On September 20, 2018, the White House released a new cybersecurity strategy with several important changes in direction meant to give government agencies and law enforcement partners a greater ability to respond to cybercrime and nation-state attacks. The new U.S. cyber strategy makes one message clear: America will not sit back and watch when attacked in… Read more

Businesses worldwide face a sense of creeping dread and imminent disruption due to the threat of cybercrime. Nowadays, they are more prone than ever to terrors such as malware hijacking browsers to sniff or intercept application authentication credentials. Then there are the strains of malware that target financial logins to… Read more

The story of nearly every notable data breach in recent memory begins in pretty much the same way: Once upon a time, someone got spear phished… Whether it’s a government agency or a Fortune 500 company, spear phishing is a serious threat, with losses topping $675 million in 2017 in the US alone. The phishing… Read more

Lurking on the Dark Web are threat actors seeking help for a range of illegal activities, from malware attacks to insurance fraud to murder. When they need a new hire, they post virtual ads, vaguely describing the role while offering the most money for jobs with the greatest risk. It’s… Read more

There is a broad spectrum of cybersecurity preparedness on the enterprise landscape, but even organizations that are relatively well-resourced and committed to cybersecurity stand to benefit from cybersecurity audits. Recent audit findings revealed gaps in the Washington Metropolitan Area Transit Authority’s cybersecurity posture, while deficiencies were similarly pinpointed in an audit of the… Read more

Digital transformations could expose your organization to a greater risk of costly cyberattacks, according to a joint study from ESI ThoughtLab, WSJ Pro Cybersecurity, Security Industry Association, and other organizations. The study surveyed 1,300 companies and found that those whose digital transformations surpass their cybersecurity practices are likely to see a loss… Read more

It can seem as if no corporate meeting is complete until someone says the word “collaboration.”  And for good reason: Use of collaboration tools is spreading to keep up with the phrase’s ubiquity, with the global collaboration tool market projected to reach nearly $10 billion by 2021. But before an IT group blithely answers… Read more

New data shows that the U.S. public is surprisingly forgiving despite data breaches and controversies as long as companies demonstrate good faith. Consumer Attitudes Toward Data Privacy and Security Survey by Janrain also found that 42 percent of U.S. consumers surveyed report at least being open to forgiving the brand, while… Read more

ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in preparation for future cyber-sabotage attacks. BlackEnergy has been terrorizing Ukraine for years and rose to prominence in December 2015 when they caused a blackout… Read more

A security researcher from Colombia has found a way of gaining admin rights and boot persistence on Windows PCs that’s simple to execute and hard to stop –all the features that hackers and malware authors are looking for from an exploitation technique. What’s more surprising, is that the technique was… Read more

The global shortage of cybersecurity experts has reached 2.93 million, posing a growing risk to businesses worldwide struggling to find, hire, and retain skilled employees to maximize their defenses. According to the new (ISC)² 2018 Cybersecurity Workforce Study published today, the shortage is greatest in Asia Pacific, which lacks 2.14M… Read more

Cybersecurity researchers from McAfee’s Advanced Threat Research team have discovered a new campaign which focuses on cyberespionage and data reconnaissance. South Korea appears to be the primary target of the campaign, dubbed “Operation Oceansalt,” with five attack waves launched in May against organizations in the country. The group uses a data reconnaissance… Read more

Small businesses in the UK are the target of an estimated 65,000 attempted cyber attacks each day, according to figures released by Hiscox to help raise awareness of the prevalence of cyber crime. Cyber security incidents cost the average small business £25,700 (over $33,700) last year in direct costs, including… Read more

Group-IB has estimated that cryptocurrency exchanges suffered a total loss of $882 million due to targeted attacks in 2017 and in the first three quarters of 2018. According to Group-IB experts, at least 14 crypto exchanges were hacked. Five attacks have been linked to North Korean hackers from Lazarus state-sponsored group, including… Read more

A new SEO poisoning campaign has been discovered that is targeting keywords associated with the U.S. midterm elections. SEO poisoning is when attackers create malicious sites or hack legitimate ones in order to generate pages that promote certain keywords. These pages are then linked together between a large amount of… Read more