Panic and confusion about the recent coronavirus outbreak spurred threat actors to launch several malware campaigns across the world, relying on a tried-and-true method to infect people’s machines: fear. Cybercriminals targeted users in Japan with an Emotet campaign that included malicious Word documents that allegedly contained information about coronavirus prevention. Malware embedded into PDFs, MP4s,…

Palo Alto Networks released research showing how vulnerabilities in the development of cloud infrastructure are creating significant security risks. The Unit 42 Cloud Threat Report: Spring 2020 investigates why cloud misconfigurations happen so frequently. It finds that as organizations move to automate more of their cloud infrastructure build processes, they are adopting and creating new…

Which ten software vulnerabilities should you patch as soon as possible (if you haven’t already)? Recorded Future researchers have analyzed code repositories, underground forum postings, dark web sites, closed source reports and data sets comprising of submissions to popular malware repositories to compile a list of the ten most exploited vulnerabilities by cybercriminals in 2019.

Change is constant in cybersecurity — continual, rapid, dynamic change. It’s impossible to maintain an effective defensive posture without constantly evolving. Security measures that worked in the past will not be effective today, and today’s security controls will not be effective tomorrow. Many factors contribute to this rapid pace of change. Attacks are on the…

In the age of cloud computing where infrastructure needs to be extended or deployed rapidly to meet ever-changing organizational needs, the configuration of new servers and nodes is completely automated. This is done using machine-readable definition files, or templates, as part of a process known as infrastructure as code (IaC) or continuous configuration automation (CCA)….

What makes some organizations more cyber resilient than others?

Despite higher levels of investment in advanced cybersecurity technologies over the past three years, less than one-fifth of organizations are effectively stopping cyberattacks and finding and fixing breaches fast enough to lower the impact, according to a report from Accenture. Based on a survey of more than 4,600 enterprise security practitioners around the globe, the…

The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware and phishing emails. Malicious coronavirus-themed campaings IBM X-Force says that Japanese users have been receiving fake notifications about the coronavirus spreading in several prefectures, purportedly sent by a disability…

Anyone who’s experienced a job interview knows that one of the keys to landing a position is answering the interview questions effectively and intelligently—without sounding like a robot. It’s no different for high-level security executives. In fact, given the importance of these positions and the need for security executives to think fast on their feet,…