All the latest blog posts from the most relevant cyber security companies in the business.

SWIFT and BAE Systems published a report that describes the complex web of money mules, front companies and cryptocurrencies that criminals use to siphon funds from the financial system after a cyber attack. The report highlights the ingenuity of money laundering tactics to obtain liquid financial assets and avoid any subsequent tracing of the funds….

Designed to provide WordPress site admins with copy/paste, edit, delete, download/upload, and archive functionality for both files and folders, File Manager has over 700,000 active installs. Assessed with a CVSS score of 10, the recently identified critical security flaw could have allowed an attacker to upload files and execute code remotely on an affected site,…

Aligning security and delivery at a strategic level is one of the most complex challenges for executives. It starts with an understanding that risk-based thinking should not be perceived as an overhead or tax, but a value added component of creating a high-quality product or service. One solution is balanced development automation, which is about…

A Case Western Reserve University computer and data sciences researcher is working to shore up privacy protections for people whose genomic information is stored in a vast global collection of vital, personal data. Erman Ayday pursued novel methods for identifying and analyzing privacy vulnerabilities in the genomic data sharing network known commonly as “the Beacons.”…

Confidence levels in securing the election are low, and declining, according to an ISACA survey of more than 3,000 IT governance, risk, security and audit professionals in the US. While federal, state and local governments continue to harden election infrastructure technical controls and security procedures, 56 percent of respondents are less confident in election security…

Privileged Access Management (PAM) creates an extra security layer that helps to reduce risk, eliminating unnecessary local admin privileges. It takes the credentials from admin accounts and puts them in a secure repository, minimizing the endpoints that can be accessed via local administrators and reducing potential access by unauthorized users. IT Central Station’s PeerPaper based…

Cybersecurity company Cynet has released a report detailing changes in cyberattacks they’ve observed across North America and Europe since the beginning of the COVID-19 pandemic. The report shares the cyberattack volume change observed across industry sectors, the increased use of spear phishing as an initial attack vector, and the approaches being used to distribute malware…

OSINT, or open source intelligence, is the practice of collecting information from published or otherwise publicly available sources. OSINT operations, whether practiced by IT security pros, malicious hackers, or state-sanctioned intelligence operatives, use advanced techniques to search through the vast haystack of visible data to find the needles they’re looking for to achieve their goals—and…

There’s a growing, organized and increasingly sophisticated pattern of attacks on cloud native infrastructure, according to Aqua Security. While most attacks were aimed at abusing public cloud compute resources for cryptocurrency mining, the methods used open the door for higher-value targets that leverage security gaps in container software supply chains and runtime environments. The report…

Cyber attacks have increased in number and severity since the onset of the pandemic. The changes organizations implemented to facilitate remote work have given cybercriminals new opportunities to launch campaigns exploiting mass uncertainty and fear. Ransomware attack severity increases In fact, since the beginning of COVID-19, Coalition observed a 47% increase in the severity of…

While COVID-19 has proven the healthcare industry’s overall resilience, it has also increased its cybersecurity risk with new and emerging threats. The rapid adoption and onboarding of telehealth vendors led to a significantly increased digital footprint, attack surface, and cybersecurity risk for both provider and patient data, a new report released by SecurityScorecard and DarkOwl…