It's understood: Ongoing monitoring of third party relationships is mission-critical. But what constitutes ongoing monitoring? Who should own it? Who should do it? Todd Boehler of ProcessUnity addresses these questions and more.
Until May, all Apple iOS devices were vulnerable to a "zero-click exploit" that would have allowed hackers to remotely gain complete control and view all emails, photos, private messages and more, says Google security researcher Ian Beer. He alerted Apple to multiple vulnerabilities - all now patched.
K12, a company offering online school curricula, says it paid a ransom after a recent ransomware attack in exchange for the hackers agreeing not to release stolen data.
Fraudsters are increasingly exploiting the auto-forwarding feature in compromised email accounts to help conduct business email compromise scams, the FBI warns.
Security education for employees is worthless unless it's highly targeted, says Angela Sasse, a professor of human-centered security at Ruhr University Bochum in Germany, who offers tips.
A botnet called DarkIRC is exploiting a remote execution vulnerability in Oracle WebLogic, according to Juniper Threat Labs. Meanwhile, the malware used to create the botnet is being offered for sale on a darknet hacking forum.
As part of a cyberespionage campaign, the Russian hacking group known as Turla deployed a backdoor called "Crutch" that uses Dropbox resources to help gather stolen data, according to the security firm ESET.
Citi, Equifax, Capital One - the list of financial institutions that have suffered high-profile cyber incidents is long, and the penalties they've incurred have been steep. To Scott Kannry, CEO of Axio, it all comes down to cyber risk - and he has new ideas for redefining it.
The gang behind the Conti ransomware variant has posted data to its darknet website that it says it stole during a ransomware attack on industrial IoT chipmaker Advantech last month. The company reportedly confirmed the attack on Monday.
Check Point Research has identified new variants of the long-dormant Bandook spyware that are being used for espionage campaigns across the world targeting government, financial, energy, food industry, healthcare, education, IT and legal organizations.
New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Trend Micro researchers have uncovered a macOS backdoor variant - designed to bypass security tools - that's linked to an advanced persistent threat group operating from Vietnam.
A hacking campaign in Germany is using compromised websites and social engineering tactics to deliver the Gootkit banking Trojan or REvil ransomware, according to Malwarebytes.
Could hackers inject malicious code that compromises the synthetic DNA supply chain and ultimately tricks bioengineers into inadvertently developing dangerous viruses or toxins? A new research report says that's a growing concern and calls for robust security measures.
Ex-CISA Director Christopher Krebs revealed in a "60 Minutes" interview what made officials confident that the election results were accurate: paper ballots. Krebs didn't mention President Trump by name, but refuted claims by his administration and personal lawyer, Rudy Giuliani, that the election was fraudulent.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.