Earlier this week, the United States Conference of Mayors took a united stance “against paying ransoms in the event of an IT security breach.” A nonbinding resolution unanimously adopted by the organization states that “paying ransomware attackers encourages continued attacks on other government systems, as perpetrators financially benefit.” The Conference

In response to a report by Belgian public broadcaster VRT NWS showing that Google lets human workers listen to audio captured by Google Assistant software, the tech giant acknowledges that its language experts review 0.2 percent of all audio snippets recorded by its virtual assistant. Google justifies this practicing by

A new report by LastLine shows that cyber risk may be highest during the summer months, with 30.5% of respondents indicating they see more cyber threats during the summer compared to the rest of the year. However, 47.1% said they did not notice seasonal attack trends. As to the specific

A new survey by Databarracks identifies hardware failure as the most common cause of data loss, ahead of human error and cyberattacks. However, cyberattacks are increasingly associated with data loss compared to previous reports, while the opposite trend is true for hardware failure and human error. In fact, the report

Check Point researchers are sounding the alarm over a new strain of Android malware that has already compromised 25 million devices. The malware, referred to as Agent Smith, is capable of replacing legitimate applications with malicious copies that display rogue advertisements. The malware is delivered via seemingly benign apps on

New research by the Ponemon Institute and Censinet shines the spotlight on third-party risk in the healthcare industry. According to the report, the majority (56%) of healthcare organizations were at the receiving end of a data breach caused by one or multiple third-party vendors, costing the industry a total of

ImmuniWeb researchers have found vulnerabilities in the web applications, APIs and/or mobile apps of 97 of the 100 largest financial organizations in the world, which are located across 22 countries. The report shows that 85 online banking apps where not compliant with GDPR, while 49 were not compliant with PCI

Threat actors have been targeting a government institution in Eastern Europe by taking advantage of CVE-2019-1132, which is one of the two Windows zero-days fixed by Microsoft as part of this month’s Patch Tuesday, ESET researchers report. The hacking group, known as Buhtrap, abused the privilege escalation flaw in a June

OODA’s Cyber Threat Analysis Report provides the “so what” behind the news and events we track on a daily basis. When it comes to putting cyber news in context, there really is no substitute for experience. The context in this report is provided by one of the most highly regarded

A new ransomware strain dubbed eCh0raix is designed to compromise network-attached storage (NAS) devices produced by QNAP Systems, researchers with Anomali have discovered. In order to compromise the devices, the threat actors crack weak passwords via automated attacks or take advantage of known security flaws. NAS devices are commonly used