A new Tripwire study reveals that the overwhelming majority (93%) of ICS security professionals are worried about disruptive cyberattacks impacting business operations or resulting in downtime of …
AppSec ‘Spaghetti on the Wall’ Tool Strategy Undermining Security
In order to mitigate application security risk, organizations often use a 'spaghetti on the wall' approach, meaning that they use lots of different tools and hope for the best, a new Radware report …
Continue Reading about AppSec ‘Spaghetti on the Wall’ Tool Strategy Undermining Security
Flaw in iTunes for Windows Abused for Ransomware Attacks
Security researchers with Morphisec are warning the BitPaymer ransomware actors have been exploiting a security flaw in the Bonjour updater for the Windows version of Apple iTunes in order to avoid …
Continue Reading about Flaw in iTunes for Windows Abused for Ransomware Attacks
Magecart Attack on eCommerce Platform Hits Thousands of Online Shops
Trend Micro recently discovered a new Magecart campaign targeting webshops hosted on the Volusion platform. Magecart is an umbrella term for various criminal groups that attack websites with the aim …
Continue Reading about Magecart Attack on eCommerce Platform Hits Thousands of Online Shops
Gaming, photo apps in Google Play infect Android handsets with malware
Last month, researchers with Dr. Web discovered that a number of apps on the Google Play Store were riddled with malware, including banking Trojans, adware, spyware, and info stealers. The malicious …
Continue Reading about Gaming, photo apps in Google Play infect Android handsets with malware
Imperva blames data breach on stolen AWS API key
Last month, cybersecurity firm Imperva announced that the data of a “subset of customers” of Imperva’s Cloud Web Application Firewall was exposed in a “security incident” in September 2017. This week, …
Continue Reading about Imperva blames data breach on stolen AWS API key
Escort forums in Italy and the Netherlands hacked, user data put up for sale
Two European web forums serving sex workers and their customers have been breached by a Bulgarian threat actor who is now selling 330,000 stolen user records on underground marketplaces. The …
Continue Reading about Escort forums in Italy and the Netherlands hacked, user data put up for sale
Most Americans can’t recognize 2FA, HTTPS, or private browsing
Most US adults are not familiar with basic tech and cybersecurity concepts, a new survey by Pew Research Center reveals. Just 28% of respondents were capable of selecting an example of two-factor …
Continue Reading about Most Americans can’t recognize 2FA, HTTPS, or private browsing
Impact and prevalence of cyberattacks that use stolen hashed administrator credentials
A recent One Identity survey[pdf] conducted among IT professionals sheds light on Pass the Hash (PtH) attacks, in which threat actors use stolen hashed administrator credentials in order to compromise …
Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey
In the past 12 months, 56% of utility companies around the world suffered at least one cyberattack resulting in the loss of private data or downtime affecting their operational technology (OT) …
Continue Reading about Many in Utilities Sector Expect Attacks on Critical Infrastructure: Survey