Cybersecurity News


Fintech Giant Fiserv Used Unclaimed Domain

If you sell Web-based software for a living and ship code that references an unregistered domain name, you are asking for trouble. But when the same mistake is made by a Fortune 500 company, the results can range from costly to disastrous. Here's the story of one such goof committed by Fiserv [NASDAQ:FISV], a $6 billion firm that provides online banking software and other technology solutions to thousands of financial institutions.
17 March 2021

Enterprises Wrestle With Executive Social Media Risk Management

Survey indicates enterprises have a lot of work to do reduce cybersecurity risks around executive social media use.
17 March 2021

7 Tips to Secure the Enterprise Against Tax Scams

7 Tips to Secure the Enterprise Against Tax Scams Tax season is yet another opportunity for fraudsters to target your company. Here's how to keep everyone in the organization on their toes.
17 March 2021

A New Paradigm in Data Security: Insider Risk Management

A New Paradigm in Data Security: Insider Risk Management Insider Risk Management builds a framework around the new paradigm of "risk tolerance," aiming to give security teams the visibility and context around data activity to protect that data, without putting rigid constraints on users.
17 March 2021

‘Bit-Con’ Twitter teen hacker accepts plea agreement, three years behind bars

The teenager was responsible for breaking into the accounts of Elon Musk, Bill Gates, and others to tout a Bitcoin scam.
17 March 2021

Coalition raises $175 million to boost cyber insurance offerings

The company says it is now valued at $1.75 billion.
17 March 2021

FBI warns of rise in PYSA ransomware operators targeting US, UK schools

Data is being stolen ahead of encryption in extortion attempts.
17 March 2021

Recorded Future acquires Gemini Advisory in $52 million deal

The company will leverage the purchase to carve a place in the fraud analytics market.
17 March 2021

Can We Stop Pretending SMS Is Secure Now?

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of people (many of them low-paid mobile store employees) who can be tricked or bribed into swapping control over a mobile phone number to someone else. Now we're learning about an entire ecosystem of companies that anyone could use to silently intercept text messages intended for other mobile users.
16 March 2021

Chinese APT Targets Telcos in 5G-Related Cyber-Espionage Campaign

Telemetry suggests that threat actor behind Operation Dianxun is Mustang Panda, McAfee says.
16 March 2021

PYSA Ransomware Pillages Education Sector, Feds Warn

PYSA Ransomware Pillages Education Sector, Feds Warn A major spike of attacks against higher ed, K-12 and seminaries in March has prompted the FBI to issue a special alert.
16 March 2021

Mom & Daughter Duo Hack Homecoming Crown

Mom & Daughter Duo Hack Homecoming Crown A Florida high-school student faces jail time for rigging her school's Homecoming Queen election.
16 March 2021

IronNet Cybersecurity to Go Public in Merger

Company intends for the deal to drive adoption of its Collective Defense Platform.
16 March 2021

Microsoft Releases Mitigation Tool for On-Premises Exchange Servers

The tool, developed for organizations without dedicated IT and security teams, is meant to be used as temporary mitigation.
16 March 2021

Best Practices for Securing Service Accounts

While service accounts solve many of the challenges presented by automation, they can also create serious problems when it comes to cybersecurity.
16 March 2021

Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices

Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices A new Mirai variant is targeting known flaws in D-Link, Netgear and SonicWall devices, as well as newly-discovered flaws in unknown IoT devices.
16 March 2021

Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix

Exchange Cyberattacks Escalate as Microsoft Rolls One-Click Fix Public proof-of-concept (PoC) exploits for ProxyLogon could be fanning a feeding frenzy of attacks even as patching makes progress.
16 March 2021

Magecart Attackers Save Stolen Credit-Card Data in .JPG File

Magecart Attackers Save Stolen Credit-Card Data in .JPG File Researchers from Sucuri discovered the tactic, which creatively hides malicious activity until the info can be retrieved, during an investigation into a compromised Magento 2 e-commerce site.
16 March 2021

Software Development Security Firm Argon Announces Launch

Check Point founder Shlomo Kramer is one of the firm's investors.
16 March 2021

Google Releases Spectre PoC Exploit For Chrome

Google Releases Spectre PoC Exploit For Chrome Google has released the side-channel exploit in hopes of motivating web-application developers to protect their sites.
16 March 2021