Four major cloud providers - AWS, Google, Microsoft and Oracle – will participate in a $9 billion U.S. Department of Defense remote computing contract, marking a departure from an earlier winner-take-all approach that ended up in court and slowed the DoD's cloud transformation program for years.
Cyber resilience extends beyond cyberattacks and encompasses the convergence of security and disaster recovery and takes into account other factors such as supply chain disruption, attacks on critical infrastructure, epidemics, market fluctuations, power outages, and natural disasters.
An online search by cybersecurity firm Cyfirma found more than 80,000 unpatched cameras made by Hangzhou Hikvision Digital Technology Co. Attackers could exploit the vulnerability to add the cameras to a botnet or as a launching point for lateral movement deeper into the camera operator's network.
An unnamed Eastern Europe company became a victim of that continent's largest-ever distributed denial-of-service attack, says Akamai. The report comes in a season with a record-breaking volume of DDoS attacks, fueled greatly by geopolitical events led by Russia's invasion of Ukraine.
The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.
Hackers are turning to cryptojacking to make easy money despite the fall in cryptocurrency valuation, including ransomware cybercriminals attracted by the lower-stakes world of cryptojacking, says threat intelligence firm SonicWall. The financial industry has seen a surge in cryptojacking attacks.
A scan of Russian servers led researchers to follow a trail of digital breadcrumbs to find a server with "smoking gun" evidence of connection to MedusaLocker ransomware. The malware has especially affected the healthcare industry. Attack surface risk firm Censys detailed its findings in a report.
Cyberattacks aren't just an annoyance but have real-world effects. Case in point: ransomware attacks on Colonial Pipeline and on food processor JBS. IBM Security's Chris McCurdy discusses these developments and security scenarios emerging from the cyber-physical fusion.
The government of Puerto Rico announced an investment of $7.6 million toward strengthening cybersecurity on the island. The island has undergone a string a embarrassing cybersecurity incidents, including a phishing incident that stole $2.6 million of taxpayer dollars.
Lockdown Mode will be available to all users who update to the latest versions of Apple operating systems this fall. This "extreme" protection will stop spyware infections through restrictions that render message attachments inaccessible, webpages slower to load and FaceTime calls harder to make.
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
Lithuania's National Cyber Security Center has warned of increasing DDoS attacks directed against the nation's public authorities and its transport and financial sectors following Lithuania blocking road and rail supplies to the Russian enclave of Kaliningrad.
The U.S. Department of Justice, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, has dismantled the infrastructure of a massive Russian botnet known as RSOCKS, which hacked millions of computers and other electronic devices around the world.
Cloudflare says it detected and mitigated "the largest HTTPS DDoS attack on record." The 26 million requests per second DDoS attack likely originated from hacked virtual machines and servers kept by cloud computing hosts and was likely exacerbated by computationally intensive encrypted web traffic.