Threats
Stay informed on the latest cybersecurity threats and news to better protect your data, networks, applications, and devices. Our coverage includes emerging vulnerabilities, evolving attack techniques, and the latest security breaches to help you understand and mitigate risks.
-
WannaCry Ransomware Hits U.S. Critical Infrastructure
A Department of Homeland Security official told Reuters earlier this week that some U.S. critical infrastructure operators have been affected by the recent WannaCry ransomware campaign. The official didn’t provide any further information, except to say that there have been no victims of the cyber attack within the U.S. federal government. Dragos CEO Robert M.…
-
Massive Ransomware Outbreak Spreads to 74 Countries
On Friday, a version of the WannaCry ransomware hit tens of thousands of computers in 74 countries worldwide in a matter of hours, according to Kaspersky researchers. “It’s important to note that our visibility may be limited and incomplete and the range of targets and victims is likely much, much higher,” the researchers noted. MalwareTech…
-
Hajime Malware Infects Tens of Thousands of IoT Devices
The Hajime malware family, which was first uncovered [PDF] by Rapidity Networks researchers last fall, is increasingly competing with the Mirai botnet to infect Internet of Things (IoT) devices. “Unlike Mirai, which uses hardcoded addresses for its command and control (C&C) server, Hajime is built on a peer-to-peer network,” Symantec senior threat researcher Waylon…
-
Cyber Insurance: Insuring Your Data When Protecting It Fails
Can your company afford to lose $4 million? According to Ponemon Institute’s 2016 Cost of a Data Breach Study, that’s the consolidated cost of the average data breach. Even the smallest companies have to pay up after a cyberattack, and every compromised record containing sensitive or personal information costs a company about $158. That adds…
-
Beware of Sleeper Fraud Accounts
Attackers often create new accounts in order to commit fraud, but how long does it take from the time the account is created until fraud is attempted? That’s one of the many questions about fraud that a new report from fraud detection firm Datavisor aims to help answer. The Inaugural DataVisor Online Fraud report is…
-
How Much Is a Google Remote Code Execution Vulnerability Worth?
Since 2010 when it first began its bug bounty program, Google has been one of the most transparent companies when it comes to revealing how much it will pay security researchers for a given vulnerability. The Google Vulnerability Reward Program (VRP) has also consistently increased the amounts it pays out to researchers for different classes…
-
Common Types of Ransomware
Ransomware is a huge and growing problem for businesses, and organizations of all sizes need to devote considerable resources to preventing infections or recovering their data if they fall victim to a ransomware attack. It’s a problem that shows no signs of going away. That’s because ransomware is easy to produce, difficult to defend against,…
-
Fully 84 Percent of Hackers Leverage Social Engineering in Cyber Attacks
A recent Nuix survey of 70 hackers at DEFCON 2016 found that 84 percent of respondents use social engineering as part of their attack strategy, and 50 percent change their attack methodologies with every target. When asked why they change attack methodologies, 56 percent said they do so to learn new techniques. Just 5 percent…
-
How to Hire an Ethical Hacker
By Ryan O’Leary, WhiteHat Security If your company develops web applications, I hope you aren’t the nervous sort when I tell you that your website is most likely being targeted for hacking as you read this. If you’re a security manager, it really shouldn’t come as a surprise, though. Web apps are the most exploited…
