The cyberattack earlier this year against Indian outsourcer Wipro, as well as several of its customers, is part of a much larger, multiyear phishing campaign that involves many more companies used as jumping off points, according to RiskIQ, which says the attackers apparently are manipulating gift cards.
Six major cloud services providers apparently were victims of Cloud Hopper, an umbrella name for deep cyber intrusions suspected to originate in China, Reuters reports. The report also alleges Cloud Hopper-affected companies withheld information from their clients for reasons of liability and bad publicity.
Increasingly, cyber attackers are molding technology and human intelligence into blended threats that prey upon vulnerable defenses. Chester Wisniewski of Sophos lays out how organizations can become more mature in preparedness and response.
Six suspects have been arrested as part of a 14-month international police probe into the theft of at least $28 million worth of bitcoin cryptocurrency from more than 4,000 victims in at least 12 countries. Investigators say attackers appear to have "typosquatted" legitimate bitcoin exchange sites.
Cloudflare was unsparing in its criticism of Verizon over a BGP snafu that hampered 15 percent of its global traffic, as well as traffic of Amazon and Google. Verizon's error underscores that much heavy lifting remains to make critical internet infrastructure secure.
More organizations are deploying single sign-on mechanisms when they move to software-as-a-service applications to help enhance authentication and control access, says Moshe Ferber, chairman of the Israeli chapter of the Cloud Security Alliance.
The latest edition of the ISMG Security Report analyzes the security and privacy implications of Facebook's new digital currency - Libra. Also featured: Discussions on the rise of machine learning and IT and OT collaboration on cybersecurity.
With cybersecurity becoming ever more difficult to monitor and manage, and product and data overload triggering cyber fatigue among cybersecurity professionals, organizations must embrace more autonomous approaches, says Censornet's Richard Walters.
With Facebook now officially preparing to launch its own cryptocurrency, Libra, in 2020, the social media giant is facing a privacy and security backlash both in the U.S. and Europe. Lawmakers and regulators are raising concerns about the offering based on the company's poor history of protecting user data.
Why does everyone keep mislabeling machine learning - a proven technique for helping organizations to improve their security posture - as artificial intelligence? "I'm so tired of the AI buzzword bingo," says John Matthews, CIO of ExtraHop Networks.
Visibility, or a lack thereof, continues to challenge organizations as they attempt to protect their businesses by knowing which systems, applications and data they have, says AlgoSec's Jeffrey Starr. He discusses how centralized visibility, control and automation can help.
As organizations pursue digital transformation initiatives backed by new application deployment techniques, they must ensure that security, operations and development teams fully coordinate, says Marco Rottigni of Qualys.