In the latest "Proof of Concept," Grant Schneider, senior director of cybersecurity services at the law firm Venable, and Ari Redbord, head of legal and government affairs at TRM Labs, join editors at Information Security Media Group to discuss trending cybersecurity issues.
As Russia's invasion of Ukraine continues, what will happen next remains unclear. Accordingly, cybersecurity experts are again calling on organizations globally to focus on what they can control, including their cybersecurity defenses and business resiliency preparedness.
Security researchers have spotted a Mac coinminer using personalized open-source apps to augment its malicious routine. A departure from other malwares that use Tor, this effective malware leverages i2pd to hide its network traffic from the untrained eye.
Cryptocurrency exchange Coinbase briefly halted its services Feb. 11 after a security researcher uncovered a critical vulnerability affecting its Retail Advanced Trading platform, allowing malicious users to sell BTC without owning any. The researcher who found the flaw got a $250,000 bug bounty.
The use of digital currency as legal tender continues to be prohibited in Russia, according to the Russian Ministry of Finance's draft of digital currency law, even as Russia imposes heavy regulations on crypto exchanges. Also, the Bank of Russia is testing the platform for the country's CBDC.
On Feb. 13, Adobe patched a critical vulnerability that affected its Commerce and Magento platforms, which customers use to manage their businesses' e-commerce. But a proof-of-concept exploit for the latest patch has resulted in yet another out-of-band patch update from Adobe for CVE-2022-24087.
In 2021, there was a spike in cybercrime, and the focus changed for threat actors from several countries, particularly Russia and China. Cybersecurity firm CrowdStrike provides an overview of the changes, analyzes the takedown of Russian threat actor REvil and adds to its list of adversaries.
How do we reflect on the Log4j crisis and emerge with lessons learned to apply to the next big application security incident? Julian Azaret shares insights, including how ITOps and SecOps must collaborate in new ways to ensure better preparedness.
Chip manufacturer Intel has released 22 security advisories, including seven with a high severity rating that let a privileged user enable local access to targeted devices.
Cisco's Email Security Appliance is affected by a high-rated vulnerability that can allow an unauthenticated remote attacker to launch a denial-of-service attack, the company says. The company and CISA advise that affected software be updated at the earliest.
According to a new threat report from Expel, business email compromise should now be viewed as "public enemy #1." Jonathan Hencinski of Expel is joined by Theodore Peterson of Datasite to support that claim and discuss how best to strategize against these schemes.
Budget-strapped and short of cybersecurity talent, SMBs have a hard row to hoe when it comes to securing their businesses. Will Ehgoetz, manager of Threat Hunters at ActZero.ai, discusses the challenges SMBs face when they take a vector-by-vector approach to security.
The ability to evade detection by traditional endpoint detection tools, easy availability of valid credentials, access to code vulnerabilities, increased persistence and ease of lateral movement are causing an increasing number of threat actors to choose malware-free options, CrowdStrike says.
Cyberattacks in the aviation sector over the past several years have been tied to a single advanced persistent threat group named TA2541, which - since at least 2017 - has consistently used more than a dozen remote access Trojans to control compromised machines, according to a report from Proofpoint.
The latest edition of the ISMG Security Report features an analysis of takedowns of multiple Russian-language cybercrime markets and communities by Russian authorities. It also describes the role of cryptocurrencies in the banking sector and how the identity market will evolve in 2022.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.