Will recent U.S. indictments of several alleged Iranian hackers - as well as government sanctions against an APT group - have a deterrent effect? Security experts share their opinions on the impact of these actions.
The latest edition of the ISMG Security Report analyzes whether a leaked database compiled by a Chinese company should be a cause for serious concern. Also featured are discussions on vulnerability disclosure challenges and risks posed by using social media apps for payments.
The U.S. Treasury Department on Thursday imposed sanctions on an Iranian advanced persistent threat group, 45 associated individuals and a front company the Iranian government allegedly used to run a years-long malware campaign that targeted Iranian dissidents, journalists and others.
Two Iranian nationals have been charged with participating in a years-long hacking campaign that targeted vulnerable networks in the U.S., Europe and the Middle East to steal "hundreds of terabytes" of data, according to the U.S. Department of Justice.
Federal prosecutors have unsealed indictments charging five Chinese suspects - alleged members of the China-linked APT41 hacking group - with breaching more than 100 companies, government agencies and other organizations around the world.
National Guard units are commonly called up to help deal with the aftermath of a natural disaster. And they played a role in responding to the COVID-19 pandemic and civil unrest. But some states are now calling out the National Guard to help safeguard elections from online attacks and interference.
Russian, Chinese and Iranian hackers are targeting organizations and individuals associated with the Republican and Democratic U.S. presidential campaigns, Microsoft reports, noting that the majority of the attacks appear to have been blocked.
So-called "cybersquatting" attacks are surging, with financial and e-commerce websites - including those of PayPal, Royal Bank of Canada, Bank of America and Amazon - among the most frequent targets, according to Palo Alto Networks' Unit 42.
News that a malware-wielding gang of Russians targeted Tesla by attempting to work with an insider should have all organizations asking: What would happen if extortionists attempted to bribe one of our employees to install malicious code designed to steal corporate secrets for ransom?
Political campaigns are at risk from nation-state actors and other hackers seeking to exploit network vulnerabilities and create backdoors to access sensitive data that can be used to undermine the November election, says retired Brigadier General Francis X. Taylor, executive director of U.S. CyberDome.
The Senate Intelligence Committee Tuesday released its fifth and final report on Russia's attempts to influence the 2016 election, providing more details on how Russian hackers resided on Democratic National Commitee servers for months and citing shortcomings in the FBI's investigation.
State and local governments are better equipped to ensure election security than they were four years ago, says Christopher Krebs, director of CISA, who calls on election officials to serve as "risk managers." His comments came at ISMG's Cybersecurity Virtual Summit.
An alert from U.S. National Security Agency and the FBI warns of a recently discovered Russian-deployed malware variant called Drovorub that's designed to target Linux systems, creating a backdoor into targeted networks to exfiltrate data.
Since 2018, an advanced persistent threat group dubbed RedCurl, which has served as a team of for-hire hackers specializing in corporate espionage, has hit at least 14 targets in Canada, Russia, the U.K. and beyond, says cybersecurity firm Group-IB.
The Domain Name System, which is at the heart of the internet, is a rich source of data that can help organizations defend themselves against cybercrime. DNS pioneer Paul Vixie says monitoring DNS traffic is crucial, and it's advisable to run your own recursive resolver.