A new WiFi security bug present on chips made by Broadcom and Cypress has likely rendered some one billion devices vulnerable to a theoretical attack that can decrypt information in transit.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Are you continually evaluating high-risk employee behavior for insider threats, and does you include a seemingly simple, but nevertheless high-impact capability: anonymous self- and peer-reporting?
DHS has published a security advisory that confirms a ransomware attack on critical infrastructure and provides recommendations for other operators to take precautions.
Spammers are stepping up their game in the phishing ecosystem with premade tools such as phishing templates, infrastructure and tutorials made widely available on underground forums.
Google has culled 500 over Chrome browser extensions used in a massive ad fraud campaign that pingponged 1.7 million users through dozens of ads and redirected them to phishing site.
Adversary attribution is one reliable and modern approach to fighting cybercrime as defending your enterprise can be easier if you know the opponents and what they know about you.
Attackers are combining DDoS attacks and "click fraud" in new email extortion scams that target publishers with websites monetized through Google AdSense program.
Based on new reports, last year’s MGM Resorts breach exposed personal data of more than 10.6 million guests with cloud misconfiguration suggested to be the likeliest cause.
Newly uncovered cyber espionage scheme shows Iranian hackers using unpatched VPN vulnerabilities as a point of entrance into the networks of government and private sector organizations.
Companies are constantly working on online fraud prevention methods while cybercriminals fine-tune their impersonation efforts. Find out why some of the authentication methods are falling short.










