As the headlines showed, ransomware continued to be the weapon of choice in 2020, and extortionware is on the rise. While ransomware has become a tried and true method at this point, extortionware tactics are raising the stakes by threatening to expose sensitive information if the ransom is not paid.
Intezer researchers discovered a new vulnerability in Azure Functions, which would allow an attacker to escalate privileges and escape the Azure Functions Docker container to the Docker host.
Companies hold more data on us today than ever before, and many of us are left in the dark on just where our personal, often sensitive, information lives. The daily headlines on data breaches and the mainstream attention in the form of documentaries like Netflix’s “The Great Hack” and “The Social Dilemma” have made clear to the public: it’s time we all do a data detox.
Cybercriminals can take advantage of human weaknesses in one place and use them in other places where they can get financial or other gains. Email addresses, real names, real addresses, phone numbers, date of birth, etc., all are valuable information for cybercriminals. They can build their database with this personal information and use them in future attacks. This is why practicing good cybersecurity habits as users and as administrators is critical for all of us for all systems we use.
To determine whether implementing gaming techniques for security awareness training at your organization makes sense, it is important to first understand what the ultimate goal of the security awareness course is. In many cases, gaming techniques can help employees overcome initial resistance to learning.
The recent breakthroughs in analytics, machine learning and AI have changed the way cybersecurity professionals can mitigate risks within the enterprise. There are several things to keep in mind, however, as cybersecurity team begins creating and building out a threat intelligence capability. Here’s how to make threat data relevant, actionable and effective for your organization.
Data Privacy Day is a global effort — taking place annually on January 28th — that generates awareness about the importance of privacy, highlights easy ways to protect personal information and reminds organizations that privacy is good for business. Here, Security magazine compiled advice, tips and best practices for safeguarding data from many security executives.
Law enforcement and judicial authorities worldwide have this week disrupted one of most significant botnets of the past decade: EMOTET. Investigators have now taken control of its infrastructure in an international coordinated action.
The Sophos Rapid Response team published findings from its investigations into recent ransomware attacks that reveal a failure to keep close tabs on “ghost” account credentials of recently deceased employees can give cybercriminals a discreet foothold to launch an attack.
RSS
