Government leaders are increasingly calling on cybersecurity researchers to better inform policymakers and are urging businesses to pay more attention to their in-house security teams, according to presenters at this week's Black Hat Europe virtual conference.
A hacking group behind an Android spyware variant has recently added fresh capabilities that include the ability to snoop on private chats on Skype, Instagram and WhatsApp, according to ReversingLabs. This APT group, believed to be tied to Iran, has recently been sanctioned by the U.S. Treasury Department.
If FireEye - one of the top cybersecurity firms - can't protect itself, how can clients be sure anything from anyone will keep them safe? The myth of a "secured environment" has been revealed to be exactly that.
FireEye, one of the world's top cybersecurity firms, says attackers stole its penetration testing tools and sought information about government clients. But FireEye doesn't believe the suspected nation-state hackers exfiltrated any data.
An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
Critical authentication vulnerabilities contained in certain GE Healthcare medical imaging products could allow attackers to gain access to sensitive patient data, alter data and affect the availability of the equipment, according to new advisories from the vendor and the U.S. Department of Homeland Security.
President Donald Trump on Friday signed into law the Internet of Things Cybersecurity Improvement Act of 2020, the first U.S. federal law addressing IoT security. The act requires federal agencies to only procure devices that meet minimum cybersecurity standards.
A critical component within millions of consumer and enterprise IoT devices has dangerous software flaws. New research from Forescout Technologies into open-source TCP-IP stacks shows millions of devices from 150 vendors are likely vulnerable.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
Hackers with possible links to Iran appear to have breached an unprotected human-machine interface system at an Israeli water reservoir that connected directly to the internet. The system appeared to lack security protocols, according to researchers with Otorio.
The U.S. National Security Agency is warning that Russian state-sponsored threat actors are attempting to exploit a known vulnerability in several VMware products, according to an alert. Federal agencies are urged to apply fixes as soon as possible.
Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable. Beyond data-leak sites and affiliate programs, gangs have also been using call centers to cold-call victims, tell them they've been hit by ransomware and request payment.