Our Full-Service B2B Marketing Program Delivers Sales-Ready E-Commerce Leads » Learn More
Welcome Guest | Sign In
ECommerceTimes.com
Threat of Ransomware Lurks in Amazon S3 Buckets
December 7, 2021
New research from cloud security firm Ermetic shows that nearly all businesses have identities that, if compromised, would place at least 90 percent of the S3 buckets in their AWS account at risk. Ermetic conducted the study to determine the circumstances that would allow ransomware to make its way to Amazon S3 buckets. The research revealed a very high potential for ransomware in organizations' environments.
Holidays Fuel Surge of Mobile, Online Phishing Scams
November 24, 2021
'Tis the season to go phishing. Nothing brings out digital bandits like the holidays, and this year is no exception. Proofpoint, an enterprise digital security company, reports its researchers are seeing a massive global increase in holiday-themed mobile phishing attacks, a.k.a. smishing. It noted the volume of mobile phishing messages has almost doubled, compared to this time last year.
Many Consumers Fail To Protect Privacy After Receiving Data Breach Notice
November 23, 2021
A survey of 1,050 U.S. adult consumers found that 16 percent of the participants in the research took no action after receiving notice of a data breach affecting their accounts. Information from breached accounts can be used for identity fraud or to make employers vulnerable to cyberattacks, including ransomware and business email compromise (BEC) scams.
SMBs Report Sense of Security Despite Rise in Cyberattacks
November 10, 2021
Entrepreneurs might well be the latest heroes in cyberwarfare. Despite increasing odds of malicious attacks, SMB owners are forging ahead with a newfound sense of security. Untangle's fourth annual SMB IT Security Report shows that SMBs have adapted to a changing work environment, addressed an influx of cyberattacks, and defined their approach to IT Security.
The Dilithium Crystals Might Be Melting
November 2, 2021
For those born after the mini-computer era (co-terminus with the original Star Trek), dilithium is the fuel used to power a warp core propulsion system needed for interstellar travel. Dilithium is both naturally occurring and rare, and when it melts, from overuse of the warp core, the starship is basically kaput. This metaphor makes sense if you keep reading.
Cloud Security Holes Are Invites for Ransomware: Report
October 14, 2021
While migration to the cloud is at an all-time high, so is the growth of ransomware peddlers. Veritas Technologies surveyed more than 2,000 global IT leaders whose organizations have undertaken pandemic-led digital transformation. The study found the majority are severely vulnerable to ransomware attacks because they have been unable to keep pace with the accelerated digitization.
Researchers Find Cyberattack Discrepancies Based on Race, Gender
September 29, 2021
The research by Malwarebytes, Digitunity and the Cybercrime Support Network based on a survey of 5,000 people in the United States, United Kingdom and Germany found that Black people, Indigenous people, and People of Color (BIPOC) are more likely to have their identities stolen than White people, 21 percent compared to 15 percent.
Ransomware Attacks Have Gone Stratospheric: Report
September 22, 2021
Positive Technologies has released a report that indicates ransomware attacks have reached "stratospheric levels." The report finds ransomware assaults now account for 69 percent of all attacks involving malware. That is among the most disturbing finding. The research also reveals that the volume of attacks on governmental institutions has soared this year.
'Shadow Code' Creates Risk for 99% of Websites
September 21, 2021
Shadow code -- third-party scripts and libraries often added to web applications without security validation -- pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vulnerable to digital skimming and Magecart attacks, the researchers also noted.
Execs Fear Ransomware While Most Unprepared To Fight It
September 14, 2021
High ranking business executives say ransomware is a major concern to them but their organizations are unprepared to do anything about it. Those were the findings of a poll released Monday by global consulting and advisory services firm Deloitte.
Outdated Linux Versions, Misconfigurations Triggering Cloud Attacks: Report
September 8, 2021
The "Linux Threat Report 2021 1H" from Trend Micro found that Linux cloud operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive threats that exist in the Linux landscape.
Amazon, AWS Trumpet Free Cybersecurity Initiatives
September 1, 2021
Beginning in October, which is Cybersecurity Awareness Month, Amazon will make available to the public the training materials it's developed in-house to keep its employees and sensitive information safe from cyberattacks. It also offer "qualified" AWS customers a free multifactor authentication device designed to strengthen the security of their cloud environments.
Unsupported IoT Devices Are Cyber-Trouble Waiting To Happen
August 27, 2021
Imagine finding out that your neighbor's identity was stolen and their life savings cleaned out by criminals who entered through their 'smart' washing machine. Ridiculous, you say? Well, have you checked your home Wi-Fi network lately? You might have several connected household gadgets and other devices tethered wirelessly through a misconfigured router with no firewall settings.
Study Warns Easy Access to Cloud Apps Putting Business Data at Risk
August 25, 2021
Businesses are flocking to software-as-a-service applications as a means to improve the efficiency of their operations and the productivity of their employees, but weak control of access to cloud apps is putting the data of many organizations at risk. According to a study by DoControl, the average 1,000-person company using SaaS apps is exposing its data to between 1,000 and 15,000 external collaborators.
