A recently discovered botnet is infecting thousands of AT&T internet subscribers in the U.S., using a critical-severity blind command injection flaw first reported in 2017, according to new findings from China-based cybersecurity researchers.
Unidentified threat actors are using fake cryptocurrency-related websites to distribute the SpyAgent malware, which abuses legitimate remote access tools. They have targeted a legitimate Russian remote access tool called Safib Assistant, Trend Micro researchers note.
The FBI has seized 39.9 bitcoins worth $2.3 million from an alleged affiliate of the notorious REvil - aka Sodinokibi - ransomware group. A forfeiture notice filed by the government accuses Russian national Aleksandr Sikerin of having amassed the cryptocurrency via victims' ransom payments.
Join John O’Neill the Chief Information Security Officer at Molded Fiber Glass (MFG) Companies and Carolyn Crandall the Chief Security Advocate at Attivo Networks for a lively discussion on Identity Security as the Next Big Thing.
Join this on demand session to learn how attackers are leveraging credentials, Active Directory, and the vast over provisioning of entitlements to successfully conduct some of the most damaging attacks that we have ever seen.
Learn how the latest advances in privileged user monitoring can close windows of opportunity for attackers and keep business-critical data safe from credential theft, lateral attack movement, ransomware, and other threats.
In this on-demand webinar, you’ll learn how you can get out in front of the ransomware threat to stop hackers from locking down your data in the first place.
The Department of Health and Human Services has revealed its taken enforcement actions against five more healthcare providers in cases involving alleged failure to comply with the HIPAA Privacy Rule right of access provision. One includes a rare civil monetary penalty, which was levied against a physician.
An Ohio-based DNA testing company reported to regulators that the information of more than 2.1 million individuals contained in a legacy database was accessed and acquired in a hacking incident detected in August. The archived database contained personal information collected more than a decade ago.
A Microsoft zero-day vulnerability has not been fixed by the technology giant despite having been reported months ago, according to a security researcher. To protect users, a micropatching service, 0patch, has issued unofficial, free patches.
In her latest book, "Rhetoric of InSecurity: The Language of Danger, Fear and Safety in National and International Contexts," academic Victoria Baines questions the imagery and rhetoric we use to communicate safety and security issues, and details their unwelcome impact on the workforce.
Japanese multinational conglomerate Panasonic has disclosed a security breach that it says involved unnamed threat actors accessing servers on its network. The company says it detected the breach on Nov. 11. It was determined that some data on a file server had been accessed during the intrusion.
A new playbook, commissioned by the Food and Drug Administration, aims to help medical device manufacturers in developing and evolving threat modeling as an approach to strengthening the cybersecurity and safety of their products.
The nightmare scenario of monitoring multiple cloud environments and applications has been keeping CISOs awake at night. As much as they want to keep their data in just one cloud provider, the reality is that almost every organization will have to deal with a multi-cloud future.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.