Our Full-Service B2B Marketing Program Delivers Sales-Ready E-Commerce Leads » Learn More
Welcome Guest | Sign In
ECommerceTimes.com
Researchers Track Linux Intrusions to Cryptojacking Gang
July 29, 2021
Bitdefender security researchers have uncovered a Romanian-based threat group active since at least last year targeting Linux-based machines with weak Secure Shell Protocol (SSH) credentials. The researchers discovered the group was deploying Monero mining malware used to steal cryptocurrency.
Salt Labs Launched To Heighten API Security Threat Awareness
July 22, 2021
Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vulnerabilities.
US, NATO Accuse China of Massive Microsoft Hack
July 20, 2021
In addition to its condemnation of China, the White House announced that the U.S. Justice Department has filed charges against four Ministry of State Security hackers allegedly engaged in a multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education and healthcare in a least a dozen countries.
Cybercriminals Employing Specialists To Maximize Ill-Gotten Gains
July 13, 2021
Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct, as the one-man show has given way to specialization.
Researchers Find Smart Devices Ripe for Hacker Attacks
July 7, 2021
Thousands of hacker attacks were launched on a network of smart home devices designed by researchers to assess the risk the gadgets pose to consumers. During the initial week the "honeypot" network was online, 1,017 unique scans or hacking attempts were directed at the devices on the net, which included smart TVs, printers, wireless security cameras and Wi-Fi kettles.
SolarWinds Hackers Still Targeting Microsoft, Focus on Support Staff
July 6, 2021
Microsoft recently disclosed that it too was no doubt a victim of the same Russian-based hacker gang responsible for the SolarWinds onslaught. As some of the details surrounding the cyberattack become known, the bleak disclosures might justifiably cause a sniffled gasp indicating that if Microsoft can be breached, what hope is left for everyone else?
SEC Reportedly Probing SolarWinds Breach
June 23, 2021
Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader stock market, so it makes sense that the SEC would pursue such a line of inquiry," said Oliver Tavakoli, CTO of Vectra AI.
Reports of TurboTax Breach Greatly Exaggerated
June 16, 2021
Reports of a data breach of TurboTax have been overblown, according to Intuit which owns the tax preparation platform. Several news outlets recently reported that an unspecified number of TurboTax accounts were compromised in a wave of credential stuffing attacks. Those kinds of attacks exploit credentials stolen from other websites and reused at the TurboTax site.
New Report Profiles Ransomware Cybergangs
May 21, 2021
That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at least 290 new victims fo far this year. The combined spoils tallied potentially $45 million for the hackers.
Dissecting the Colonial Pipeline Incident
May 20, 2021
IT experts at the hacked Colonial Pipeline did a good job in mitigating the May 7 cyberattack and successfully stopped it when discovered by shutting down the network. But the attack was mostly invisible in the weeks-long initial stages, according to a briefing NTT Security executives conducted Tuesday.
Research Exposes 10 Common Threats Vexing Cloud Customers
May 19, 2021
New research by threat detection and response firm Vectra AI shows that the most common threats to corporate networks remain consistent throughout all companies -- regardless of their size. Researchers calculated the relative frequency of threat detections that were triggered during a three-month span. The results detail the top 10 threat detections that customers receive by relative frequency.
Mobile Devices Under Siege by Cyberattackers
May 18, 2021
Cybercriminals are deliberately targeting phones, tablets, and Chromebooks to increase their odds of finding a vulnerable entry point. The Financial Services Threat Report from Lookout disclosed that 20 percent of mobile banking customers had a trojanized app on their devices when trying to sign into their personal mobile banking account.
Alliances Formed to Plug Security Holes in the IoT
May 13, 2021
Advancements in 5G connectivity and accelerated digital transformation of business operations creates heightened risk and expanded attack surfaces for security teams to harden and protect. Now, efforts by several internet industry groups are focused on new measures to fix inherent security weaknesses with the rapidly expanded use of IoT devices for enterprises and consumers.
Two-Thirds of CISOs Admit They're Not Ready to Face a Cyberattack
May 12, 2021
The 2021 edition of Proofpoint's Voice of the CISO report -- based on a survey of more than 1,400 CISOs in 14 countries -- found 66 percent of the executives acknowledged their organizations were unprepared to handle a targeted cyberattack this year. In addition, more than half the CISOs admitted they are more concerned about the repercussions from a cyberattack this year than they were in 2020.
Outdated Windows Users Flout Computing Safety
May 4, 2021
A recent study by Kaspersky revealed that nearly one quarter of PCs still run Microsoft Windows 7, which stopped receiving mainstream support in January 2020. Using an end-of-life operating system that no longer receives security updates is akin to driving a car with a brake light on, suggested Oliver Tavakoli, CTO at Vectra AI.
