Kaiji, a newly discovered botnet, is compromising Linux servers and IoT devices using brute-force methods that target the SSH protocol, according to the security firm Intezer. The botnet has the capability to launch DDoS attacks.
To ensure data is protected, business units must work closely with IT and security specialists to resolve data governance issues, says Sydney-based Prashant Haldankar, CISO at Privasec.
For many cybercrime investigators, it's all about indicators of compromise - evidence that a crime has occurred. But what if you were to shift toward cataloging behaviors that could indicate an attack is ongoing or imminent? Sam Curry of Cybereason explains the IoB concept.
With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. Security experts offer tips on mitigating the risks involved.
Microsoft issued patches for three zero-day vulnerabilities as part of its most recent Patch Tuesday update. The software giant had previously warned users about two vulnerabilities in the Adobe Type Manager Library that were being exploited in the wild.
Fraudsters waging business email compromise schemes are attempting to steal money from state agencies and healthcare providers that are buying medical equipment and supplies to combat the COVID-19 pandemic, the FBI warns.
As telework has become the norm during the COVID-19 pandemic, ensuring new security issues arising from the use of shadow IT are addressed has become a more critical issue. Subhajit Deb, CISO at Dr. Reddy's Laboratories, offers insights on maintaining visibility so shadow IT can be better managed.
The cyberthreat and fraud landscape is ever-changing, and attackers are upping the game with more advanced attacks. The COVID-19 pandemic has accelerated socially engineered schemes, such as phishing and virus-related scams. CISO Stephen Fridakis and consultant Rocco Grillo discuss how to ramp up defenses.
Zero-day exploits are increasingly a commodity that advanced persistent threat groups can purchase and use to wage attacks, according to a report from security firm FireEye. The report says the number of attacks leveraging such exploits grew last year.
Fraudsters are taking advantage of the uncertainty over the global COVID-19 pandemic to ramp-up business email compromise scams designed to steal money, the FBI and security researchers warn.
A security researcher found 10 flaws within HP's Software Assistant Tool, which is installed across HP's desktop and laptop computers. Bill Demirkapi, who found the flaws, says the software is risky because only seven of the flaws have been patched by HP.
With the COVID-19 pandemic forcing large portions of the workforce to shift to telework, CISOs need to rethink corporate policies on the use of video conferencing platforms and other communications tools, says NIST's Jeff Greene, who offers risk mitigation advice.
As CISOs in India scramble to deal with challenges related to the COVID-19 crisis, they're discovering effective strategies. For example, they're adopting the "zero trust" model for the remote workforce and devising ways to deal with the security issues raised by "shadow IT" and "free software."
The day after security researcher Patrick Wardle disclosed two zero-day vulnerabilities in the macOS client version of Zoom's teleconferencing platform, the company on Thursday rushed out patches for these flaws and one other.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.