The Gandcrab ransomware has been a moving target. Since it was discovered in January, it quickly became one of the most widely distributed file-encrypting malware programs. Researchers with Cisco say they've now found it seeded within legitimate websites, making its spread tougher to stop.
Adequately tracking the nonstop arrival and departure of officials in the Trump White House might require real-time, multidimensional flowcharts. But one thing is clear: The White House is facing a looming cybersecurity knowledge and expertise deficit, and that deficit may soon get worse.
Security alert: Microsoft has issued updates to fix 67 unique flaws in its products. One vulnerability in Windows VBScript engine is already being actively exploited in the wild via malicious Word documents and could also be employed for attacks via websites and malvertising, Microsoft warns.
Spectre and Meltdown: It's déjà vu all over again as Intel is reportedly prepping a coordinated vulnerability disclosure announcement for eight new speculative execution flaws. One of the new flaws is apparently worse than any of the three Spectre/Meltdown variants that came to light in January.
Equifax says it continues to field queries from U.S. lawmakers about the full extent of its massive 2017 data breach, which occurred after an attacker exploited its unpatched Apache Struts web application. Research finds that many more organizations are using unpatched Struts applications.
Security leaders need to align business goals and risks to be able to gain buy-in for security initiatives, which is the only way to achieve a cultural change in the organization, says Sameer Ratolikar, CISO of India's HDFC Bank.
In an exclusive in-depth analysis, a panel of security experts sizes up key steps many Indian organizations still need to take to comply with the European Union's General Data Protection Regulation, which will be enforced starting May 25.
You're the new kid on the cybersecurity block. You believe you have a unique solution to address an unresolved challenge in the security stack, and beta customers are bullish on your company's potential. We asked: "So what?" What makes these companies different? See startups deliver their quick pitch.
A vulnerability in a government-run website designed to assist employees in linking to their Provident Fund retirement accounts with their Aadhaar numbers was targeted by hackers, reportedly exposing data on millions.
Cybersecurity and fraud prevention functions need to start working more closely together to share and leverage cross-functional knowledge that can help improve security, says Michael Thelander of iovation.