Earlier this week, a security researcher found an unprotected Elasticsearch server that exposed financial data relating to tens of thousands of current and former loan- and mortgage holders in the US. The database contained converted versions of text documents mentioning names, birth dates, address details, social security numbers and other

According to a new report by Armor, a total of 681 million cyberattacks targeted cloud customers in 2018. The most popular attack techniques employed by threat actors were exploiting software flaws; accessing accounts through by brute-forcing or through stolen login data; targeting poorly secured devices that are part of the

Security researchers with Palo Alto Networks have been tracking a malware campaign involving the distrubution of the Redaman banking Trojan through widespread malspam campaigns with varying subject lines relating to debt collection and other financial obligations. The campaign mainly targets Russian speakers, although emails containing the Trojan as an attachment have been

The Office of the Director of National Intelligence has released a new four-year strategy for the American intelligence community. The main topic of the road-map is cybersecurity, while the document also focuses on subjects such as counter-terrorism and counter-proliferation. “As the cyber capabilities of our adversaries grow, they will pose increasing threats

A new report by Carbon Black indicates that geopolitical tensions between democratic western countries and authoritarian states such as Russia, China, North Korea, and Iran, lie at the root of an increasing number of cyberattacks. For instance, almost 50% of incident response investigations undertaken for Carbon Black customers in 2018 were

Security researchers with McAfee have discovered a new ransomware strain dubbed Anatova. The ransomware was found disguised as a game in a peer-to-peer network. Anatova will encrypt files on infected computers and subsequently demand a ransom of around $700 in DASH cryptocurrency (10 coins). The campaign is targeting users around the globe,

According to Vade Secure’s latest phishing report, the most impersonated brand in the final quarter of last year was Microsoft (again). The other brands making up the top 10 were Netflix, Paypal, Bank of America, Chase, DHL, Facebook, Docusign, Linkedin and Dropbox. Phishing messages pretending to come from Netflix increased

Talent shortage has clinched the top spot in the latest version of Gartner’s Emerging Risks Survey, which is based on data from the fourth quarter of 2018. The other top entries in the list of emerging risks for businesses were accelerating privacy regulation, the rapid pace of change, lagging digitization, and misconceptions

Apple has released security patches and other fixes for a host of flaws affecting iOS, macOS, tvOS, watchOS, Safari and iCloud. Many of the 31 iOS patches fixed arbitrary code execution vulnerabilities affecting various features including Bluetooh, FaceTime and Kernel. Other iOS security flaws that were addressed could have enabled

On Tuesday afternoon, the Department of Homeland Security ordered federal agencies to implement a variety of security measures aimed at preventing DNS hijacking attacks. As part of such attacks, threat actors target the domain name system (DNS) infrastructure that plays an essential role in directing Internet traffic, in order to redirect