Microsoft, Intel Team Up to Clamp Down on Cryptominers
April 28, 2021
As cryptocurrency values continue to rise, cryptojacking becomes more attractive to cybercriminals. Now, a powerful hardware-based threat detection technology is being integrated into a Microsoft enterprise security product to help protect businesses from cryptojacking malware. The action integrates Intel Threat Detection Technology with Microsoft Defender for Endpoint.
How Fixable Is the Unsafe Internet?
April 15, 2021
A recent study from Consumer Reports' Digital Lab reveals that 96 percent of Americans agree that more should be done to protect consumer privacy. But don't expect to see a whole new alternative Internet emerging any year soon. Instead, you will see a focus on software offerings built around privacy and security rather than hardware.
DNS Flaws Expose Millions of IoT Devices to Hacker Threats
April 14, 2021
A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.
Fortune 500s Hit by MS Exchange Breach Maybe Still Unaware
April 13, 2021
Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.
Intrigue Funded to Develop New Attack Surface Management Platform
April 13, 2021
Startup information security firm Intrigue has announced a US$2 million seed round led by LiveOak Venture Partners for a new attack service management platform that helps secure enterprise networks. The Intrigue tools scan all public, exposed attack surfaces inside and outside a company. The seed funding will also support the security and developer communities contributing to Intrigue Core.
Fraud Awareness Kit Puts Businesses on Notice: It's Tax Scam Season
April 7, 2021
Businesses fearful their workers may be targeted by fraudsters will want to take a look at the free Tax Scam Awareness Kit offered by Proofpoint. The kit, for both Windows and macOS, includes materials for an employee education campaign about tax fraud, three educational videos, an infographic, answers to frequently asked questions about tax scams, and a tax scam flyer.
Hacker Recycles Data on Half a Billion Facebook Users
April 6, 2021
A rich cache of data on some 533 million Facebook users was posted to a hacker forum over the weekend and is available to download for practically free. In a statement provided to TechNewsWorld by Facebook, the company said it is confident the posted information is old data that originated from a weakness in its contact importer feature that was discovered and fixed in August 2019.
Cybersecurity Fears Trigger Migration From the Public Cloud
March 26, 2021
Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.
Advance Strategies to Eliminate E-Commerce Chargebacks
March 19, 2021
Half of consumers who originally planned to return to their pre-pandemic in-store shopping routines once coronavirus is under control now plan to stick with online shopping. That shift in preferences means that e-commerce merchants must keep up with trending ways to market, sell, and prevent fraud. Let's look at a few of the most important developments and see where they're going.
Young Adults, Seniors Over 75 Most Susceptible to Cyber Fraud: Report
March 18, 2021
The most vulnerable cybercrime victims are young adults and adults over 75, according to the latest research revealed in the LexisNexis Risk Solutions biannual Cybercrime Report. The report reveals how unprecedented global change in 2020 created new opportunities for cybercriminals around the world, particularly as they targeted new users of online channels.
New Threat Report Finds Email Prime Vehicle for Malware
March 16, 2021
Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets' inboxes, many times evading measures at email gateways to filter out the infected correspondence.
Microsoft Confident Exchange Hack Is State-Sponsored Operation
March 10, 2021
Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.
Successful Phishers Make Slim Gains in 2020
February 24, 2021
Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.
Lessons Learned From the SolarWinds Supply Chain Hack
February 23, 2021
In a recent Linux Foundation blog post titled "Preventing Supply Chain Attacks like SolarWinds," the foundation's Director of Open Source Supply Chain Security, David A. Wheeler, adamantly pushed the need for software developers to embrace the LF's security recommendations. Given the magnitude of the SolarWinds hack, LinuxInsider asked Wheeler to dive deeper into how supply chain security standards might benefit from the LF's latest advice.
Silver Sparrow Malware Hatched on 30,000 Macs
February 23, 2021
Nearly 30,000 Macs have been infected with a new malware strain. Discovered by researchers at Red Canary, the malware has been sitting on it hosts waiting for a payload that never arrived. In a statement provided to TechNewsWorld, Apple said that upon discovering the malware, it revoked the certificates of the developer accounts used to sign the packages, preventing new machines from being infected.
See More Articles in Cybersecurity Section >>
Given the spread of the Covid-19 Delta variant, if my employer requires me to return to the company's location in 2021, I will...
Agree because I'm fully vaccinated.
Agree if the company institutes a mandatory mask requirement and other safety protocols.
Comply reluctantly, because I can't afford to lose my job, but start looking for different employment.
Resign immediately so I can dedicate all of my time to find a job I feel is safer.
Resign because I'm not vaccinated and don't want to risk infection to myself or others.