The lack of automation and actionable threat intelligence may be preventing enterprises from developing the fully functional Cyber Fusion Centers they envision. Anomali's Mark Alba shares ideas on how to change that.
Anyone wanting to invent a system designed to stoke widespread abuse by fraudsters would be hard-pressed to best the non-fungible token. Because they get bought and sold using cryptocurrency, it's only a question of when scammers will turn their attention to defrauding NFT aficionados.
Customers of Indian payments platform MobiKwik appear to have gotten a lucky break: A listing for 8.2TB of stolen data pertaining to 99 million customers was withdrawn by a cybercrime forum seller, supposedly because of the public risk posed. MobiKwik continues to deny that it was breached. Who's to be believed?
The Iranian-linked threat group TA453, also known as Charming Kitten and Phosphorus, conducted a phishing campaign, dubbed "BadBlood," in late 2020 that targeted senior U.S. and Israeli medical researchers in an attempt to obtain their Microsoft Office credentials, according to Proofpoint.
Although SolarWinds has released a second round of patches for flaws in its Orion network monitoring platform that was targeted in a supply chain attack, some security experts say organizations need to go far beyond patching to manage the risks involved.
Security practitioners often tread a fine and not entirely well-defined legal line in collecting current and meaningful research. This research can also pose ethical questions when commercial sources for stolen data fall into a gray area.
Android device users are being targeted by a sophisticated spyware app that disguises itself as a "system update" application, warns mobile security firm Zimperium. The app can steal data, messages and images and take control of phones.
The zero-day attacks against Accellion's File Transfer Appliance show that a number of big-name firms continued to use the legacy technology - even though more secure, cloud-based options were available. Evidently, many CISOs didn't see a compelling reason to move on. Of course, now they do.
An attacker added a backdoor to the source code for PHP, an open-source, server-side scripting language used by more than 75% of the world's websites. Core PHP project members say the backdoor was quickly removed.
What happens when an e-commerce retailer sends customers a data breach notification email with a subject line that reads "strictly private and confidential"? "Clearly trying to make people stay quiet," responded one unamused Fat Face customer. Others report being none the wiser as to what risks they now face.
The SolarWinds supply chain attack demonstrates that Russian intelligence services have learned from previous operations and adjusted their tactics, says Dmitri Alperovitch, the former CTO of security firm CrowdStrike, which investigated Russian interference in the 2016 election.
Criminals operating online continue to tap ransomware in their pursuit of an illicit payday. That was the cybercrime reality throughout 2020, and unfortunately it still appears to be holding true in the first months of this year, the Cisco Talos Incident Response team reports.