Our Full-Service B2B Marketing Program Delivers Sales-Ready E-Commerce Leads » Learn More
Welcome Guest | Sign In
ECommerceTimes.com
Stale Open Source Code Rampant in Commercial Software: Report
June 1, 2021
Organizations, regardless of industry, must do a better job maintaining open source components given their critical nature in software, according to this year's risk analysis report by cybersecurity firm Synopsys.
New Report Profiles Ransomware Cybergangs
May 21, 2021
That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at least 290 new victims fo far this year. The combined spoils tallied potentially $45 million for the hackers.
Research Exposes 10 Common Threats Vexing Cloud Customers
May 19, 2021
New research by threat detection and response firm Vectra AI shows that the most common threats to corporate networks remain consistent throughout all companies -- regardless of their size. Researchers calculated the relative frequency of threat detections that were triggered during a three-month span. The results detail the top 10 threat detections that customers receive by relative frequency.
Mobile Devices Under Siege by Cyberattackers
May 18, 2021
Cybercriminals are deliberately targeting phones, tablets, and Chromebooks to increase their odds of finding a vulnerable entry point. The Financial Services Threat Report from Lookout disclosed that 20 percent of mobile banking customers had a trojanized app on their devices when trying to sign into their personal mobile banking account.
Alliances Formed to Plug Security Holes in the IoT
May 13, 2021
Advancements in 5G connectivity and accelerated digital transformation of business operations creates heightened risk and expanded attack surfaces for security teams to harden and protect. Now, efforts by several internet industry groups are focused on new measures to fix inherent security weaknesses with the rapidly expanded use of IoT devices for enterprises and consumers.
Two-Thirds of CISOs Admit They're Not Ready to Face a Cyberattack
May 12, 2021
The 2021 edition of Proofpoint's Voice of the CISO report -- based on a survey of more than 1,400 CISOs in 14 countries -- found 66 percent of the executives acknowledged their organizations were unprepared to handle a targeted cyberattack this year. In addition, more than half the CISOs admitted they are more concerned about the repercussions from a cyberattack this year than they were in 2020.
Cybercops Scrub Botnet Software From Millions of Computers
April 27, 2021
The notorious Emotet botnet software began uninstalling itself from some one million computers Sunday. The uninstall command was part of an update sent to the infected computers by law enforcement servers in the Netherlands after Emotet's infrastructure was compromised in January during a multinational operation mounted by eight nations.
DNS Flaws Expose Millions of IoT Devices to Hacker Threats
April 14, 2021
A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.
Fortune 500s Hit by MS Exchange Breach Maybe Still Unaware
April 13, 2021
Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.
Intrigue Funded to Develop New Attack Surface Management Platform
April 13, 2021
Startup information security firm Intrigue has announced a US$2 million seed round led by LiveOak Venture Partners for a new attack service management platform that helps secure enterprise networks. The Intrigue tools scan all public, exposed attack surfaces inside and outside a company. The seed funding will also support the security and developer communities contributing to Intrigue Core.
Cybersecurity Fears Trigger Migration From the Public Cloud
March 26, 2021
Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.
Advance Strategies to Eliminate E-Commerce Chargebacks
March 19, 2021
Half of consumers who originally planned to return to their pre-pandemic in-store shopping routines once coronavirus is under control now plan to stick with online shopping. That shift in preferences means that e-commerce merchants must keep up with trending ways to market, sell, and prevent fraud. Let's look at a few of the most important developments and see where they're going.
New Threat Report Finds Email Prime Vehicle for Malware
March 16, 2021
Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets' inboxes, many times evading measures at email gateways to filter out the infected correspondence.
Microsoft Confident Exchange Hack Is State-Sponsored Operation
March 10, 2021
Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.
Successful Phishers Make Slim Gains in 2020
February 24, 2021
Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.
Lessons Learned From the SolarWinds Supply Chain Hack
February 23, 2021
In a recent Linux Foundation blog post titled "Preventing Supply Chain Attacks like SolarWinds," the foundation's Director of Open Source Supply Chain Security, David A. Wheeler, adamantly pushed the need for software developers to embrace the LF's security recommendations. Given the magnitude of the SolarWinds hack, LinuxInsider asked Wheeler to dive deeper into how supply chain security standards might benefit from the LF's latest advice.
The Future of Cybersecurity in 2021 and Beyond
February 16, 2021
Cybersecurity experts predict that in 2021 there will be a cyberattack incident every 11 seconds. This is nearly twice what it was in 2019, and four times the rate five years ago in 2016. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses.
E-Tailers Squandering a Fortune in 'NUMO' False Declines
February 9, 2021
Is your list of new business customers falling short due to issues with their rejected credit approvals? New User Missed Opportunity or "NUMO" is a growing problem for e-commerce vendors. It is caused by false payment declines based on a lack of access to current consumer data by the rating agencies. But you can fix this problem.
