Sophos researchers have discovered a malware campaign whose primary purpose appears to stray from the more common malware motives. Instead, say the researchers, it appears to steal passwords or to extort a computer's owner for ransom, blocking infected users' computers from being able to visit a large number of websites dedicated to software piracy by modifying the HOSTS file on the infected system.
Many adversaries take advantage of new vulnerabilities and convert them into weaponized attacks, while extreme adversaries focus on supply chain and targeted attacks.
Many adversaries now take advantage of new vulnerabilities and convert them into weaponized attacks very easily and very quickly, while the extreme adversaries are now focusing on supply chain and targeted attacks. This combination makes for a very challenging environment for any modern enterprise.
Inon Shkedy, Head of Security Research for Traceable, who also serves as the API Security Project Lead at OWASP and has co-authored the OWASP API Top 10, talks to Security about API security risks.
Microsoft’s Edna Conway, Chief Security and Risk Officer of Azure, will lead a webinar, Operational Resilience in a Hyperconnected World, on June 17, 2021 at 2:00 p.m. EDT, and provide a real-world, tangible approach to address security and resilience to support you in your journey to operational resilience.
With the assistance and coordination of Interpol and law enforcement officers from the Republic of Korea and the United States, Ukrainian police have arrested six alleged members of the Clop ransomware gang.
Evansville, Indiana-based Atlas World Group Inc., the parent company of Atlas Van Lines Inc., promoted Ann Heathcott to Chief Security Officer of Atlas Van Lines.
Just as organizations require a show of security and compliance due diligence for their enterprise applications, so should they be doing for their IoT devices. They should also be putting this same pressure on their suppliers.
The McAfee Advanced Threat Research team (ATR) uncovered a flaw (CVE-2021-33887) in the Android Verified Boot (AVB) process that left the Peloton vulnerable.
Some organizations believe that the use of public cloud services allows them to outsource all of their security needs, but often those options don't cover an organization's entire threat surface.
RSS
