The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.
Security researchers at AT&T Alien Labs say they've discovered a cluster of Linux ELF executables, identified as modifications of the open-source PRISM backdoor, that attackers have been using in several campaigns for more than three years.
Microsoft security researchers say the operators of the well-established Mozi IoT botnet have upgraded the malware, enabling it to achieve persistence on network gateways manufactured by Netgear, Huawei and ZTE.
Richard Harrison, CISO at healthAlliance in New Zealand, is focused on visibility and "security by design" from initiation through design-build-operate process, to achieve excellence in security operations
Initial access brokers continue to sell easy access to networks. Given the uptake of such access by ransomware operations over the past year, one surprise is that relatively few individuals appear to be serving as brokers, which, of course, makes them an obvious target for law enforcement authorities.
The notorious AlphaBay darknet marketplace appears to be getting rebooted by "DeSnake," who claims to have been the security administrator for the previous iteration, which law enforcement officials took down in 2017. Whether buyers and sellers will trust it, or the site will survive any takedown efforts, remains to...
The rise of ransomware as a criminal moneymaking powerhouse parallels the services offered by initial access brokers, who continue to offer affordable access to victims' networks - often via brute-forced remote desktop protocol or VPN credentials - to help attackers hit more targets in search of larger profits.
Researchers at Group-IB say Chinese threat actors apparently were responsible for an attack on Russian federal executive authorities in 2020. Meanwhile, Positive Technologies reports that Chinese hacking group APT31 is now using a new dropper to infect Russian systems with malware.
The new BlackMatter Russian-speaking ransomware-as-a-service group, which announced its launch last month, has created a Linux version of its malware designed to target VMware's ESXi servers hosting virtual machines, according to MalwareHunterTeam.
The decision by the Russian-speaking darknet forums XSS and Exploit to ban all chatter relating to ransomware attacks has had a limited impact on cyber gangs' ability to communicate, according to the threat intelligence firm Digital Shadows.
The U.S. Cybersecurity and Infrastructure Security Agency is creating the Joint Cyber Defense Collaborative to build a national cybersecurity defense strategy based on collaboration between the public and private sectors, CISA Director Jen Easterly said at the Black Hat 2021 conference Thursday.
While security operations is a high priority, many organizations continue to struggle to keep up with the scale and scope of the tasks at hand. This is because security operations are often hamstrung by organizations’ reliance on an overabundance of point tools and manual processes, as well as a shortage of advanced...