Malware

GandCrab attackers exploit recently patched Confluence vulnerability

If your company uses Confluence, make sure you have the latest available patches for this vulnerability.

Cisco: DNSpionage attack adds new tools, morphs tactics

Cisco Talos security researchers, who discovered DNSpionage in November, this week warned of new exploits and capabilities of the nefarious campaign.

SBI General launches insurance against cyberattacks

The latest product launched by SBI General Insurance can safeguard businesses from financial and reputational losses caused by cyberattacks.

What is "reasonable security"? And how to meet the requirement

Privacy regulations such as the GDPR and CCPA require companies to provide "reasonable security" to protect customers' personal information. Here's how you might best achieve that standard.

Cisco Talos details exceptionally dangerous DNS hijacking attack

Cisco Talos says state-sponsored attackers are battering DNS to gain access to sensitive networks and systems.

Wipro breach highlights third-party risk from large IT services providers

After outsourcing giant Wipro suffered a phishing incident, attackers used its email system to target the company’s customers. The breach demonstrates the dangers of supply chain and third party risk.

Cyber espionage shows no signs of slowing down: Michael Sentonas, CrowdStrike

The bears, pandas, kittens and chollimas are out in the open, and the military top-brass is apprehensive. Michael Sentonas, VP of Technology Strategy at CrowdStrike, gives us a dekko at the cyber espionage threat landscape.

Triton malware strikes again, intrusion discovered at second industrial facility

The Triton malware allows such systems to be controlled remotely – potentially allowing malicious actors to cause explosions or release toxic gas.

Darknet market bundling card details with device fingerprints to beat fraud detection

Researchers have uncovered an invitation-only Tor-concealed marketplace where stolen credit card details are bundled with the victim's device fingerprint, meaning criminal buyers can use them to beat numerous fraud detection systems.

Google expands cloud security capabilities, including simpler configuration

New tools and services will help make it easier for enterprises to manage security with Google products as well as with Amazon and in their own private clouds and applications.

New TajMahal APT likely to hit more targets, reveals malware analyst

Active since August 2014 with 80 modules able to capture a variety of information but with only one known victim, the TajMahal APT seems too advanced not to be used just once.

Group behind TRITON industrial sabotage malware made more victims

The attackers stayed undetected on the victim's network for more than a year and sought out operational technology networks.