Attackers have been actively exploiting a flaw in Rackspace's hosted email service to send phishing emails, bearing legitimate and validated domain names, as part of business email compromise scams, warns IT security testing consultancy 7 Elements. Rackspace tells customers it plans to fix the problem soon.
Payments companies must secure their APIs and enhance their authentication standards in line with The Reserve Bank of India's guidelines to make QR codes interoperable and boost the electronic payments ecosystem.
Not only have enterprises accelerated their shift to the cloud in 2020, but they have also leapfrogged into multi-cloud environments. With this transition comes the top challenge: Maintaining appropriate visibility. Joe Partlow of ReliaQuest discusses how to tackle this challenge.
An indictment unsealed this week demonstrates the degree to which Western intelligence agencies have apparently been able to infiltrate the Russian intelligence apparatus to trace attacks back to specific agencies - and individual operators. Shouldn't Russian spies have better operational security?
Banking institutions are seeing a significant spike in multi-channel financial crimes. But Duncan Ash and Julio Gomez of Splunk say data and analytics can be key differentiators in the effort to protect sensitive financial data.
Cybercrime wouldn't exist as we know it today without there being a multitude of technologies and services that criminals have been able to turn to their advantage, and cryptocurrency is one of the prime examples, especially when it comes to ransomware, darknet markets and money laundering.
An unsecured Amazon Web Services database belonging to India's Dr Lal Path Labs, which offers diagnostic testing, exposed approximately 50 GB of patient data, including notes related to the results of COVID-19 tests, according to a security researcher.
A new malware variant dubbed Black-T developed by the hacker group TeamTnT targets exposed Docker daemon APIs to perform scanning and cryptojacking operations, according to researchers at Palo Alto Networks' Unit 42.
In this year of accelerated transformation, many enterprises have adopted and adapted to software-defined networking. Daniel Schrader of Fortinet and Daniel Cooke of Vandis discuss how they have partnered to empower networking transformation.
McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market. Separately, Ivanti announced that it would buy security firms MobileIron and Pulse Secure.
Microsoft removed 18 apps from its Azure cloud platform that were being used by hackers as part of their command-and-control infrastructure. The threat group, called Gadolinium, was abusing the infrastructure to launch phishing email attacks, Microsoft researchers say.
Training employees to resist phishing emails is key to preventing compromises. But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships.
Revisiting remote workforce security defenses, simplifying cloud access controls and pursuing risk-based vulnerability management and passwordless authentication are among the 10 security projects that all organizations should consider for this year and next, according to advisory firm Gartner.
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
TikTok and WeChat both received reprieves over the weekend that helped avert U.S. blocks of their social media apps. President Donald Trump says he has given his "blessing" to a deal that would see Oracle and Walmart take a stake in TikTok's U.S. operations. Separately, a federal judge suspended a WeChat ban.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.
