Brokerage account takeover, supply chain attacks, destructive attacks and those that seek to manipulate time or time stamps are among the latest threats uncovered in the new Modern Bank Heists report authored by Tom Kellermann at VMware Carbon Black.
Criminals love to amass and sell vast quantities of user data, but not all data leaks necessarily pose a risk to users. Even so, the ease with which would-be attackers can amass user data is a reminder to organizations to lock down inappropriate access as much as possible.
A Texas man is facing a federal charge after he allegedly tried to buy explosives from an undercover FBI agent to bomb an AWS data center in Virginia, according to the Justice Department. The suspect believed the bombing could interrupt 70% of internet traffic, prosecutors say.
Microsoft Corp. on Monday announced it will acquire cloud-based speech technology and artificial intelligence vendor Nuance Communications in an all-cash transaction valued at $19.7 billion. The deal is expected to close by the end of this year.
The increasing reliance on collaboration tools such as Slack and Discord to support those working remotely during the COVID-19 pandemic has opened up new ways for fraudsters and cybercriminals to bypass security tools and deliver malware, Cisco Talos reports.
The new world of "work from anywhere" is all about connecting users to applications. “It’s just different,” says iBoss CEO Paul Martini. Yet, many enterprises still approach this new dynamic with the wrong security mindset. Martini outlines what they’re missing.
More precise and pervasive cybersecurity threat modeling during manufacturers' development of medical devices - and also during the regulatory product review process - is critical for risk mitigation, says Kevin Fu, new acting director of medical device cybersecurity at the FDA.
Researchers have uncovered nine critical vulnerabilities in Rockwell Automation's FactoryTalk AssetCentre product, which, if exploited, potentially could enable attackers to control an OT network. An updated version of the product mitigates the flaws.
Attackers are targeting unpatched SAP applications, and the exploits could lead to the hijacking of the vulnerable systems, data theft and ransomware attacks, SAP and Onapsis Research Labs report. They note that patches for most of the flaws have been available for several years.
Today's cryptocurrencies are based on cryptographic standards that eventually could be broken via quantum computing, says Gideon Samid of BitMint, which has developed a virtual currency based instead on the concept of "quantum randomness."
Up to 90% of software security problems are caused by coding errors, which is why secure coding
standards are essential. There are several secure coding practices you can adopt. But, to write truly
secure code, you need a secure coding standard.
Here, we explain what are secure coding standards and how to...
Malicious cryptomining is once again the top form of attack. Cryptomining remains hot because of its relative ease to monetize criminal activities. Cryptomining also has a relatively small footprint that can be easier to hide, and comes with a misconception that this type of attack is somehow less dangerous than...
Exponentially more devices on the network mean proportionately less visibility. This is reality for most enterprises today, and it’s changed the role of endpoint security solutions. Elias Levy of Cisco discusses emerging technologies and strategies, including the rise of XDR.
To deliver a secure infrastructure-as-code service, development teams must adopt a shift left strategy to bring all the applications and security under one umbrella to provide faster and continuous delivery of the fully automated code, according to Ori Bendet and Igor Markov of Checkmarx.