Expert insights. Personalized for you.
Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. MORE
A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. MORE
Malicious SolarWinds Orion backdoor installed in Microsoft's network led to the attackers viewing some of its source code MORE
Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds , a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. MORE
Let's prioritize bipartisan strategic actions that can ensure our national security and strengthen the economy. Here are five ideas for how to do that MORE
Recent news articles have all been talking about the massive Russian cyberattack against the United States, but that’s wrong on two accounts. It wasn’t a cyberattack in international relations terms, it was espionage. And the victim wasn’t just the US, it was the entire world. MORE
One legacy of the ongoing global pandemic is that companies now realize that a secured and well-supported remote workforce is possible. Recently, the University of Illinois and the Harvard Business School conducted a study, and 16% of companies reported switching their employees to work at home from offices at least twice a week. Related: SASE translates into secure connectivity. MORE
The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name. MORE
Dozens of Email Accounts' Compromised by Attackers, Says Senior Democratic Senator An ongoing investigation at the U.S. MORE
This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device — over Wi-Fi, with no user interaction required at all. MORE
We recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below. MORE
Security researchers have uncovered a new technique to inject a software skimmer onto checkout pages, the malware hides in social media buttons. Security experts at Sansec have detailed a new technique used by crooks to inject a software skimmer into checkout pages. MORE
Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered a Golang-based worm that targets Windows and Linux servers. MORE
The ability to perform complex calculations on encrypted data promises a new level of privacy and data security for companies in the public and private sectors. So when can they get started MORE
Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. We began the new millennium with on-premises data centers supporting servers and desktops that a technician in sneakers could service. Connectivity was relatively uncomplicated. And given a tangible network perimeter, cybersecurity evolved following the moat-and-wall principle. MORE
While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor. MORE
Global pandemic and the easy availability of for-hire services and inexpensive tool sets gave adversaries more opportunities to attack MORE
government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. MORE
Fellow Victim FireEye Traces Breaches to Trojanized SolarWinds Software Updates The U.S. Commerce Department confirmed on Sunday it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck. MORE
Threat actors are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin installed on more than 500,000 sites. Hackers are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin to reset passwords for admin accounts. MORE
RiskIQ CEO Lou Manousos Details Lessons to Learn in Supply-Chain Attack Aftermath The SolarWinds breach is a case study in how attackers can subvert a widely used piece of software to turn it to their advantage, says Lou Manousos, CEO of RiskIQ. MORE
The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. MORE
Devastating Scope of Hacking Campaign Expands Microsoft says on Thursday it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies. MORE
Data Breach Today
DECEMBER 17, 2020
Devastating Scope of Hacking Campaign Expands Microsoft says on Thursday it has removed malware related to an expansive hacking campaign that has ensnared thousands of organizations and U.S. government agencies.
Dark Reading
DECEMBER 21, 2020
Let's prioritize bipartisan strategic actions that can ensure our national security and strengthen the economy. Here are five ideas for how to do that
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
DECEMBER 3, 2020
Security researchers have uncovered a new technique to inject a software skimmer onto checkout pages, the malware hides in social media buttons. Security experts at Sansec have detailed a new technique used by crooks to inject a software skimmer into checkout pages.
Krebs on Security
DECEMBER 14, 2020
Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds , a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks.
Advertisement
In this whitepaper from Onna, we will walk you through data retention best practices and provide you with a downloadable template to help you get organized and gain better visibility into your data’s lifecycle.
The Last Watchdog
DECEMBER 13, 2020
One legacy of the ongoing global pandemic is that companies now realize that a secured and well-supported remote workforce is possible. Recently, the University of Illinois and the Harvard Business School conducted a study, and 16% of companies reported switching their employees to work at home from offices at least twice a week. Related: SASE translates into secure connectivity.
Information Management Today brings together the best content for information management professionals from the widest variety of industry thought leaders.
Data Breach Today
DECEMBER 13, 2020
SolarWinds: Flawed Updates in Orion Platform May be Source of Attacks The U.S. Commerce Department confirmed on Sunday it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck.
Dark Reading
DECEMBER 28, 2020
The ability to perform complex calculations on encrypted data promises a new level of privacy and data security for companies in the public and private sectors. So when can they get started
Security Affairs
DECEMBER 31, 2020
Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered a Golang-based worm that targets Windows and Linux servers.
Krebs on Security
DECEMBER 18, 2020
government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets.
