Two years after WannaCry wreaked havoc via flaws in SMB_v1 and three years after Mirai infected internet of things devices en masse via default credentials, attackers are increasingly targeting the same flaws, security experts warn.
"Cobalt Dickens," a threat group with suspected ties to Iran, is continuing its attempts to steal intellectual property from schools and universities, according to an analysis by SecureWorks. The group's work continues even though several alleged members have been indicted by the Justice Department.
Apple is criticizing recent Google research that describes an expansive iPhone hacking campaign, accusing Google of "stoking fear" among users of its products. Google says it stands by its blog post, which focused on technical findings.
ISMG and Cybereason visited Dallas on their "Indicators of Behavior" roundtable dinner tour. And Cybereason CSO Sam Curry says the discussion validated the notion that it's time to reimagine incident detection and response.
For many cybercrime investigators, it's all about finding indicators of compromise - evidence a crime has been committed. Sam Curry of Cybereason describes the value of making a shift to cataloging indicators of behavior.
After two months of inactivity, the notorious Emotet botnet is poised to start delivering malicious code again; active command-and-control servers have been spotted in the wild, researchers at the security firm Cofense warn.
Where have all the hacktivists gone? While the likes of Anonymous, AntiSec and LulzSec became household names in the early 2010s, in the past three years the number of website hacks, defacements and information leaks tied to bona fide hacktivists has plummeted.
Chinese advanced persistent threat groups are targeting cancer research organizations across the globe with the goal of stealing their work and using it to help the country address growing cancer rates among its population, according to researchers at cybersecurity company FireEye.
The World Economic Forum recently identified "cyberattacks and data integrity concerns crippling large parts of the internet" as one of the top 10 global risks. Jaime Chanaga of NTT talks about the significance of that announcement and the concerns global security leaders face headed into 2020.
Finding a security framework comprehensive enough to serve the tactical needs of security operations teams can be difficult. MITRE ATT&CK is the first framework to meet these needs and provide a basis for real-time security operations improvements.
Download this white paper to learn more about:
The five essential...
The group behind the Cloud Atlas cyber espionage campaigns, which were first detected five years ago, is now deploying polymorphic techniques designed to avoid monitoring and detection, according to researchers at Kaspersky Lab.
There is a key shift in the
threat landscape as attackers focus more on attacking
key endpoints and infrastructure. As a result, many
organizations are developing security blind spots.
Read this ebook to learn more about:
Shifts in threat activity;
Blind spots in cyber defenses & how to regain...
The media continues to report that the threat landscape is evolving. But this is a common cliché that can smokescreen reality. In fact, significant security events tend to share notable commonalities. Regardless of whether the attack is a widely distributed banking Trojan extracted from a phishing email or a targeted...