The Chinese hacking group "Cicada" is exploiting the critical Zerologon vulnerability in Windows Server as part of a cyberespionage campaign that's mainly targeting Japanese companies' locations around the world, according to the security firm Symantec.
Researchers are warning that many domain name system server implementations are vulnerable to a spoofing attack that allows attackers to redirect, intercept and manipulate traffic. Thankfully, fixes are already arriving for this so-called SAD DNS flaw.
Three state-sponsored advanced persistent threat groups - one Russian, two North Korean - have been targeting companies across the globe involved with COVID-19 vaccine and treatment development, Microsoft says.
The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.
Researchers at Area 1 Security say a recently uncovered phishing campaign using a message saying that the recipient has been fired from their job is attempting to plant two malware strains - Bazar and Buer - using the Trickbot botnet.
A recently uncovered banking Trojan targeting Android devices can spy on over 150 apps, including those of banks, cryptocurrency exchanges and fintech firms, as a way to gather credentials and other data, according to an analysis by security firm Kaspersky.
Louis Marinos of the European Cybersecurity Agency offers an analysis of the agency's new Threat Landscape 2020 report, which shows how cybercriminals have been advancing their capabilities, adapting quickly and targeting victims.
The good news: U.S. election security measures seem to have worked. The bad news: Disinformation and misinformation campaigns continue. Tom Kellermann, who served as a cybersecurity adviser to President Obama, offers advice for President-elect Joe Biden and others on protecting critical infrastructure.
Check Point Research has uncovered a large and likely profitable business model that involves hackers attacking and gaining control of certain VoIP services, which enables them to make phone calls through a company's compromised system.
See how the different security vendors stack up.
Get an overview of endpoint security features, and capabilities, including next-gen technologies;
Compare the leading vendors including Sophos, Symantec, McAfee, Kaspersky, Microsoft, Bitdefender, Trend Micro, SentinelOne, and CrowdStrike;
See a summary of...
Stop the widest range of attacks with industry's most comprehensive next-gen endpoint protection.
Download this whitepaper to:
Stop unknown threats with deep learning;
Protect against ransomware with CryptoGuard;
Deny the attacker with signatureless exploit prevention.
Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency are urging local government agencies to patch the Netlogon vulnerability known as Zerologon ahead of next Tuesday's presidential election to improve security. A "small number" of attacks exploiting the flaw are continuing, Microsoft says.
U.S Cyber Command and the Cybersecurity and Infrastructure Security Agency have issued warnings about two Russian hacking groups that are using updated malware to target government agencies around the world.