In what amounts to one of the simplest but most baffling forms of social engineering, hackers from China have taken to sending CDs full of malware to state officials, leading the Multi-State Information Sharing and Analysis Center, a government security outfit, to release a warning detailing the scam.
I attended my first Google Next conference last week in San Francisco and came away quite impressed. Clearly, Google is throwing its more and more of its engineering prowess and financial resources at GCP to grab a share of enterprise cloud computing dough and plans to differentiate itself based upon comprehensive enterprise-class cybersecurity feature/functionality.
As the U.S. government works to neutralize its Chinese counterparts’ efforts to conduct surveillance via commercial telecom products, it may unintentionally jeopardize the United States’ bid to beat China to a nationwide 5G network.
In response to a new Trend Micro survey, which found among other things that only half of IT and security decision-makers believe IoT-related attacks are a threat to their organizations, and that 43% view IoT security as an afterthought, an expert with Corero Network Security offers commentary.
The cops are starting to close in on hackers who hijack phone numbers to steal Bitcoin and other cryptocurrencies.
Again some bad news for cryptocurrency users.
KICKICO, a blockchain-based initial coin offering (ICO) support platform, has fallen victim to a suspected cyber attack and lost more than 70 million KICK tokens (or KickCoins) worth an estimated $7.7 million.
Why checking news every day if you can simply read our cyber attack week digest and get the article compilation on the recent incidents? Check out our week 30 digest right now.
When it comes to cybersecurity, the United States government is great at talking the talk, yet consistently falls short of walking the walk. Unless the U.S. government actually implements the cybersecurity best practices it touts, the nation and its citizens will continue to be at an increased risk of a cyberattack.
Last year, Unit 42 reported a number of Google play apps infected with malicious IFrames in this report. Recently, we found similar cases on Google Play. However, this time, there are 145 Google Play apps infected by malicious Microsoft Windows executable files instead of malicious IFrames. We have reported our findings to Google Security Team and all infected apps have been removed from Google Play.
When it comes to the Pen Testing of Android-based applications, the main focus and attention of the Pen Tester is to live in the mindset of the Cyber attacker literally. The Pen Tester must then carry out an attack to see how the software code can be manipulated, what the weak spots of the app are, if there are any backdoors in which private and confidential can be hijacked, or even if there this an unseen “hole” in the app to see if a Trojan Horse can be installed and launch a Botnet style attack.
Without a ransomware recovery strategy, companies sometimes end up paying to retrieve their data after an attack. At the same time, threat actors are growing more sophisticated in their ability to bypass both antivirus and anti-ransomware tools — thus, they’re also growing bolder. To stay ahead of the curve, organizations will need to develop more complete defense systems and recovery plans.
The cryptocurrency craze is showing no signs of stopping as exchanges and ICO (Initial Coin Offering) platforms continue to experience breaches and virtual robberies. The latest such example comes from KICKICO, whose clients lost a whopping $7.7 million in Kick tokens, or KickCoins, after getting hacked by an unknown attacker.
You’re reading Significant Digits, a daily digest of the numbers tucked inside the news.
Check out the full schedule at the Artificial Intelligence Conference in London, October 8-11, 2018. Hurry—early price ends August 24.
From its inception in 1997, Black Hat has grown from a small technology-focused conference into a major information security event — offering briefings, education and training for security and risk practitioners. It’s renowned for shedding light on vulnerabilities found in everything from consumer devices to critical infrastructure.
Understanding today’s cybersecurity landscape is complex. The amount of threats aimed at enterprises is staggering. More than 230,000 new malware samples are launched every day. The average small and medium-size business experiences a cyber attack 44 times every day. And the cost of damage directly related to cybercrime is adding up, expected to reach $6 trillion by 2021.
The American election system is a textbook example of federalism at work. States administer elections, and the federal government doesn’t have much say in how they do it. While this decentralized system has its benefits, it also means that there’s no across-the-board standard for election system cybersecurity practices. This lack of standardization has become all the more apparent over the past two years: Hackers probed 21 state systems during the lead-up to the 2016 election and gained access to one. But the federal government and states don’t appear to have made great strides to ensure that this doesn’t happen again. To do so, they’d need to deal with not only their own cybersecurity deficits but also those of the private companies that help states administer elections.
Security is a major challenge confronting T&T and the world and in response to local and global risks, businesses must employ relevant strategies and update their risk management techniques.