A recently uncovered Linux malware variant dubbed "CDRThief" is targeting VoIP networks to steal phone metadata, such as caller IP addresses, ESET reports. The malware appears to be designed for cyberespionage or fraud.
In the face of growing cybersecurity threats, it is increasingly important to measure the cost and concentration of "exposure." Having an accurate view of the resilience of organizations and industries against cyber-attacks can help target efforts to reduce exposure to the sectors that need it most and enhance...
Endpoint devices have multiplied exponentially across the enterprise landscape in 2020 - and so have endpoint security challenges. Following a recent virtual roundtable discussion of the topic, Kaspersky's Dipesh Kaura weighs in on how to improve endpoint detection and response.
The latest edition of the ISMG Security Report analyzes why ransomware gangs continue to see bigger payoffs from their ransom-paying victims. Also featured: Lessons learned from Twitter hacking response; security flaw in Amazon's Alexa.
Researchers at Check Point developed a one-click attack against Amazon's popular voice-controlled assistant Alexa that could reveal a user's voice history or personal information. Amazon has fixed the web application security flaws but says Check Point's demo video is misleading.
Download this report to find out how: A single-site proof-of-concept quickly led to a full roll-out across 36 power stations; trust power gained visibility and dramatically improved their security posture and the rugged solution empowered the company to monitor its operational environments.
High-wattage IoT devices and appliances, such as connected refrigerators, air conditioners and heaters, could be turned into massive botnets by malicious actors and used to influence energy prices, according to an academic study released at Black Hat 2020.
The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.
A security researcher says voting equipment in the U.S. is still riddled with security flaws that opportunistic foreign adversaries could use to pose a threat to the November election. Meanwhile, the director of CISA calls Russian ransomware attacks one of the biggest threats to the election.
Garmin, a fitness tracker and navigation device firm, apparently paid a ransom to recover from a July 23 security incident that encrypted several of its systems, according to two news reports as well as expert analysis. The company says it's still experiencing 'temporary limitations" on services.
It's a new and permanent extended enterprise, as cybersecurity leaders budget for 2021. What are the top threats and vulnerabilities? How have enterprises hardened their endpoint defenses? Stacia Tympanick of VMWare Carbon Black previews a new virtual roundtable.
Is Microsoft coming to TikTok's rescue? It appears that's a very strong possibility following President Donald Trump's threat Friday to ban the app in the U.S. Microsoft hasn't committed to buying part of TikTok, but says if it did, it would bring the popular app world-class security and privacy protections.
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
The speed at which IoT is enabling innovation is far outpacing the ability of the security custodians to implement appropriate controls before these devices hit the market. That creates a classic target-rich environment for the bad guys - one that will require vigorous defense and oversight.
Garmin has acknowledged that a hack attack that encrypted several of its systems led to outages that affected several of the company's fitness and aviation products along with knocking its homepage and customer service centers offline. As of Monday, several affected services were again operating.