Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
ECommerceTimes.com
Microsoft, Intel Team Up to Clamp Down on Cryptominers
April 28, 2021
As cryptocurrency values continue to rise, cryptojacking becomes more attractive to cybercriminals. Now, a powerful hardware-based threat detection technology is being integrated into a Microsoft enterprise security product to help protect businesses from cryptojacking malware. The action integrates Intel Threat Detection Technology with Microsoft Defender for Endpoint.
How Fixable Is the Unsafe Internet?
April 15, 2021
A recent study from Consumer Reports' Digital Lab reveals that 96 percent of Americans agree that more should be done to protect consumer privacy. But don't expect to see a whole new alternative Internet emerging any year soon. Instead, you will see a focus on software offerings built around privacy and security rather than hardware.
DNS Flaws Expose Millions of IoT Devices to Hacker Threats
April 14, 2021
A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.
Fortune 500s Hit by MS Exchange Breach Maybe Still Unaware
April 13, 2021
Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.
Intrigue Funded to Develop New Attack Surface Management Platform
April 13, 2021
Startup information security firm Intrigue has announced a US$2 million seed round led by LiveOak Venture Partners for a new attack service management platform that helps secure enterprise networks. The Intrigue tools scan all public, exposed attack surfaces inside and outside a company. The seed funding will also support the security and developer communities contributing to Intrigue Core.
Fraud Awareness Kit Puts Businesses on Notice: It's Tax Scam Season
April 7, 2021
Businesses fearful their workers may be targeted by fraudsters will want to take a look at the free Tax Scam Awareness Kit offered by Proofpoint. The kit, for both Windows and macOS, includes materials for an employee education campaign about tax fraud, three educational videos, an infographic, answers to frequently asked questions about tax scams, and a tax scam flyer.
Hacker Recycles Data on Half a Billion Facebook Users
April 6, 2021
A rich cache of data on some 533 million Facebook users was posted to a hacker forum over the weekend and is available to download for practically free. In a statement provided to TechNewsWorld by Facebook, the company said it is confident the posted information is old data that originated from a weakness in its contact importer feature that was discovered and fixed in August 2019.
Cybersecurity Fears Trigger Migration From the Public Cloud
March 26, 2021
Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.
New Threat Report Finds Email Prime Vehicle for Malware
March 16, 2021
Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets' inboxes, many times evading measures at email gateways to filter out the infected correspondence.
Microsoft Confident Exchange Hack Is State-Sponsored Operation
March 10, 2021
Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.
Successful Phishers Make Slim Gains in 2020
February 24, 2021
Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.
The Future of Cybersecurity in 2021 and Beyond
February 16, 2021
Cybersecurity experts predict that in 2021 there will be a cyberattack incident every 11 seconds. This is nearly twice what it was in 2019, and four times the rate five years ago in 2016. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses.
Hacker Attempts to Poison Florida City's Water Supply
February 10, 2021
A cyber intruder broke into the computer network of the water treatment system of Oldsmar, Fla. and attempted to poison it with lye. News of the attack was made public Monday by officials of Oldsmar, who revealed the attack was foiled by an operator at the facility within minutes of its launch. The Oldsmar plant provides water to businesses and about 15,000 residents.
Cyberthreat Hunter FireEye Hacked by Nation-State Attackers
December 9, 2020
Cybersecurity firm FireEye, which has been prominent in the fight against nation-state cyberthreats, has been itself attacked by "a highly sophisticated threat actor, one whose discipline, operational security, and techniques," company CEO Kevin Mandia announced Tuesday. This indicates the attack is likely state-sponsored, by a nation "with top-tier offensive capabilities."
The Trials and Tribulations of Paying Ransomware Hackers
October 23, 2020
There's no question that hackers are getting increasingly ambitious -- the average ransom demand increased from about $29,000 in 2018 to more than $302,000 in 2019. U.S. law doesn't prohibit paying ransom per se; but when victims pay monies to people or organizations who have been sanctioned by the U.S. government...they get into more trouble.
Microsoft Squelches Trickbot Ransomware Network
October 13, 2020
An outlaw online network that's been used to infect millions of computers with ransomware has been disrupted by Microsoft. The company announced Monday that, together with telecommunications providers around the world, it was able to cut off the infrastructure used by the Trickbot botnet so it could no longer be used to initiate new infections or activate ransomware already planted on computer systems.
The Risks and Consequences of Lax Patch Management
September 29, 2020
Earlier this month, a woman with a life-threatening condition passed away after hackers crashed the IT systems of a major hospital in the city of Dusseldorf. Incidents like this raise the question of why corporations do not patch vulnerabilities as soon as software manufacturers issue a fix.
Cybersecurity Conundrum: Who's Responsible for Securing IoT Networks?
September 24, 2020
Surely spurred by the work-from-home necessities of 2020, people have connected a multitude of non-business devices to their corporate networks, making it progressively difficult to implement cybersecurity because every device is a potential weak point. So, who will ultimately be responsible for cybersecurity of an IoT network?
