Former customers of the now-defunct encrypted communications service EncroChat, which was infiltrated by police last year, continue to get busted, including members of a crime syndicate that operated "an industrial-scale cocaine laboratory" in the Netherlands, Europol says.
Passwordless authentication: Has its time finally arrived? J. Wolfgang Goerlich of Cisco talks about why now is the time to go passwordless, as well as which final obstacles need to be cleared to replace legacy authentication methods.
"It's not personal ... It's strictly business." That line from "The Godfather" encapsulates the mindset of criminals who extort businesses using ransomware and other tools: Their imperative is profits, no matter any disruption they might cause to critical services, such as those provided by Colonial Pipeline.
No script, no filter: Just Microsoft’s Edna Conway and Cisco’s Wendy Nather gathering with privacy leader Michelle Dennedy to discuss the impact of the SolarWinds supply chain attack and to play Buzzword Mystery Date with SASE, CIAM and "passwordless" authentication - are these trends dreamboats or duds?
Interpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking face masks. The case is a reminder that a "sophisticated" scheme need not require extreme technical sophistication to succeed.
Four editors at Information Security Media Group discuss important cybersecurity issues, including dealing with attacks targeting the aging Accellion File Transfer appliance and taking steps to enhance employee authentication.
An attacker added a backdoor to the source code for PHP, an open-source, server-side scripting language used by more than 75% of the world's websites. Core PHP project members say the backdoor was quickly removed.
Many organizations have updated the authentication process for customers to help ensure frictionless transactions. Now, some are starting to take similar steps to streamline and enhance authentication of their employees - especially those working remotely.
What happens when an e-commerce retailer sends customers a data breach notification email with a subject line that reads "strictly private and confidential"? "Clearly trying to make people stay quiet," responded one unamused Fat Face customer. Others report being none the wiser as to what risks they now face.
Years ago, when he was working in systems integration, Mirza Asrar Baig envisioned the concept of digital risk protection technology. Today, as CEO of CTM360, he is promoting it as a way to provide “offensive defense.”
It has been an open question as to how a half-dozen hacking groups began exploiting Exchange servers in an automated fashion in the days leading up to Microsoft's patches. But there are strong signs that the exploit code leaked, and the question now is: Who leaked it?
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.