News

iot internet of things chains security by mf3d getty
supply chain management connections - ERP - Enterprise Resource Planning

A gavel rests on open law book. [law / regulation / compliance / legal liability]

Defining data protection standards could be a hot topic in state legislation in 2021

Some states could follow the New York Shield Act’s lead and set clearer regulatory expectations for reasonable cybersecurity. Election security legislation likely not on the agenda.

leaking binary data pouring through one's hands

Intel SGX users need CPU microcode patch to block PLATYPUS secrets-leaking attack

Attackers could use the vulnerability to access encryption keys from the Linux kernel's memory or Intel SGX enclaves.

A group of anonymous hooded figures exist amid raining streams of binary code. [security threats]

Mercenary APT group CostaRicto hits organizations worldwide

This hacker-for-hire advanced persistent threat group uses its own custom malware and takes great effort to hide its activity.

California Consumer Privacy Act  / CCPA  >  State flag superimposed on map and satellite view

Passage of California privacy act could spur similar new regulations in other states

Voters approved the California Privacy Rights and Enforcement Act (CPRA), which in part limits how organizations can use personal data. Legal experts expect other states to follow suit.

human weak link cybersecurity primary

Supply chain attacks show why you should be wary of third-party providers

The weak link in your enterprise security might lie with partners and suppliers. Here’s how to understand and mitigate that risk.

Insider Pro | Computerworld  >  IT Salary Survey 2021

Take part in the 2021 IT Salary Survey

Whether you’re scouting out a new job or looking to fill a key IT role, access to salary data is an important tool. Help us help you by taking our 10-minute IT Salary Survey.

Ransomware  >  A masked criminal ransoms data for payment.

US Treasury Department ban on ransomware payments puts victims in tough position

The Treasury Department's advisory warns companies not to pay ransoms to sanctioned entities. The move complicates ransomware incident response and might encourage insurance carriers to drop ransomware coverage.

Russian hammer and sickle / binary code

US DOJ indictments might force Russian hacker group Sandworm to retool

Experts hope that indictments against six Russian military intelligence agents will make Russia rethink plans to disrupt the US election.

Election security  >  Backlit hand drops a vote in a ballot box with US flag + binary code overlay

Late-game election security: What to watch and watch out for

Despite disruption of the Trickbot botnet network, last-minute leaks of stolen documents and post-election undermining of trust in the election system remain big concerns.

Ransomware  >  A masked criminal ransoms data for payment.

Financial crime group FIN11 pivots to ransomware and stolen data extortion

FIN11, believed to be Russia-based, follows a trend of cybercriminal groups expanding their operations beyond financial crime.

One lock in a series is unlocked / weakness / vulnerability

Half of all virtual appliances have outdated software and serious vulnerabilities

New study shows that even security vendors can use outdated and vulnerable virtual appliances. Top advice: Make sure your vulnerability management processes include virtual appliances.

A man casts the shadow of an ominous hooded figure against a circuit-based wall.

Elusive hacker-for-hire group Bahamut linked to historical attack campaigns

The Bahamut group targets high-value victims and takes meticulous care with its own operational security.

Facebook / network connections / privacy / security / breach / wide-eyed fear

How SilentFade group steals millions from Facebook ad spend accounts

SilentFade steals credentials and ad spend account information and sells the information to other bad actors. The group returned with improved malware after Facebook's initial mitigation efforts.

Law enforcement coordination  >  A team of investigators collaborates. [detectives / FBI agents]

New FBI strategy seeks to disrupt threat actors, help defenders through better coordination

The FBI sharpens its focus on collaboration among US and foreign government agencies and the private sector. It will acting as a central hub to deal with cybersecurity threats.

Load More