An online search by cybersecurity firm Cyfirma found more than 80,000 unpatched cameras made by Hangzhou Hikvision Digital Technology Co. Attackers could exploit the vulnerability to add the cameras to a botnet or as a launching point for lateral movement deeper into the camera operator's network.
An unnamed Eastern Europe company became a victim of that continent's largest-ever distributed denial-of-service attack, says Akamai. The report comes in a season with a record-breaking volume of DDoS attacks, fueled greatly by geopolitical events led by Russia's invasion of Ukraine.
The era of pandemic-induced telework is also the era of higher reliance on mobile devices for sensitive workplace information - meaning we're likewise living in the age of fretful chief information security officers, a new survey concludes. "Companies are still struggling" to secure mobile devices.
Hackers are turning to cryptojacking to make easy money despite the fall in cryptocurrency valuation, including ransomware cybercriminals attracted by the lower-stakes world of cryptojacking, says threat intelligence firm SonicWall. The financial industry has seen a surge in cryptojacking attacks.
A scan of Russian servers led researchers to follow a trail of digital breadcrumbs to find a server with "smoking gun" evidence of connection to MedusaLocker ransomware. The malware has especially affected the healthcare industry. Attack surface risk firm Censys detailed its findings in a report.
Cyberattacks aren't just an annoyance but have real-world effects. Case in point: ransomware attacks on Colonial Pipeline and on food processor JBS. IBM Security's Chris McCurdy discusses these developments and security scenarios emerging from the cyber-physical fusion.
The government of Puerto Rico announced an investment of $7.6 million toward strengthening cybersecurity on the island. The island has undergone a string a embarrassing cybersecurity incidents, including a phishing incident that stole $2.6 million of taxpayer dollars.
Lockdown Mode will be available to all users who update to the latest versions of Apple operating systems this fall. This "extreme" protection will stop spyware infections through restrictions that render message attachments inaccessible, webpages slower to load and FaceTime calls harder to make.
FBI Director Christopher Wray and MI5 Director General Ken McCallum put business and academic leaders on alert over Chinese government-led intellectual property theft, telling an audience in London to think twice about doing business with Beijing.
The U.S. Department of Defense continues to experiment with bug bounties to draw in vulnerability reports from outside white hat hackers. It kicked off a new test program for continuous rewards on America's Independence Day by setting aside a pool of $110,000.
Lithuania's National Cyber Security Center has warned of increasing DDoS attacks directed against the nation's public authorities and its transport and financial sectors following Lithuania blocking road and rail supplies to the Russian enclave of Kaliningrad.
The U.S. Department of Justice, together with law enforcement partners in Germany, the Netherlands and the United Kingdom, has dismantled the infrastructure of a massive Russian botnet known as RSOCKS, which hacked millions of computers and other electronic devices around the world.
Cloudflare says it detected and mitigated "the largest HTTPS DDoS attack on record." The 26 million requests per second DDoS attack likely originated from hacked virtual machines and servers kept by cloud computing hosts and was likely exacerbated by computationally intensive encrypted web traffic.
Microsoft has not yet released patches for two zero-days, Follina and DogWalk, that both exploit vulnerabilities in the Microsoft Windows Support Diagnostic Tool. But the company has released a workaround for Follina, and micropatching service 0Patch has offered a temporary fix for DogWalk.
A new, as yet unnamed Airbus organization will address potential cyberthreats beginning July 1, amid the increasing digitalization and interconnectedness of the company's products and systems. The new firm will house all of Airbus' cybersecurity services and make key investments in the space.