cognyte have identified the six common vulnerabilities and exposures - or CVEs - that were most frequently discussed by apparent cyberattackers on dark web forums between Jan. 1, 2020 and March 1, 2021. Five of these CVEs were for Microsoft products.
The Biden administration formally accused China's Ministry of State Security of conducting a series of attacks against vulnerable Microsoft Exchange servers earlier this year that affected thousands of organizations. This group is also accused of carrying out ransomware and other cyber operations.
A leak of 50,000 telephone numbers and email addresses led to the "Pegasus Project," a global media consortium's research effort that discovered how Pegasus spyware developed by NSO Group is being used in the wild.
A new exposé tracking how spyware has been used to target journalists and human rights advocates suggests attackers have been exploiting zero-day flaws in Apple applications and devices. Apple says the flaws, while serious, likely pose no risk to the vast majority of its users.
A greater level of cooperation is needed between the DOD and DHS to ensure that U.S. critical infrastructure is protected against various cyberthreats, according to an inspector general's report. The SolarWinds attack showed the need for more coordination between the two departments.
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.