threats Archives - Page 30 of 34 - Cyber Security Minute

Russian hackers use OAuth, fake Google apps to phish users

Issued by: CIO Security

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens too. It’s sneaky hack that’s particularly worrisome, because it can circumvent Google’s 2-step verification, according to security firm Trend Micro. The group, known as…

Network Security

McAfee: Wave of Shamoon cyberattacks being coordinated by a single group

Issued by: CIO Security

The waves of cyberattacks that have rocked Saudi Arabia over the past few months are linked to the earlier Shamoon attacks. However, the initial 2012 attack was the work of a single group, whereas the latest attacks have been carried out by different groups of varying skills and expertise, all following instructions provided by one…

Network Security

Are travel Wi-Fi routers secure?

Issued by: Kaspersky Blog

Last week at Kaspersky Lab’s Security Analyst Summit (the SAS), there was a lot of cool research that made you think. Although a lot of talks centered on deep APT research and threats to businesses, there were a few sessions where consumer security was shown to be at risk as well. One such talk was…

Vulnerabilities

Report: Cybercrime climate shifts dramatically in first quarter

Issued by: Blog Malwarebytes

The first quarter of 2017 brought with it some significant changes to the threat landscape and we aren’t talking about heavy ransomware distribution either. Threats which were previously believed to be serious contenders this year have nearly vanished entirely, while new threats and infection techniques have forced the security community to reconsider collection and analysis…

Malware & Threats

Insider Threat Fear Greater Than Ever, Survey Shows

Issued by: Dark Reading

More than half of security pros say insider threat incidents have become more frequent in the past 12 months. Despite continued spending on security measures for controlling and monitoring access to sensitive data, more organizations than ever feel vulnerable to breaches caused by insiders with legitimate access to enterprise systems.

Application Security

Most Android devices lack latest security patches

Issued by: Linux Blog

Nearly three-quarters of Android devices on the five biggest U.S. carriers are running on security patches that are at least two months old, putting them at greater risk of being hacked. That finding was made in an analysis released Thursday by Skycure, a mobile threat defense vendor. The report also found that the city of Boston…

Malware & Threats

A new approach is needed in the battle against cyber attacks

Issued by: Help Net Security

How do you search for something that’s invisible? An increase in the sophistication of cyber attacks means that it takes an average of 146 days before a corporate hack is discovered. Modern breaches are a mix of chameleonic deception and clever automation, enabling malicious code to be concealed deep inside the corporate network. In the…

Malware & Threats

IRS issues new tax scam warnings, FSA tool suspended due to security concerns

Issued by: CSO

The Internal Revenue Service (IRS) has issued a new warning to businesses, taxpayers, and tax prep professionals about Phishing scams targeting the sensitive information they work with on a daily basis. Soon after, the IRS and the US Department of Education suspended a tool that helps people obtain financial aid for college. The warning from…

Software Security

3 overlooked endpoints for cyber attacks and how to protect them

Issued by: Trend Micro Blog

You probably think you have endpoint security covered. After all, organizations have been securing end-user desktop and laptop computers for decades with anti-virus software and other cyber security programs. Because of these steps, you think you’re not at risk of an endpoint-initiated attack. However, NTT Security’s 2015 Global Threat Intelligence Report found that 70 percent…

Malware & Threats

Cybercriminals Hijack Magento Extension to Steal Card Data

Issued by: Security Week

Cybercriminals have been abusing a payment module to steal credit card data from online shops powered by the Magento ecommerce platform, web security firm Sucuri reported on Friday. The targeted module is the Realex Payments Magento extension (SF9), which integrates with the Realex Realauth Remote payment gateway. The Realex Payments extension allows Magento store owners…