To help prevent and defend against emerging cyberthreats, CISOs must develop a multi-line defense strategy and invest in threat-hunting capabilities and orchestration, a panel of cybersecurity experts advises.
A Swiss national who recently highlighted flaws in Verkada surveillance cameras has been charged with criminal hacking by a U.S. federal grand jury and accused of illegally accessing and leaking data from numerous organizations, apparently including Intel, Nissan and the U.S. National Reconnaissance Office.
Researchers with the Wordfence Threat Intelligence team at WordPress security firm Defiant Inc. discovered vulnerabilities in Tutor LMS, a learning management WordPress plug-in installed on over 20,000 sites. The flaws have been patched.
Citing national security concerns, the Federal Communications Commission is moving forward with legal proceedings to ban three Chinese-owned companies from providing telecommunications services in the U.S.
University researchers have tested a new browser-based side-channel attack technique that uses only HTML and CSS and works even if JavaScript is disabled. They shared their findings with browser providers and tech firms.
From Thursday through Monday, Check Point Research tracked a tenfold increase in the number of global attempts to exploit vulnerable on-premises Microsoft Exchange servers as organizations race to install patches.
Microsoft has released an interim mitigation tool designed to help smaller organizations take quick action to prevent attacks that exploit the unpatched ProxyLogon flaw in on-premises Microsoft Exchange servers.
Attackers wielding DearCry - aka DoejoCrypt - ransomware have begun to exploit the serious proxy-logon flaw in unpatched versions of Microsoft Exchange running on premises. The vulnerability is one of four zero-day flaws patched last week by Microsoft, which APT attackers began exploiting in January.
John Matherly, founder of Shodan, a search engine that can find devices connected to the internet using a variety of filters, explains why some cyber insurers and companies considering mergers and acquisitions are using the search engine to probe for network vulnerabilities.
Tales of poorly secured internet-connected cameras come along regularly. But the latest installment seems especially egregious because it involves Verkada, a widely used "surveillance camera as a service" startup, and led to remote hackers being able to spy on customers via their own cameras.
The $1.9 trillion economic relief package known as the American Rescue Plan, which the House approved Wednesday and President Biden signed Thursday afternoon, includes about $2 billion for cybersecurity and IT modernization, rather than the $10 billion the president originally proposed.
Microsoft's rerelease on Patch Tuesday of the seven patches for the widely exploited Exchange vulnerabilities has given security experts a chance to reiterate the urgent need to install these and other critical security updates.
The 2021 PwC Global Digital Trust Insights survey shows 96% of businesses will adjust their cybersecurity strategies as a result of the COVID-19 pandemic. Joe Nocera and Vikas Agarwal of PwC offer an analysis.
Microsoft is warning users of its Azure cloud platform that hackers are using several "living off the land" attack techniques to evade security measures, escalate privileges and deploy cryptominers. The software giant released a threat detection and mitigation strategy for the platform.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.asia, you agree to our use of cookies.
