Forescout Research Labs and the Israeli security firm JSOF have found nine Domain Name System vulnerabilities affecting four TCP/IP stacks that, if exploited, could lead to remote code execution or denial-of-service attacks - potentially on millions of devices.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
Adopting the "zero trust" model is essential to ensuring security as organizations use more IoT devices, says Fred Streefland of Hikvision, a Chinese company that manufactures video surveillance equipment. He addresses misconceptions about the model.
President Joe Biden has nominated two U.S. National Security Agency veterans for top cybersecurity positions as the White House continues to confront the fallout from the SolarWinds supply chain attack as well as attacks against on-premises Microsoft Exchange email servers.
Microsoft Corp. on Monday announced it will acquire cloud-based speech technology and artificial intelligence vendor Nuance Communications in an all-cash transaction valued at $19.7 billion. The deal is expected to close by the end of this year.
Israeli public media outlet Kan, citing intelligence sources, says an Israeli government cyberattack was responsible for the shutdown of an Iranian nuclear power facility on Sunday in what Iran describes as an act of "sabotage."
President Joe Biden is asking Congress to boost CISA's budget by $110 million to help enable the agency to address a range of cybersecurity issues following several high-profile incidents in the past six months.
Email security provider Cofense and data security firm StrikeForce Technologies both have announced acquisitions. Meanwhile, data protection firm OneTrust received additional funding.
Visa's Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over a retailers' servers during payment card skimming attacks.
Citing national security concerns, the U.S. Commerce Department has placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from U.S. companies.
How can automation help to reduce money laundering fraud? Larry Gordon and Kathleen Gowin of the consultancy Endurance Advisory Partners describe how predictive KYC can help mitigate risks.
The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.
Four editors at Information Security Media Group discuss important cybersecurity issues, including President Biden’s latest cybersecurity proposals and large vendor-related breaches in healthcare.
The Lazarus Group, a North Korean-linked APT group, has recently deployed a previously undocumented backdoor called "Vyveva" to target a freight logistics company in South Africa, according to ESET.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.