Researchers at cybersecurity firm Kaspersky have discovered an advanced Trojan, dubbed BloodyStealer, stealing gamer accounts and data from platforms such as Steam, Epic Games Stores and EA Origin. They say there is a demand for this type of data among cybercriminals.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
The Australian Cyber Security Center has issued a critical vulnerability alert in a Zoho Corp. password management service that could enable a threat actor to take control of the targeted host. The company has issued a security patch.
It is more important than ever to make applications robust and secure, but traditional application security has not kept pace with the demands of development and deployment. More needs to be done and as early in the software development lifecycle as possible.
The Checkmarx portfolio of products includes SAST, SCA,...
U.S. FBI and Department of Homeland Security leaders fielded several cybersecurity questions from House lawmakers Wednesday, particularly around the surge in ransomware attacks, diplomatic efforts to curb ransomware's financial model, and the nation-states that harbor cybercriminals.
Researcher Bob Diachenko has discovered an unsecured database containing personal information of 106 million foreign nationals who have visited Thailand in the past decade. The 200GB database, which has now been secured, has not been accessed by unauthorized personnel, Thai authorities say.
Researchers have found a zero-day vulnerability in U.K. broadband and cable TV provider Virgin Media’s Super Hub 3 routers that enables an attacker to unmask IP addresses of VPN users. But a Virgin Media spokesperson says the risk of that happening is "very low."
Earlier this month, McAfee Enterprise's Advanced Threat Research team, working with McAfee's Professional Services IR team, reported that an APT campaign dubbed Operation Harvest had been in operation for years. Their analysis provides insight into the group's tools, tactics and techniques.
While there is no dearth of talent among Indian bug bounty hunters, hurdles such as lack of trust, payment disputes, cost, unethical practices and lack of regulatory laws deter the growth of the bug bounty programs in the country, according to some experts.
Digital transformation is a journey that requires a cultural, technological and operational shift that puts the end-user experience at the forefront. By migrating applications to cloud-first infrastructure and delivering services digitally, organizations have more freedom to adapt to customer and business needs. But...
The Mirai botnet is actively exploiting the known vulnerability CVE-2021-38647, which is part of a quarter of vulnerabilities dubbed OMIGOD, in Microsoft's Azure Linux Open Management Infrastructure framework, according to Kevin Beaumont, head of the security operations center for Arcadia Group.
Cisco Talos researchers have connected a previously discovered series of aviation industry attacks stretching back more than three years to a Nigeria-based attacker. The attacker sold the stolen information on the darknet, the researchers say.
CISA, the FBI and the U.S. Coast Guard Cyber Command warn users of Zoho Corp.'s single sign-on and password management tool to patch for a vulnerability that nation-state groups may look to exploit. Attackers could use the bug to compromise credentials and exfiltrate data from Active Directory.
The Republican Governors Association was one of several U.S. organizations targeted in March when a nation-state group took advantage of vulnerabilities in Microsoft Exchange email servers, according to a breach notification letter filed with Maine authorities. It appears some PII was exposed.
Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.