An ongoing spear-phishing campaign is spoofing the official Microsoft.com domain name and targeting users of the company's Office 365 suite, according to security firm Ironscales. Fraudsters are likely using these attacks to harvest credentials.
President Donald Trump on Friday signed into law the Internet of Things Cybersecurity Improvement Act of 2020, the first U.S. federal law addressing IoT security. The act requires federal agencies to only procure devices that meet minimum cybersecurity standards.
Knowing your customer has become of more a challenge in a world where in-person interaction has become scarce. Andrew Bud of iProov discusses how identity proofing is evolving to meet the challenge.
A critical component within millions of consumer and enterprise IoT devices has dangerous software flaws. New research from Forescout Technologies into open-source TCP-IP stacks shows millions of devices from 150 vendors are likely vulnerable.
Are insurers getting cold feet over covering losses to ransomware? With claims due to ransomware skyrocketing, some insurers have reportedly been revising offerings to make it tougher for companies to claim for some types of cybercrime, including extortion.
In this new era, every enterprise is suddenly "cloud first." But there are significant data security gaps to avoid before putting critical data in the cloud. Imperva's Terry Ray shares strategies to maximize simplicity and regulatory compliance.
Hackers with possible links to Iran appear to have breached an unprotected human-machine interface system at an Israeli water reservoir that connected directly to the internet. The system appeared to lack security protocols, according to researchers with Otorio.
The U.S. National Security Agency is warning that Russian state-sponsored threat actors are attempting to exploit a known vulnerability in several VMware products, according to an alert. Federal agencies are urged to apply fixes as soon as possible.
Ransomware innovation seems to know no bounds, as crime gangs seek new ways to make crypto-locking malware ever more profitable. Beyond data-leak sites and affiliate programs, gangs have also been using call centers to cold-call victims, tell them they've been hit by ransomware and request payment.
Dutch HR firm Randstad and the public transportation agency of Vancouver, Canada, are continuing to recover from ransomware attacks. Both incidents appear to have involved Egregor ransomware, with Randstad reporting that data was exfiltrated and is now being leaked by attackers to try and force payment.
A source code flaw in the Google Play store platform could enable attackers to perform remote code execution for credential theft on several prominent apps, a new report by security firm Check Point Research finds.
No doubt, cloud services providers such as Microsoft Azure have been big beneficiaries of 2020's accelerated digital transformation. But in the rush to enjoy cloud efficiencies, enterprise don't need to compromise on market-leading security expertise and tools, says Daniel Schrader of Fortinet.
By consolidating data from different sources, XDR positions itself as an attack-centric tool and not a role-centric tool, which Prateek Bhajanka, senior principal analyst at Gartner, says helps it to detect attacks from anywhere.
Enterprises should have an incident response plan with a continuous monitoring threat intelligence sharing mechanism to help protect critical infrastructure from nation-state attacks, says Jayesh Ranjan, principal secretary-IT, government of Telangana
Networks are fundamentally changing as a result of data being used across cloud environments. So security must be built into networks to improve mitigation of cyberthreats, says Nick Savvides, senior director of strategic business, APAC, at Forcepoint.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.