Russia has relied on blunt-force cyberattacks in Ukraine to inflict maximum damage rather than turning to new techniques. In many cases, Ukrainian defenders are flying blind because Russian wiper malware is designed to evade most security controls, said Mandiant CEO Kevin Mandia.
Cyber crooks are performing server hijacking or proxyjacking to make money from the sale of their victims' compromised bandwidth on proxy networks, a new report by security firm Akamai finds. "The attacker doesn't just steal resources but also leverages the victim's unused bandwidth," it says.
The BlackCat RaaS group is developing a threat activity cluster using chosen keywords on webpages of legitimate organizations to deploy malicious malware. Trend Micro researchers discovered cybercriminals using malvertising to deploy malware using cloned webpages of WinSCP and SpyBoy.
With the growth of generative AI services, organizations want better control of the data going in and coming out of AI. Talon CEO Ofer Ben-Noon discussed how his firm has built a DLP compliance model around generative AI services that blocks healthcare information or SWIFT data shared with ChatGPT.
Federal regulators have issued a warning about a vulnerability in medical device maker Medtronic's Paceart Optima System which, if exploited, could lead to a denial-of-service or remote code execution affecting the system's cardiac device data.
Venn Software landed Series A funding to help businesses ensure the security and compliance of data on laptops they don't necessarily manage or own. The $29 million will enable firms to control and govern corporate data on worker-owned devices without forcing users to launch remote virtual desktops.
A startup founded by longtime Israeli Military Intelligence leaders landed Series B funding to support the cloud and on-premises data protection needs of hybrid organizations. The $100 million will help Cyera expand and broaden its offering to cover more pain points enterprises are experiencing.
Socure has purchased a document verification startup founded by former members of Airbnb's Trust and Safety Team for $70 million to better detect fake identities. The deal will help Socure optimize the digital capturing and back-end processing of driver's licenses and passports at faster speeds.
Digital Nasional Berhad, which manages Malaysia's 5G network, follows five principles to ensure a cyber-resilient network. Baljit Dhillon shared how the organization focuses on secure design, zero trust, supply chains, detection and understanding the impact of a compromise.
Are unsolicited smartwatches the new USB thumb drive? The U.S. Army warns that service members are being sent free wearables preloaded with malware designed to steal data from mobile devices as well as intercept voice communications and hijack cameras.
The National Security Agency has released mitigation advice for locking down Windows and Linux environments against powerful BlackLotus malware, warning organizations against having "a false sense of security" since patching alone will not stop the bootkit.
Operational technologies straddle both IT and production systems, which means multiple people need to own OT security risk. Security programs must heavily involve engineers in OT security and assign different security roles across the enterprise, said AJ Eserjose, Regional Director of OT-ISAC.
The first step in managing risk is recognizing it as a boardroom matter, and it demands that directors be prepared to understand and discuss the cyber issue and strategically guide C-level executives on this complex topic. It requires cyber competence in the boardroom, said CISO Marco Túlio Moraes.
A service selling DDoS disruptions via a Mirai-based botnet called Condi is the latest to target consumer-grade Wi-Fi routers made by TP-Link with firmware not yet patched to fix a known flaw. Unusually, a recently spotted sample of Condi has been stripped down to target only that flaw.
Malware developers are adopting an easy-to-use obfuscation tool that slips malware past antivirus, warn security researchers. BatCloak requires minimal programming skills to use. Among its recent successes is a recent remote access Trojan dubbed SeroXen.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.