News Analyses
![Security threat [illustration] > A hacker with black hat, mask, and crowbar breaks into a laptop.](https://images.idgesg.net/images/article/2021/06/hacker_hackingsecurity_threat_crime_criminal_with_black_hat_mask_and_crowbar_breaks_into_a_laptop_by_drdrawer_shutterstock_1364574311_royalty-free_digital-only_2400x1600-100890822-medium.3x2.jpg?auto=webp&quality=85,70)
16 Wall Street firms fined $1.8B for using private text apps, lying about it
The banks and brokerages were fined because employees were messaging and texting with clients without recording the communications, as required. And some of the firms' execs lied about it and deleted messages.
Zoho ManageEngine flaw is actively exploited, CISA warns
Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments.
![Tech Spotlight > Analytics [CSO] > An image of a bottle of poison emanating binary code.](https://images.idgesg.net/images/article/2021/04/spot_analytics_04_cso_bottle_of_poison_by_arek_socha_aka_qimono_cc0-like_via_pixabay_binary_spiral_by_gordon_johnson_aka_gdj_cc0-like_via_pixabay_3x2_2400x1600_hero-100884335-small.3x2.jpg?auto=webp&quality=85,70)
SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware
The sophisticated campaign sends victims looking for business forms and templates to sites containing malicious files.
Ransomware operators might be dropping file encryption in favor of corrupting files
Corrupting files is faster, cheaper, and less likely to be stopped by endpoint protection tools than encrypting them.
Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security
Palo Alto Networks has added a new SCA solution to Prisma Cloud to help developers safely use open-source software components. The vendor has also introduced a software bill of materials.
International cooperation is key to fighting threat actors and cybercrime
Western intelligence and national security leaders emphasize the importance of collaborating to better prepare and respond to cybersecurity threats.
US OMB releases guidance on federal agency software security requirements
The guidance aims to improve the security of software federal agencies use, but expects self-attestation for compliance.
US government indicts Iranian nationals for ransomware and other cybercrimes
The Department of Justice and FBI claim three Iranian citizens conducted a global cybercrime operation while separately the US Treasury sanctions Iran.
Russia’s cyber future connected at the waist to Soviet military industrial complex
New research raises questions about whether Russia's cyber warefare operations are up to modern day challenges.
![CSO: Have you met these hackers? [slide 04]](https://images.idgesg.net/images/article/2018/04/cso_ss_hacker_types_slide_04_spy_by_david_sinclair_cc0_via_unsplash__binary_code_by_gettyimages_petmal-100755728-small.3x2.jpg?auto=webp&quality=85,70)
Iranian cyberspies use multi-persona impersonation in phishing threads
Iran-sponsored groups use fake personas of real people to add credibility to phishing emails designed to deliver malware through remote template injection.
U.S. government offensive cybersecurity actions tied to defensive demands
Current and former U.S. government officials explain the country's "defense forward" and offensive cybersecurity policies and their risks.
CISA launches incident, ransomware reporting rulemaking RFI
The U.S. Cybersecurity and Infrastructure Security Agency seeks input on a common set of cybersecurity incident reporting regulations.
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset
Lazarus has used the new remote access Trojan in campaigns that exploit the Log4Shell vulnerability and target energy companies.
Apple pushes out emergency updates to address zero-day exploits
Apple has encouraged users of older mobile and desktop devices to update their software ASAP, as a vulnerability could allow an attacker to take complete control of older Apple devices.
Ragnar Locker continues trend of ransomware targeting energy sector
Ransomware gangs seem to be exploiting concerns over disruptions in the energy and other critical infrastructure sectors.
Dashlane launches integrated passkey support for password manager with new in-browser passkey solution
Dashlane's passkey support allows users to authenticate to their password vaults without a password.
Nvidia partners with Dell and VMware for faster AI systems
New vSphere paired with Nvidia DPUs will speed up data center performance.
FTC files lawsuit against Kochava for harvesting and selling geolocation data
The lawsuit claims the data broker is putting people at risk of "stigma, stalking, discrimination, job loss, and even physical violence” through the sale of geolocation data.
Most Popular
BrandPosts
Learn more-
Sponsored by Juniper Networks
-
Sponsored by Devo
-
Sponsored by Microsoft Security