Threat actors are on a phishing spree targeting users of Zimbra Collaboration email suite, in particular small and medium businesses and government agencies. Security firm Eset on Thursday revealed the ongoing campaign, writing that the hackers behind it have been active since at least April.
The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the market has shifted dramatically to reduce risk exposure.
Browser security and microsegmentation play critical roles in stemming the bleeding from ransomware attacks, as "almost always the attacks come from a point-based browser vector," said Spencer Tall, managing director, AllegisCyber Capital. He shared two approaches to ensure secure browser adoption.
Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category. Leading threat intelligence providers have expanded into adjacent use cases such as brand protection and vulnerability management.
In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime group's attacks and why Check Point is buying startup Perimeter 81 for $490 million.
Calling all network defenders: Flag or block the unapproved use of legitimate cloud services in your enterprise, since malware-wielding nation-state attackers and cybercrime groups are both using them to hide their malicious activities, researchers warn.
North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurrency this year, far less than the country's banner year of cryptocurrency theft in 2022.
While consolidating third-party risks into one document is important, it is equally vital to introduce artificial intelligence into various elements of your third-party risk management program, said Jonathan Pineda, CISO and DPO at the Government Service Insurance System in the Philippines.
In this episode of CyberEd.io's podcast series "Cybersecurity Insights," Oliver Tavakoli, CTO at Vectra AI, discusses ways that discriminative AI technology can filter out all of the noise from the massive volume of alerts from a portfolio of cybersecurity tools.
Palo Alto Networks edged out Versa Networks, Cato Networks and firewall rival Fortinet for the top spot in Forrester's first-ever secure access service edge rankings. Leading providers have over the past 18 months built or bought both the networking and security pieces of SASE, Forrester found.
Researchers say a proxy service is routing internet traffic through unsuspecting users' systems that it turns into residential exit nodes, luring them into downloading the proxy application through offers of cracked software and games. Antivirus engines don't detect the application.
This week's roundup of digital assets-related cybersecurity incidents includes Argentina's investigation into WorldCoin; hackers' exploitation of Libbitcoin; Zunami and RocketSwap; Curve Finance's compensation plans for hack victims; the FBI's $1.7 million forfeiture; and X's crypto scam problem.
This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems offline after an attack, and researchers found flaws in AudioCodes phones and Zoom's ZTP.
The federal agency that enforces HIPAA is heavily focused on investigations of potential violations involving online tracking tools in healthcare websites that impermissibly transmit sensitive patient information to third parties, said Susan Rhodes of the Department of Health and Human Services.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.