Manufacturing and energy became the second and third most targeted industries last year, respectively. Retail and professional services rounded up the top five most targeted sectors, IBM says. In the latest installment of their annual X-Force Threat Intelligence Index, IBM Security also reveals that ransomware was the most popular attack method in 2020, with a…

The National Counterintelligence and Security Center warned Thursday that foreign hackers are increasingly targeting vendors and suppliers that work with the government to compromise their products in an effort to steal intellectual property and carry out espionage. The NCSC said it is working with other agencies, including the Cybersecurity and Infrastructure Security Agency, to raise…

Hackers used phishing emails to gain access to the computers of at least seven federal MPs and 31 lawmakers in regional parliaments, according to Der Spiegel weekly. A spokesman for the lower house of parliament confirmed the cyber attack but said there was “currently no indication” of a direct attack on the IT infrastructure of…

The first security hole, tracked as CVE-2021-3450, has been described as a “problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag.” The flaw was discovered by researchers at Akamai. “Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an…

Famed security expert HD Moore’s latest project — an IT and OT asset-discovery platform that attempts to address the-age-old challenge of finding and fingerprinting devices that reside on an organization’s network and their status — just landed $5 million in venture capital funding from some major players in network and security technologies. The VC round…

Security startup Argon says it is exiting stealth mode and has announced its official launch this week. Argon is focused on securing the software delivery process through visibility into the continuous integration/continuous delivery (CI/CD) pipeline and the software development life cycle (SDLC), officials say. Argon, based in Tel Aviv, is launching with 15 employees. The…

The dramatic rise in ransomware attacks and the SolarWinds Orion hack have thrust cybersecurity back into the spotlight. With everyone a target, it’s time for organizations to implement cybersecurity frameworks like those provided by the National Institute of Standards and Technology (NIST), which can help you set a bar for measuring your cybersecurity effectiveness. Taking…

Attackers have begun to utilize the recently patched Microsoft Exchange Server vulnerabilities to deploy ransomware onto compromised servers, Microsoft reports. The news emerged late last night. Phillip Misner, a member of Microsoft’s security research team, tweeted about the new ransomware family tracked as Ransom:Win32/DoejoCrypt.A and nicknamed “DearCry,” which is using the Microsoft Exchange vulnerabilities to…

One of the most common ways cybercriminals breach enterprises is by finding security vulnerabilities in the applications they use. The last year delivered a plethora of security challenges. Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure…