Cybersecurity News

RSS

New evidence uncovered by Amnesty International and Forbidden Stories has revealed a massive wave of attacks by cyber surveillance company NSO Group’s customers on iPhones, potentially affecting thousands of Apple users worldwide.

A hacker created a database of information scraped from 700 million LinkedIn users after tricking the company’s API and used the same technique to create a database on 533 million Facebook users.

Dr. Bobby Blumofe, Chief Technology Officer of Akamai, discusses zero-trust security models and how they impact employee morale. 

A recent study from Security Compass found just 25% of organizations surveyed conduct threat modeling during the early phases of software development—requirements gathering and design—before proceeding with application development.

The number of cyberattacks increased by 17% compared to Q1 2020, and compared to Q4 2020, the increase was 1.2%, with 77% being targeted attacks, according to a new Positive Technologies Cybersecurity Threatscape Q1 2021 report. Incidents involving individuals accounted for 12% of the total.

Google’s Threat Analysis Group (TAG) has discovered four in-the-wild 0-day campaigns targeting four separate vulnerabilities this year, all which can be particularly dangerous when exploited and have a high rate of success.

While this is a step in the right direction, there are some confusion, speculation and rumors related to CMMC accreditation. The following are three common misconceptions around CMMC certification, with clarification to help organizations requiring CMMC certification to stay well-informed on the necessary guidelines and procedures.

Because cybersecurity events are complicated, we rely on analogies to understand how they work. Analogies are useful, but certain oversimplifications are perpetuating inaccurate narratives. These inaccuracies misdirect productive discussion and as a result, proposed policy and solutions are being based on faulty assumptions. A faulty premise can only yield flawed results…and cyber national security is not an area in which the United States has margin for error.

Bitdefender security researchers have discovered a threat group likely based in Romania that's been active since at least 2020. They've been targeting Linux-based machines with weak SSH credentials, mainly to deploy Monero mining malware, but their toolbox allows for other kinds of attacks.