The MyKings botnet, which has been spreading cryptominers and other malware, continues to grow in sophistication, using steganography to hide malicious updates, Sophos Labs reports. New research also shows attackers are exploiting the EternalBlue vulnerability in Windows.
The Wawa convenience store chain is investigating why malware planted on point-of-sale devices at nearly all of its over 850 locations throughout the East Coast went undetected for nearly eight months.
The National Institute of Standards and Technology has released three biometric datasets to help organizations research new types of secure digital identification systems and authentication processes. NIST also released a study on facial recognition technology that raises some concerns.
New Orleans is setting an aggressive pace to restore services after a ransomware attack crippled the city's IT systems: fixing more than 450 servers and 3,500 endpoints in just 48 hours. It's work that would normally take weeks to months, but the city plans to do it must faster.
A federal judge ruled this week that the U.S. government is entitled to proceeds from Edward Snowden's memoir and his paid speeches because the former NSA contractor did not submit his materials to his former federal employers for review before publishing.
An alleged member of The Dark Overlord hacking group who apparently made dumbfounding operational security mistakes while trying to extort U.S. companies has pleaded not guilty. Nathan Wyatt is perhaps the only person associated with the notorious hacking group who left a clear digital trail.
In 2017, the U.S. Army ordered that the use of drones made by Chinese manufacturer DJI be discontinued, citing security concerns. Now, a second classified memo used to support that decision has been released, revealing serious concerns about how cyberspies could intercept video and other encrypted data.
"Zero trust" is arguably the cybersecurity buzzword of 2019, but what exactly is it? Is it a tool? Is it a capability? Is it a philosophical journey with no endpoint? Or is it all of the above? Jack Koons of Unisys explains why "zero trust' is a highly subjective term based on corporate risk appetite.
Video conferencing and collaboration systems are must-have tools for global companies. But new research by Forescout illustrates that elementary security errors in one vendor's system could have allowed attackers to snoop on meetings and view sensitive documents.