A botnet called DarkIRC is exploiting a remote execution vulnerability in Oracle WebLogic, according to Juniper Threat Labs. Meanwhile, the malware used to create the botnet is being offered for sale on a darknet hacking forum.
Citi, Equifax, Capital One - the list of financial institutions that have suffered high-profile cyber incidents is long, and the penalties they've incurred have been steep. To Scott Kannry, CEO of Axio, it all comes down to cyber risk - and he has new ideas for redefining it.
The gang behind the Conti ransomware variant has posted data to its darknet website that it says it stole during a ransomware attack on industrial IoT chipmaker Advantech last month. The company reportedly confirmed the attack on Monday.
New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Could hackers inject malicious code that compromises the synthetic DNA supply chain and ultimately tricks bioengineers into inadvertently developing dangerous viruses or toxins? A new research report says that's a growing concern and calls for robust security measures.
Based on the threats and tactics unleashed in 2020, cybersecurity promises to be a top-of-mind business risk for the next president to manage. Bill Swearingen of IronNet Cybersecurity reflects on a virtual roundtable discussion about what to expect over the next four years.
CISA is warning about a possible password leak that could affect vulnerable Fortinet VPNs and lead to further exploitation. The latest agency notice comes just days after hackers began publishing what they claim are leaked passwords on underground forums, according to researchers.
The U.K. is moving to improve its ability to combat online attacks via the establishment of an information warfare network named @HutEighteen. The move, announced by the Defense Academy of the United Kingdom, follows fresh EU sanctions against nation-state hackers and the U.K. standing up a National Cyber Force.
It took 100 days for the world to record its first 1 million COVID-19 infections. A week ago, 1 million cases were added in just over one day. In advance of the Thanksgiving break, pandemic expert Regina Phelps shares insights on the virus, testing and how soon we might see vaccines.
The latest edition of the ISMG Security Report features an analysis of how cybercriminals are ditching banking Trojans in favor of ransomware attacks. Also featured: Defending against deep fakes; supporting a dispersed workforce.
Warning to workers: Your productivity tools may also be tracking your workplace productivity, and your bosses may not even know it. But as more workplace surveillance capabilities appear, legal experts warn that organizations must ensure their tools do not violate employees' privacy rights.
India's urban cooperative banks need to take a holistic approach to build a security governance structure, opt for an ASP services model and map their business-critical risks to comply with the RBI's security posture guidelines, according to a panel of experts.
Glen Hymers, CISO and head of data protection at the U.K.-based charity Save the Children International, says adapting to a cloud-first environment requires extensive security measures, including automated monitoring.