Clop Ransomware gang encrypted South Korean Retail Operator E-Land after secretly stealing 2 million credit card details for more than a year using a stealth POS malware.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
To put an end to the loss of valuable ad dollars, cybersecurity and risk management professionals must realize that ad fraud is not caught with traditional cybersecurity tools.
Brazil's Ministry of Health website data leak exposed medical records of 243 million living and deceased Brazilians after database access credentials were saved in the source code.
With Zero Trust 2.0, the same level of security is maintained, but through intelligent passive indicators rather than the layered authentication approach of its predecessor.
A hacker on a Russian-speaking forum is selling hundreds of business executives' email and password combinations for Office 365 and Microsoft accounts for use in BEC scams.
2020 has demonstrated several times over that no target is beneath the world's cyber criminals; this time it's a coordinated phishing attack on the global vaccine supply chain.
The court will determine how the nearly 35-year-old CFAA is interpreted. The worst possible interpretation could put employees and contractors at the mercy of the terms of service of systems and software.
The world's biggest domain registrar, GoDaddy, has suffered another blow to its reputation for security after losing control of the addresses of several well-known cryptocurrency services.
IoT players that don’t make security part of their brand will lose customers to competitors who do. This means re-addressing the entire product life cycle with an emphasis on security.
The Information Society Forum (ISF) believes that human-centered security is the way forward. Security awareness thus must stay in tune with expected patterns of behavior and psychological realities.










