A new feature on antivirus product Norton 360 has left cybersecurity experts baffled, as the company has made a play in the cryptocurrency space with a tool that will mine Ethereum while users' computers are idle. Observers call it a puzzling move and that the feature may be difficult to uninstall.
In the latest update, four ISMG editors discuss key cybersecurity issues, including myth busting from the founder of Zero Trust, the reason behind the surge in high-profile cryptocurrency scams in India and how ransomware attackers routinely lie about their inclinations, motivations and tactics.
Arbix Finance, a yield-farming protocol that runs on Binance Smart Chain, has reportedly siphoned user funds in what blockchain security firm CertiK labeled a "rug pull." This follows a Library of Congress report indicating that the number of nations banning cryptocurrency has doubled since 2018.
A new supply chain attack is leveraging a cloud video platform to distribute skimmer - aka formjacking - campaigns to attack hundreds of real estate websites, according to researchers at Palo Alto's research arm, Unit 42.
Bernalillo County, the largest county in New Mexico, shut down its IT systems after reportedly suffering a ransomware attack on Wednesday. County officials say they are working with third-party vendors to remediate the incident. County staff are working remotely as systems are restored.
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. CISOs John Bassett and Martin Dinel discuss how their teams have tackled Log4j - and significant lessons learned.
Alphabet's Google has purchased stand-alone security orchestration, automation and response vendor Siemplify for about $500 million in cash, to bolster the threat detection and response capabilities built into Google's Chronicle security analytics platform.
Ten U.S. senators this week wrote to the secretaries of both the Department of Homeland Security and the Department of Transportation inquiring about specific measures they plan to pursue to prevent and respond to cyberattacks on the nation's critical infrastructure.
A Zloader malware campaign has been exploiting Microsoft’s digital signature verification to steal cookies, passwords and sensitive information, according to Check Point Research. The threat actor, likely MalSmoke, used legitimate remote management software to gain initial access.
In an update on the Apache Log4j vulnerability, Microsoft says exploitation attempts and testing for vulnerable systems and devices remained "high" through late December. This comes after security leaders have identified sophisticated and even state-backed attacks targeting vulnerable devices.
Remember Y2K? Widespread disruption was feared since systems that rendered dates as two digits needed to be updated to work with four. Well, Microsoft Exchange just issued a workaround to fix a fatal error that disrupted email delivery due to a date check failure with the change of the New Year.
The Israeli Ministry of Defense reportedly seized $836,168 worth of cryptocurrency from a currency exchange firm with ties to the Hamas terrorist group. The use of cryptocurrency by cybercriminals may be advantageous to law enforcement agencies, according to some experts.
In a series of crypto giveaway scams, cybercriminals targeted the official Twitter accounts of the Indian Medical Association, the Indian Council of World Affairs and Mann Deshi bank. The incidents highlight why social media accounts need better access management strategies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.