A misconfigured Microsoft Azure Blob cloud storage server used by Maruti Suzuki, an automobile manufacturer in India, exposed investors' personal and financial data online, according to a security researcher.
The operators behind the Ryuk strain of malware are increasingly relying on a malware-as-a-service tool - the Buer loader - to deliver the malware, rather than botnets such as Trickbot and Emotet, the security firm Sophos reports.
So far, much of the discussion about 5G security has focused on avoiding the use of technology from Chinese manufacturers, including Huawei and ZTE. But security experts are increasingly concerned that 5G network and device providers rushing products to market aren't devoting enough attention to security.
FBI agent Elvis Chan has dedicated the past four years to ensuring U.S. election security. With the Nov. 3 election less than a week away, he opens up on concerns about Russian, Chinese and Iranian interference and threats he'll be watching before and after the vote.
The imperative for CISOs during the COVID-19 pandemic is to do more with less. While disruptive attacks - as well as privacy concerns - keep rising, budgets are down. As organizations rapidly adopt new technologies, however, EY's Kris Lovejoy says CISOs must seize the opportunity to streamline.
Even if a company has no operations in the U.S., it should follow the compliance guidance offered by the U.S. Department of Justice in June, says Benjamin Haley, partner at Covington & Burling LLP, an international law firm.
A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it's operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab.
Security researchers at Imperva have uncovered a botnet that attacks vulnerabilities in websites' underlying content management systems and then uses these compromised servers to mine for cryptocurrency or send spam to more victims.
U.S. intelligence officials say a Russia-backed hacking group has compromised some state and local government computer systems since at least September and exfiltrated data. So far, however, the attackers do not appear to have attempted to otherwise interfere with or disrupt those networks.
Researchers have uncovered a fresh phishing campaign that mimics the automated messages of the popular business communication platform Microsoft Teams in an attempt to harvest users' Office 365 login credentials.
The operators behind the LockBit ransomware strain use automation tools and techniques that help the malware quickly spread through a compromised network and also assist in picking specific targets, according to Sophos.