A new exposé tracking how spyware has been used to target journalists and human rights advocates suggests attackers have been exploiting zero-day flaws in Apple applications and devices. Apple says the flaws, while serious, likely pose no risk to the vast majority of its users.
The central role of applications is such that they represent business-critical infrastructure and thus a prominent feature of
every company’s attack surface. For organizations that build and deploy internally developed applications, the accelerated
rate of innovation has challenged cybersecurity objectives,...
Cyberattackers used spyware from the Israeli firm Candiru to target at least 100 human rights defenders, dissidents, journalists and others across 10 countries, according to researchers at the University of Toronto’s Citizen Lab, which tracks illegal hacking and surveillance.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the challenges ahead for the new director of the U.S. Cybersecurity and Infrastructure Security Agency and vendor security risk management in the healthcare sector.
This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service business model; supply chain security management tips.
The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency.
The U.S. Department of State is now offering rewards of up to $10 million for information about cyberthreats to the nation's critical infrastructure. Meanwhile, the government has launched a StopRansomware website offering a central repository of resources.
A cybercrime forum seller advertised "a full dump of the popular DDoS-Guard online service" for sale, but the distributed denial-of-service defense provider, which has a history of defending notorious sites, has dismissed any claim it's been breached. What's the potential risk to its users?
Lt. Gen (retired) Rajesh Pant, the national cybersecurity coordinator at India's Prime Minister’s Office, explains in an interview why the government is requiring telecom service providers to only use equipment that’s been certified as trustworthy.
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.
Some security experts are questioning the findings of a recent report by the International Institute for Strategic Studies, a London-based think tank, that concludes China is 10 years behind the United States in "cyber capacity."
Newly uncovered malware dubbed "BioPass" is targeting clients of Chinese online gambling companies, Trend Micro says. The malware exploits popular livestreaming and video recording app Open Broadcaster Software Studio.
The Forrester Tech Tide is a report that examines the maturity of an ecosystem of technologies and helps organizations decide which technologies to invest in and when. A Forrester Tech Tide classifies software or hardware based on maturity and business value into one of the following categories: experiment, invest,...
Intelligence-Driven Threat Detection is Critical to Risk Mitigation and Management
Many organizations have invested in improving their threat detection capabilities over the past two years and express increased confidence in their ability to stop threats that have penetrated the network perimeter. However, these...