A British cyber law that criminalizes hacking is outdated, hindering law enforcement action against cyber crooks, U.K. lawmakers heard during a parliamentary hearing on cybercrime. Graeme Biggar, the director general of the U.K's National Crime Agency, said it should be an offense to steal data.
Pro-Russian and self-declared "hacktivist" group Anonymous Sudan appears to use expensive online infrastructure to perpetuate distributed denial-of-service attacks, undermining its claim to be a volunteer group operating from an impoverished East African country.
A surging Sonatype and Snyk joined stalwart Synopsys atop Forrester's software composition analysis rankings, while Mend.io tumbled from the leaders category. SCA historically didn't get as much attention as application security testing but that’s changing, said Forrester's Janet Worthington.
Federal authorities are warning healthcare and public health sector entities of an apparent resurgence of TimisoaraHackerTeam after an attack in recent weeks by the obscure ransomware group on a U.S. cancer center. HHS says the group was discovered by security researchers in 2018.
Malware developers are adopting an easy-to-use obfuscation tool that slips malware past antivirus, warn security researchers. BatCloak requires minimal programming skills to use. Among its recent successes is a recent remote access Trojan dubbed SeroXen.
The BlackCat ransomware group has claimed credit for a February phishing attack against Reddit. With no ransom being paid, the extortionists are now seeking to insert themselves into the standoff between Reddit's leadership and volunteer workforce over the introduction of paid access to APIs.
The litany of outages plaguing Azure and Microsoft 365 in recent weeks stems from DDoS attacks carried out by a pro-Russian hacktivist group. The threat actor since early June has launched DDoS attacks from multiple cloud services and open proxy infrastructures thanks to its collection of botnets.
The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments. Progress Software said a SQL injection flaw could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database.
A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.
With only 10 EU member states having blocked or restricted high-risk suppliers Huawei and ZTE from their 5G networks, EU Internal Market Commissioner Thierry Breton is urging holdouts to speed up, warning that the entire bloc faces increased cybersecurity and supply chain risks until they do so.
Ransomware actors are using the thing that verifies crypto transactions - mining - to their advantage. More criminals are laundering their ill-gotten gains by re-minting the digital money through mining to sanitize funds and bypass controls imposed by more highly regulated financial institutions.
A Russian government-linked threat group is using USB drives to spread a custom backdoor in a possible bid to reach air-gapped machines, said security researchers. The Security Service of Ukraine has identified the group, which it tracks as Armageddon, as a unit of the Russian FSB.
C5 Capital extended struggling threat detection firm IronNet a financial lifeline contingent on retired four-star Gen. Keith Alexander stepping down as CEO of the company he founded. The venture capital firm will inject $51 million if IronNet hires ex-Houghton Mifflin Harcourt CEO Linda Zecher.
Cybercriminals are increasingly preying on small hospitals, often in rural communities, knowing that security defenses at these facilities are often much weaker than those at larger institutions, said Kate Pierce, a former longtime CIO and CISO at a 25-bed community hospital in Vermont.
The potential for cybercriminals to reverse-engineer generative AI tools, the rise of geopolitical threats and increased cloud complexity are among the top new threats facing security teams in 2023, according to Forrester's Top Cybersecurity Threats In 2023 report.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.