The Executive’s Guide To Quantum Safe Security: Take these steps to make your enterprise quantum proof
The steady progress in quantum computing is resulting in exciting developments that will one day bring new capabilities to a wide range of use cases. Quantum computers can also bring new capabilities to attackers. The mathematician Peter Shor has proven that quantum computers can be used to rapidly factor large numbers into their primes in a way that will break most forms of asymmetric encryption used today. The computer scientist Lov Grover proved another algorithm that will, among other things, enable incredibly fast invalidation of another tool for security, the security hash. There are certainly other ways quantum computers will be used by adversaries, but these two methods alone are cause for serious concern. Imagine all the data your company believes is important being read by an adversary that wants to put you out of business, and imagine that adversary is operating in a location untouchable by the rule of law.
Research by Microsoft shows that the new campaign in which attackers exploit RDP instances vulnerable to the BlueKeep vulnerability in order to install cryptojacking malware, is likely tied to a cryptojacking campaign observed in September of this year. BlueKeep is a critical remote code execution flaw affecting RDP services on
A new report by Vade Secure indicates that PayPal was the most impersonated brand in phishing attacks last quarter, which is rather surprising since Microsoft usually dominates these campaigns. PayPal-themed phishing URLs have been on the rise in the past year and in Q3 they surged by 69.6%. By contrast,
A new report by Proofpoint looks at the email threat landscape in Q3 of this year. It shows that message containing malicious URLs now make up 88% of email-based threats. The overall volume of messages designed to get users to interact with nefarious URLs or attachments fell by 40% compared
The US Justice Department is charging three individuals, two of which are former Twitter employees, of conducting espionage targeting users of the social media platform who criticized the Saudi royal family. Two of the suspects are Saudi nationals, while the third is a US citizen. The campaign was allegedly orchestrated
Cybersecurity firm Trend Micro on Tuesday disclosed a data breach affecting 68,000 customers whose data was sold to a threat actor by a malicious employee. The cybercriminals who purchased the data used it to contact customers over the phone in an attempt to scam them. Trend Micro discovered the breach
In the third quarter of this year, phishing campaigns were more prevalent than in any other quarter since Q4 of 2016, according to a new report by APWG. The number of phishing domains surged by 46% compared to last quarter. Threat actors not only launched more phishing campaigns, but they also
Threat actors are increasingly leveraging Google Analytics and other web analytics tools in order to optimize their phishing campaigns, a recent Akamai study reveals. Attackers use these tools in order to keep track of “technical markers, like browser identification, geo-location, and operating system,” that “can help adjust the phishing website’s
Researchers with Wandera have discovered yet another set of malicious apps on the Google Play Store. The seven apps included a calculator, an alarm clock, two flashlight apps and three magnifier apps. While the apps do not contain malware when installed, they are “droppers” designed to download malicious “payload” apps
Threat actors are taking advantage of a vulnerability in the Firefox browser as part of a new tech support scam, a security researcher with Malwarebytes discovered. The flaw, dubbed browlock, makes it possible for code running on a website to lock up a browser tab by displaying numerous login popups.