Ubuntu Core 20 Brings Better Industrial IoT Control
February 2, 2021
Canonical on Feb. 2 made available Ubuntu Core 20. This new Ubuntu Core version boasts notable new device security innovations. Given the increasing numbers and sophistication of attacks by individual and state-sponsored cybercriminals, Canonical's efforts should be welcomed by both IoT device makers and their customers, according to Charles King, principal analyst at Pund-IT.
What IT Leaders Would Do Differently if Faced With Another Crisis
January 22, 2021
In the early part of 2020, the pandemic forced companies around the world to rethink their practices and determine how to accelerate the adoption of technologies that would enable remote work. After closing out on a tumultuous year, many business leaders admit where they may have gone wrong. Here are some ways they would approach a shift to remote work, if faced with the crisis all over again.
Cloud Security Practices Playing Into Hands of Attackers
January 7, 2021
More than 80 percent of 650 cybersecurity and IT professionals surveyed by Check Point Software Technologies in July said their traditional security solutions either do not work at all, or only provide limited functions in the cloud. This indicates that organizations' cloud migrations and deployments are racing ahead of their security teams' abilities to defend against attacks and breaches.
FTC's Zoom Deal Signals Commitment to Security Enforcement
December 29, 2020
The U.S. Federal Trade Commission is making good on a resolution to strengthen its enforcement of security deficiencies occurring in e-commerce transactions. The agency's recent action involving allegations of improper activities by teleconferencing provider Zoom Video Communications is a notable example.
Cyberthreat Hunter FireEye Hacked by Nation-State Attackers
December 9, 2020
Cybersecurity firm FireEye, which has been prominent in the fight against nation-state cyberthreats, has been itself attacked by "a highly sophisticated threat actor, one whose discipline, operational security, and techniques," company CEO Kevin Mandia announced Tuesday. This indicates the attack is likely state-sponsored, by a nation "with top-tier offensive capabilities."
'Scalper' Bots Hoarding Hottest Products from Consumers
December 9, 2020
During any holiday season, consumers have a tough time wrestling with each other for best-selling products, but now times have become even tougher, thanks to the proliferation of online "scalper" bots. These robot shoppers, unleashed by cybercriminals, emulate the activity of ticket scalpers in the real world.
The Trials and Tribulations of Paying Ransomware Hackers
October 23, 2020
There's no question that hackers are getting increasingly ambitious -- the average ransom demand increased from about $29,000 in 2018 to more than $302,000 in 2019. U.S. law doesn't prohibit paying ransom per se; but when victims pay monies to people or organizations who have been sanctioned by the U.S. government...they get into more trouble.
Microsoft Squelches Trickbot Ransomware Network
October 13, 2020
An outlaw online network that's been used to infect millions of computers with ransomware has been disrupted by Microsoft. The company announced Monday that, together with telecommunications providers around the world, it was able to cut off the infrastructure used by the Trickbot botnet so it could no longer be used to initiate new infections or activate ransomware already planted on computer systems.
The Risks and Consequences of Lax Patch Management
September 29, 2020
Earlier this month, a woman with a life-threatening condition passed away after hackers crashed the IT systems of a major hospital in the city of Dusseldorf. Incidents like this raise the question of why corporations do not patch vulnerabilities as soon as software manufacturers issue a fix.
Cybersecurity Conundrum: Who's Responsible for Securing IoT Networks?
September 24, 2020
Surely spurred by the work-from-home necessities of 2020, people have connected a multitude of non-business devices to their corporate networks, making it progressively difficult to implement cybersecurity because every device is a potential weak point. So, who will ultimately be responsible for cybersecurity of an IoT network?
Tech Job Market Hot for the Near Future
September 15, 2020
Computer systems design and related services added 13,000 jobs, according to the U.S. Department of Labor's August jobs report. IT employment in July was up by more than 203,000 positions since the COVID-19 outbreak; and there were more than 235,000 job postings by U.S. employers, according to the Computing Technology Industry Association.
TikTok Enlists Oracle to Evade Trump's Executive Order
September 14, 2020
A proposal to avoid the banning of the popular social media app TikTok was submitted to the U.S. Treasury Department over the weekend. The plan submitted by ByteDance, which owns TikTok, calls for the company to enlist Oracle as a "trusted technology provider" in order to address national security concerns raised about the video-sharing software by the Trump administration.
See More Articles in Enterprise Security Section >>
Would you license your personal data to advertising platforms if you were paid directly for it?
Yes -- So much of my personal data is already in the hands of advertisers anyhow; I may as well be paid for it.
Possibly -- It depends how much I would be compensated and how the data I authorize to share would be used and protected.
No -- I would not sell my personal data at any price.
Contact Center AI Explained by Pop Culture
Ekata Pro Insight Identity Review