hacking Archives - Page 3 of 11 - Cyber Security Minute

A hacker’s predictions on enterprise malware risk

Issued by: Help Net Security

2020 has ended with a stunning display of nation-state cyber capabilities. The Kremlin’s SVR shocked the cybersecurity industry and U.S. government with its intrusions into FireEye and the U.S. Office of the Treasury by way of SolarWinds, revealing only traces of its long-term, sophisticated campaigns. These breaches are reminders that no organization is immune to…

Software Security

SaaS security in 2021

Issued by: Help Net Security

The migration toward subscription-based services via the SaaS business model isn’t new this year — it’s part of a larger shift away from on-premises datacenters, applications, etc., that has been underway for years. The pandemic accelerated the shift, boosting SaaS subscriptions as companies looked for virtual collaboration and meeting tools. What is new on a…

Vulnerabilities

VMware Patches Vulnerabilities Exploited at Chinese Hacking Contest

Issued by: Security Week

At the 2020 Tianfu Cup International PWN Contest, which took place earlier this month in China, participants earned a total of more than $1.2 million for exploits targeting Chrome, Safari, Firefox, Adobe Reader, Docker, VMware ESXi, CentOS, the iPhone, the Samsung Galaxy S20 phone, Windows, and routers from TP-Link and Asus. The 360 ESG Vulnerability…

Mobile Security

Securing mobile devices, apps, and users should be every CIO’s top priority

Issued by: Help Net Security

More than 80% of global employees do not want to return to the office full-time, despite 30% employees claiming that being isolated from their team was the biggest hindrance to productivity during lockdown, a MobileIron study reveals. The COVID-19 pandemic has clearly changed the way people work and accelerated the already growing remote work trend….

Mobile Security

The Security of Your Android Device May Depend on Where You Live

Issued by: Security Week

Over the last few years, security researchers have been able to crack various Android phones during Pwn2Own hacking competitions. Now one firm has collected its research and finds a potentially significant global problem: Android security may be dependent on the country of use. One problem is the open and global nature of the Android operating…

Malware & Threats

How Abnormal Security combats business email compromise

Issued by: CSO

When looking at all the different ways that hackers can threaten networks and enterprises, flashy incidents like ransomware scams often come to mind. But a relatively new kind of attack called business email compromise (BEC) has taken the lead in both frequency and overall damage, quickly becoming public enemy number one. According to the FBI’s…

Malware & Threats

What is smishing? How phishing via text message works

Issued by: CSO

Smishing definition Smishing is a cyberattack that uses misleading text messages to deceive victims. The goal is to trick you into believing that a message has arrived from a trusted person or organization, and then convincing you to take action that gives the attacker exploitable information (like bank account login credentials, for example) or access…

Vulnerabilities

7 ways to make your Zoom meetings safer

Issued by: CSO

Zoom was a popular online conferencing application before COVID-19 infected the world, but the pandemic drove usage of the service to astronomical levels. Before the virus spread, the platform garnered about 10 million meeting participants a day. By March, that number was 200 million a day. “[W]e did not design the product with the foresight…

Network Security

Massive work-from-home movement exposes cybersecurity weaknesses

Issued by: Help Net Security

News coverage of the recent uptick in cyber threat activity is showing an incomplete picture. Despite the focus on VPN hacks and attacks at home, computers at more than 50,000 organizations in the US had been infected prior to stay-at-home orders, according to Team Cymru and Arctic Security. Researchers say they are witnessing previously infected…

Vulnerabilities

Cybercriminal group mails malicious USB dongles to targeted companies

Issued by: CSO

Security researchers have come across an attack where an USB dongle designed to surreptitiously behave like a keyboard was mailed to a company under the guise of a Best Buy gift card. This technique has been used by security professionals during physical penetration testing engagements in the past, but it has very rarely been observed…