Protecting the Power Grid: Building Resiliency Into Essential Systems
August 24, 2021
Disruptions to power grid systems can have devastating effects. Despite the fact that consistent electric power has been a basic human need for more than a century; more than ever, the grid faces a growing onslaught of threats. We spoke with experts in the field about the critical nature of the grid -- and what can be done to fortify the backbone of society's infrastructure.
$600 Million Hacker Offered Job, Bug Bounty
August 18, 2021
The hacker who stole US$600 million in tokens from a cryptocurrency platform last week has been offered a security job by the platform. Most of the money has been returned to the Poly Network, but more than $200 million in assets remains locked in an account controlled by the hacker, whom the crypto platform refers to as "Mr. White Hat."
We're Late Closing the Barn Door on Pegasus
August 12, 2021
People are freaking out about reports of NSO Group's Pegasus surveillance tool being used to spy on journalists, political dissidents, and other opponents of regimes worldwide. It's disheartening, and worth discussing. But why are we shocked? In Pegasus' case, the game theory is clear: some company was bound to develop surveillance software, some less-than-scrupulous government was bound to buy it, and they'd eventually get caught.
Half of IT Pros Say Remote Workers Dodging Security Precautions
August 11, 2021
Hackers aren't the only ones evading security measures of many organizations. So are their remote workers. In a new report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizations' security policies.
Study Finds 100% of Commercial Apps Contain Security Flaws
August 4, 2021
A number of popular commercial applications in categories ranging from browsers to messaging and meeting apps all contained open-source components with security vulnerabilities, according to new research performed by Osterman Research for GrammaTech. Online meetings and email clients, which contained the highest average weighting of vulnerabilities, were the most-exposed categories the researchers studied.
US Cybersecurity Plan Welcomed, but Software Tracking Troubles IT Sector
August 3, 2021
The information technology sector, including companies that are directly and indirectly involved in providing IT products and services to the federal government, will be especially affected by the provisions of the "Executive Order on Improving the Nation's Cybersecurity."
Researchers Track Linux Intrusions to Cryptojacking Gang
July 29, 2021
Bitdefender security researchers have uncovered a Romanian-based threat group active since at least last year targeting Linux-based machines with weak Secure Shell Protocol (SSH) credentials. The researchers discovered the group was deploying Monero mining malware used to steal cryptocurrency.
Salt Labs Launched To Heighten API Security Threat Awareness
July 22, 2021
Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vulnerabilities.
US, NATO Accuse China of Massive Microsoft Hack
July 20, 2021
In addition to its condemnation of China, the White House announced that the U.S. Justice Department has filed charges against four Ministry of State Security hackers allegedly engaged in a multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education and healthcare in a least a dozen countries.
Cybercriminals Employing Specialists To Maximize Ill-Gotten Gains
July 13, 2021
Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct, as the one-man show has given way to specialization.
Researchers Find Smart Devices Ripe for Hacker Attacks
July 7, 2021
Thousands of hacker attacks were launched on a network of smart home devices designed by researchers to assess the risk the gadgets pose to consumers. During the initial week the "honeypot" network was online, 1,017 unique scans or hacking attempts were directed at the devices on the net, which included smart TVs, printers, wireless security cameras and Wi-Fi kettles.
SolarWinds Hackers Still Targeting Microsoft, Focus on Support Staff
July 6, 2021
Microsoft recently disclosed that it too was no doubt a victim of the same Russian-based hacker gang responsible for the SolarWinds onslaught. As some of the details surrounding the cyberattack become known, the bleak disclosures might justifiably cause a sniffled gasp indicating that if Microsoft can be breached, what hope is left for everyone else?
SEC Reportedly Probing SolarWinds Breach
June 23, 2021
Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader stock market, so it makes sense that the SEC would pursue such a line of inquiry," said Oliver Tavakoli, CTO of Vectra AI.
Reports of TurboTax Breach Greatly Exaggerated
June 16, 2021
Reports of a data breach of TurboTax have been overblown, according to Intuit which owns the tax preparation platform. Several news outlets recently reported that an unspecified number of TurboTax accounts were compromised in a wave of credential stuffing attacks. Those kinds of attacks exploit credentials stolen from other websites and reused at the TurboTax site.
New Report Profiles Ransomware Cybergangs
May 21, 2021
That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at least 290 new victims fo far this year. The combined spoils tallied potentially $45 million for the hackers.
Dissecting the Colonial Pipeline Incident
May 20, 2021
IT experts at the hacked Colonial Pipeline did a good job in mitigating the May 7 cyberattack and successfully stopped it when discovered by shutting down the network. But the attack was mostly invisible in the weeks-long initial stages, according to a briefing NTT Security executives conducted Tuesday.
See More Articles in Cybersecurity Section >>
Accurately forecast demand to deliver great CX
Should employers consider job seekers' social media posts when hiring?
Yes -- Online activity is a reflection of conduct and an indicator of how a person will represent an employer.
Possibly -- Only if the job requires the applicant to represent the company in a public capacity.
No -- Employers have no business prying into candidates' social media posts.
Accurately forecast demand to deliver great CX