The French data regulator is calling on operators of large-scale databases to shore up defenses against a slew of threats including nation-states and sophisticated hackers capable of exploiting the supply chain or zero-day flaws. Next year CNIL will publish a set of cybersecurity recommendations.
Hackers are deploying a novel Android malware using an uncommon communication method to steal banking login data from compromised devices primarily in Southeast Asia. Users download the malware from phishing websites disguised as app stores that target Vietnamese and Thai speakers.
Costa Rica will build a national cybersecurity operations center with substantial U.S. backing following a crippling cyberattack last year and will also commit to using only trusted 5G providers. The U.S. Department of State has extended $25 million to build a virtual security operations center.
In the evolving threat landscape, small-time threat actors are entering the ransomware space and targeting small and medium-sized businesses. These organizations must adopt a defense-in-depth approach to defend themselves, said Nick Biasini, head of outreach at Cisco Talos.
Chinese espionage hackers behind an eight-month campaign to hack Barracuda email security appliances intensified their focus on high-priority targets around the time the company moved to fix the zero-day flaw behind the campaign. A custom backdoor suggests China was prepared for remediation efforts.
Two organizations that operate clinics and hospitals in the Midwest are the latest medical care providers struggling with an enterprisewide IT outage affecting clinical and administrative applications. The incident appears similar to recent attacks on several other regional entities.
In today's evolving digital landscape, application security is crucial. That’s why it is increasingly important to normalize the use of two-factor authentication in the developer community to the point that it is "effectively ubiquitous," said John Swanson, director of security strategy at GitHub.
Government agencies are recognizing that the seven pillars of zero trust, as outlined by U.S. federal agencies such as CISA and the DOD, should be strategically applied across various elements, including data and identity management, said Manuel Acosta, senior director and security analyst, Gartner.
Citrix NetScaler defenders are being warned to not just patch a critical flaw but also review logs from before mid-July for signs of compromise, since attackers - including "a known threat actor specializing in ransomware attacks" - have been dropping web shells that survive patching and rebooting.
In the post-digital transformation world - and in advance of the coming of quantum computing - it's time to future-proof cybersecurity by nurturing a culture of security. Dean Coclin of DigiCert discusses how banking institutions can embrace this change.
U.S. authorities Tuesday said they permanently dismantled the notorious Qakbot botnet in an international operation that seized 52 servers and nearly $9 million worth of cryptocurrency. Law enforcement identified more than 700,000 computers infected with the Qakbot malware.
How can you tackle mobile app security and solve user concerns about usability? No-code cyber defense automation can be used to achieve security outcomes in seconds, build desired protections and prevent fraud and malware directly inside the CI/CD pipeline, said Appdome CEO Tom Tovar.
Large language models have revolutionized various industries by automating language-related tasks, enhancing user experiences and enabling machines to communicate more naturally with human beings, according to Rodrigo Liang, CEO of SambaNova Systems.
Ransomware groups, like legitimate businesses, must adapt and change as they grow, in response to external pressures and trends. To survive, many large ransomware groups have adopted decentralized structures, said Yelisey Bohuslavskiy, chief research officer and partner with Red Sense.
Insider threats continue to pose significant concerns in today's digital landscape. While malicious insiders have garnered attention due to harmful intent, negligent users often make unintentional mistakes, contributing to potential cybersecurity risks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.co.uk, you agree to our use of cookies.