Speaker: Shannon Lietz, Director of DevSecOps Team, Intuit
You've finally done it: You've won over C-Suite and your DevSecOps team is up and running. But how do you monitor your new program? Join Shannon Lietz, Leader and Director of DevsecOps at Intuit, and learn to lead your DevSecOps team to the top.
The Last Watchdog
DECEMBER 8, 2020
Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. We began the new millennium with on-premises data centers supporting servers and desktops that a technician in sneakers could service. Connectivity was relatively uncomplicated. And given a tangible network perimeter, cybersecurity evolved following the moat-and-wall principle.
WIRED Threat Level
DECEMBER 20, 2020
The crooks used emulators to mimic the phones of more than 16,000 customers whose mobile bank accounts had been compromised. Security Security / Cyberattacks and Hacks
Data Breach Today
DECEMBER 14, 2020
Fellow Victim FireEye Traces Breaches to Trojanized SolarWinds Software Updates The U.S. Commerce Department confirmed on Sunday it had been targeted by hackers, and the U.S. Treasury has also reportedly been struck.
Dark Reading
DECEMBER 31, 2020
Despite a pandemic and possibly the worst cyberattack campaign ever waged against the US, the year still had some bright spots when it came to "good" and creative hacks
Advertiser: Amplitude
As part of our goal to continue helping our community during these times, we wanted to share with you this critical data on the state of digital products across industries and provide context on how businesses are responding to the changing winds.
Security Affairs
DECEMBER 21, 2020
While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds Orion supply-chain attack revealed the existence of another backdoor that was likely used by a separate threat actor.
Krebs on Security
DECEMBER 15, 2020
The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday.
Micro Focus
DECEMBER 9, 2020
When a bright, 30-something persuaded the authorities to waive the restrictions on age and weight, and joined the US Navy in 1944, no-one could have foreseen the profound benevolent impact Grace Hopper would go on to have on computing and the world as we know it today.
WIRED Threat Level
DECEMBER 30, 2020
This year saw plenty of destructive hacking and disinformation campaigns—but amid a pandemic and a historic election, the consequences have never been graver. Security Security / Cyberattacks and Hacks
Advertiser: UserTesting
Up to 80% of new products fail. The reality is harsh and the reasons why are endless. Perhaps the new product couldn’t oust a customer favorite. Maybe it looked great but was too hard to use. Or, despite being a superior product, the go-to-market strategy failed. There’s always a risk when building a new product, but you can hedge your bets by understanding exactly what your customers' expectations truly are at every step of the development process.
Data Breach Today
DECEMBER 22, 2020
Dozens of Email Accounts' Compromised by Attackers, Says Senior Democratic Senator An ongoing investigation at the U.S.
Dark Reading
DECEMBER 31, 2020
Malicious SolarWinds Orion backdoor installed in Microsoft's network led to the attackers viewing some of its source code
Security Affairs
DECEMBER 12, 2020
Threat actors are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin installed on more than 500,000 sites. Hackers are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin to reset passwords for admin accounts.
Krebs on Security
DECEMBER 16, 2020
A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned.
Advertiser: ZoomInfo
Every sales forecasting model has a different strength and predictability method. It’s recommended to test out which one is best for your team. This way, you’ll be able to further enhance – and optimize – your newly-developed pipeline. Your future sales forecast? Sunny skies (and success) are just ahead!
Schneier on Security
DECEMBER 2, 2020
This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device — over Wi-Fi, with no user interaction required at all.
WIRED Threat Level
DECEMBER 9, 2020
Imperial troops have finally figured out how to do more than charge straight ahead. Security Security / Security News
Data Breach Today
DECEMBER 29, 2020
RiskIQ CEO Lou Manousos Details Lessons to Learn in Supply-Chain Attack Aftermath The SolarWinds breach is a case study in how attackers can subvert a widely used piece of software to turn it to their advantage, says Lou Manousos, CEO of RiskIQ.
Dark Reading
DECEMBER 30, 2020
Global pandemic and the easy availability of for-hire services and inexpensive tool sets gave adversaries more opportunities to attack
Advertisement
Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. This eBook discusses a newly discovered information discipline and is filled to the brim with helpful information.
Security Affairs
DECEMBER 13, 2020
Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner.
Krebs on Security
DECEMBER 4, 2020
The U.S. Internal Revenue Service (IRS) said this week that beginning in 2021 it will allow all taxpayers to apply for an identity protection personal identification number (IP PIN), a single-use code designed to block identity thieves from falsely claiming a tax refund in your name.
IT Governance
DECEMBER 1, 2020
We recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can learn more about below.
111 
Let's personalize your content