Government officials in the U.S., U.K. and Canada issued a joint advisory Thursday warning that a Russian hacking group is targeting various research organizations in those countries involved in COVID-19 vaccine development.
Cybersecurity experts are pushing organizations to immediately patch a critical zero-day vulnerability in SAP's NetWeaver Application Server because threat actors are likely searching for networks that are susceptible to the flaw.
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
The British government has officially reversed course and will now ban Huawei's telecom gear from its 5G networks. The ban on use of the Chinese firm's equipment, based in part on U.S. sanctions against the manufacturer, goes into effect at year's end.
An Israeli court has dismissed a petition filed by Amnesty International that sought to revoke the security export license of NSO Group, a tech firm that's been accused of selling hacking tools to governments for targeting dissidents, journalists and lawyers.
It's common for security researchers to be ignored when reporting a software vulnerability. The latest example - vulnerabilities found by Independent Security Evaluators in a router made by China-based Tenda.
Enterprises want to make greater use of connected devices to develop new services and gain efficiencies, but security is a paramount concern. Piers Hogarth-Scott and Katherine Robins of KPMG break down the risks and the challenges around IoT security.
As the risks to IT and OT converge, organizations must ramp up their threat intelligence information sharing mechanisms and build a more comprehensive cybersecurity policy, says Singapore-based John Lee, managing director of GRF Asia, a federation for building global resilience.
Wells Fargo, the fourth largest bank in the U.S., has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The news comes after Amazon sent mixed signals to its employees about use of the social media app.
Connected devices for consumers don't come with service-level agreements agreements. The travails of Petnet, the maker of an automatic, cloud-enabled pet feeder that has now gone offline offer a tale of caution that points to the need for stronger consumer protection for cloud-enabled devices.
To the long list of alleged hackers who failed to practice good operational security so they could remain anonymous, add another name: Andrey Turchin, who's been charged with running the Fxmsp hacking group, which prosecutors say relied on Jabber and bitcoins in an attempt to hide their real identities.
A recently uncovered phishing campaign is using spoofed Zoom account alerts to steal Microsoft Office 365 credentials, according to a report from Abnormal Security. These attacks come as use of the platform soars due to work-from-home arrangements.
The Mac malware originally labeled as "EvilQuest," which researchers initially identified as a poorly designed ransomware variant, apparently is primarily an information stealer with ransomware-like elements designed to confuse security tools, according to the security firm Malwarebytes.