A botnet called DarkIRC is exploiting a remote execution vulnerability in Oracle WebLogic, according to Juniper Threat Labs. Meanwhile, the malware used to create the botnet is being offered for sale on a darknet hacking forum.
The gang behind the Conti ransomware variant has posted data to its darknet website that it says it stole during a ransomware attack on industrial IoT chipmaker Advantech last month. The company reportedly confirmed the attack on Monday.
Could hackers inject malicious code that compromises the synthetic DNA supply chain and ultimately tricks bioengineers into inadvertently developing dangerous viruses or toxins? A new research report says that's a growing concern and calls for robust security measures.
The latest Linux version of the Stantinko botnet is designed to disguise the malware as an Apache server to help better avoid security tools and remain hidden, according to Intezer Labs.
The gang operating Trickbot is continuing its activities despite recent takedown efforts, rolling out two updates that make the malware more difficult to kill, according to the security firm Bitdefender.
The Telecommunications Security Bill introduced by the British government aims to set enforceable, minimum security standards for the nation's telecommunications providers, backed by penalties, including for any company that opted to use equipment from high-risk providers such as China's Huawei.
U.K. Prime Minister Boris Johnson announced Thursday the creation of a National Cyber Force designed to strengthen Britain's cybersecurity posture and give the country new defensive and offensive capabilities. Some security experts, however, are raising concerns about recruiting enough qualified staff members.
Some security experts say the United States' cybersecurity and overall defense posture are likely temporarily weaker because President Trump fired the leaders of the Cybersecurity and Infrastructure Security Agency and the Defense Department. But many remain confident defenses will be strong in the long run.
Organizations need to build security into their cloud environments to help thwart cyberthreats, says Tom Corn of VMware, who describes this "intrinsic security" approach.
Waves of support from the InfoSec community continue to pour in for former CISA Director Christopher Krebs, who was fired Tuesday by President Donald Trump. Meanwhile, an acting CISA director reportedly has been named, and Deputy Director Matt Travis has resigned.
Researchers are warning that many domain name system server implementations are vulnerable to a spoofing attack that allows attackers to redirect, intercept and manipulate traffic. Thankfully, fixes are already arriving for this so-called SAD DNS flaw.
With COVID-19 as a backdrop and 5G on the horizon, what will be 2021's top issues in identifying, protecting and defending against attacks across a dramatically expanded threat landscape? This latest CEO/CISO panel addresses the challenges of the new year.
Twitter has hired network security expert Peiter Zatko to serve in the newly created position of head of security following a series of high-profile cyber incidents. Zatko, known as "Mudge," gained fame as a member of the ethical hacking group "Cult of the Dead Cow" and worked for the government and Google.
Distributed denial-of-service attacks have not garnered much attention this year. But analysts say such attacks could surge, and they have the potential to be just as damaging as ransomware and other types of cyberthreats.
Palo Alto Networks plans to acquire security startup Expanse in an $800 million deal. It will integrate Expanse's attack surface monitoring technology into its Cortex product suite.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.asia, you agree to our use of cookies.