How to Protect Mobile Apps Against Sneaker Bots
September 16, 2020
Automated purchasing bots, also known as "sneaker bots," "click bots," "Instacart bots" and other names, are ruining the online shopping and gig economy experience for both consumers and workers. These bots can cause considerable damage to a mobile business' reputation and bottom line. There are a number of measures that e-tailers should take a to protect their mobile apps from sneaker bots.
Reported Data Breaches Decline in H1 2020
September 3, 2020
Data breaches were rampant in 2019, occurring at an unprecedented pace. However, the first half of this year has seen a reduction in the number of reported events. Reported being the operative word. In all, more than 15 billion records were exposed in nearly 7,100 data breaches last year. This year however, the number of publicly reported data breaches has decreased.
Software Piracy Spreading With the Virus
September 1, 2020
Software piracy involves much more than businesses and consumers using illegal copies of computer programs. What lurks within the pirated copies is often rogue code -- malware -- that can be just as deadly to computers and users' finances. Software companies are reporting that piracy has increased 20 to 30 percent due to COVID-19.
Credential Harvesting Attacks Take Aim at Video Meeting Apps
August 27, 2020
Users of video conference tools should be aware of the growing risk of impersonation attacks. Cybercriminals are capitalizing on the exponential increase of users turning to Zoom and other platforms to collaborate across work and friend networks. Researchers have identified attacks stemming from Australia, Germany, the U.S. and elsewhere.
Pandemic Gooses Stolen Credentials Prices on Dark Web
August 25, 2020
After crashing in 2019, Dark Web markets for stolen credentials rebounded during the first half of 2020, largely due to major shifts in consumer behavior caused by the global pandemic. Hacked accounts for delivery services and physical fitness brands are some of the highest priced items on the market, according to a recent report.
Garmin Confirms Services Upended by Ransomware Attack
July 28, 2020
Garmin on Monday confirmed that many of its online services have been disrupted by a cyberattack on its systems that occurred on July 23, 2020. Services disrupted by the attack, which encrypted data on the systems, included website functions, customer support, customer facing applications, and company communications.
Beware of Counterfeit Network Equipment
July 24, 2020
Counterfeit hardware, especially in corporate settings, is a recurring problem that often goes unnoticed. Having such gear online poses serious financial, operational, and security risks. Cybersecurity company F-Secure has released an investigative report detailing counterfeit Cisco Catalyst 2960-X series switches. The report highlights challenges facing organizations that discover counterfeit devices in their IT infrastructure.
Twitter's Security Blunder: More Dangerous Than You Think
June 29, 2020
Twitter had a data security problem last week that might sound trivial. Email addresses, phone numbers, and the last four digits of the credit cards used to buy ads on Twitter were left in browser cache after the transaction, and that cache was not secured. This may seem trivial, but the consequences could be far more significant than you might think. Let's explore how.
Email Scammers Using Old Tricks With New Twists
June 26, 2020
With much of the workforce conducting business from home to escape the pandemic, scammers have revved up their trickery to scare victims into falling for credential harvesting schemes. Two new reports lay bare the new twists digital scammers are putting on old approaches to get you to unwittingly give up login credentials.
Thunderbolt Flaw Opens Door for 'Evil Maid' Attack
May 12, 2020
A Dutch researcher has revealed a novel way to crack into a PC through a Thunderbolt port. The method, dubbed "Thunderspy" by researcher Björn Ruytenberg, sidesteps the login screen of a sleeping computer, as well as its hard disk encryption, to access all its data. "Thunderspy is stealth, meaning that you cannot find any traces of the attack. It does not require your involvement," he explained.
How to Stay Safe on the Internet, Part 3: Drive the Black Hatters Mad
May 1, 2020
Like conventional criminals, criminal hackers choose easy, lucrative targets. One group in the crosshairs is made up of companies that have data on millions of users, such as private sector entities with a Web presence. Why go after one user at a time when data is collected in one place? Criminal hackers also like to hunt small organizations that have modest capital but weak information security.
Zoom Boosts Security With Pick-Your-Route Feature
April 15, 2020
Zoom's paying customers will be able to choose the region they want to use for their virtual meetings. Paying customers will be able to opt in or out of a specific data center region, although they won't be able to change their default, which for most customers is the United States. Zoom has data centers in the U.S., Canada, Europe, India, Australia, China, Latin America, and Japan/Hong Kong.
See More Articles in Hacking Section >>
Ekata Pro Insight Identity Review
What was your initial reaction to news of the Colonial Pipeline cyberattack?
It demonstrates that all critical infrastructure sectors are at high risk of disruption by cybercriminals.
Everyone will be paying for this attack in the form of higher energy costs.
Governments need to work more closely with private industries to protect networks for the sake of public safety.
It's a global problem. An international alliance must be formed to hold the perpetrators accountable and prevent future attacks.
Waylay IO
Contact Center AI Explained by Pop Culture