Explore Newsletters from ECT News Network » View Samples | Subscribe
Welcome Guest | Sign In
ECTNews.com
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Cybersecurity 2022: More Fraud, More Fakes, More Crypto Scams
December 29, 2021
Cybercriminals in 2022 will move from identity theft to identity fraud, predicted the Identity Theft Resource Center. Bad actors are accumulating personal identifying information, but they're not using it to target consumers as much as they used to do. Rather, they're using it in credential attacks on businesses, explained the nonprofit organization devoted to minimizing risk and mitigating the impact of identity compromise and crime.
Deadly Log4j Hole Expands Victim Vulnerability
December 28, 2021
Beware the Log4j vulnerability! This nasty software bug has much of the IT world in a panic as it follows us into the New Year. No doubt, many organizations and SMBs with no IT staff are clueless about its existence. But ignorance of Log4j only makes them more susceptible to an attack. They remain defenseless.
CyberSec Researchers Reveal 2M Devices Vulnerable as Botnet Launchpad
December 13, 2021
Firmware security firm Eclypsium and the Synopsys Cybersecurity Research Center (CyRC) have issued reports about global hardware flaws and multiple API holes discovered in a call center software suite. The separate reports come on the heels of news from F-Secure that 150 different HP multifunction printer products are loaded with security holes.
Cybersecurity Pros Uneasy Over Prospect of Quantum Sneak Attack
December 8, 2021
Four out of five cybersecurity pros are fretting over the potential for a sneak attack by an adversary with a quantum computer that will render the encryption on their data ineffective. Quantum computers can process data much faster than most computers today because they use qubits to crunch data, which are not limited to zeroes and ones.
Threat of Ransomware Lurks in Amazon S3 Buckets
December 7, 2021
New research from cloud security firm Ermetic shows that nearly all businesses have identities that, if compromised, would place at least 90 percent of the S3 buckets in their AWS account at risk. Ermetic conducted the study to determine the circumstances that would allow ransomware to make its way to Amazon S3 buckets. The research revealed a very high potential for ransomware in organizations' environments.
Holidays Fuel Surge of Mobile, Online Phishing Scams
November 24, 2021
'Tis the season to go phishing. Nothing brings out digital bandits like the holidays, and this year is no exception. Proofpoint, an enterprise digital security company, reports its researchers are seeing a massive global increase in holiday-themed mobile phishing attacks, a.k.a. smishing. It noted the volume of mobile phishing messages has almost doubled, compared to this time last year.
Many Consumers Fail To Protect Privacy After Receiving Data Breach Notice
November 23, 2021
A survey of 1,050 U.S. adult consumers found that 16 percent of the participants in the research took no action after receiving notice of a data breach affecting their accounts. Information from breached accounts can be used for identity fraud or to make employers vulnerable to cyberattacks, including ransomware and business email compromise (BEC) scams.
SMBs Report Sense of Security Despite Rise in Cyberattacks
November 10, 2021
Entrepreneurs might well be the latest heroes in cyberwarfare. Despite increasing odds of malicious attacks, SMB owners are forging ahead with a newfound sense of security. Untangle's fourth annual SMB IT Security Report shows that SMBs have adapted to a changing work environment, addressed an influx of cyberattacks, and defined their approach to IT Security.
The Dilithium Crystals Might Be Melting
November 2, 2021
For those born after the mini-computer era (co-terminus with the original Star Trek), dilithium is the fuel used to power a warp core propulsion system needed for interstellar travel. Dilithium is both naturally occurring and rare, and when it melts, from overuse of the warp core, the starship is basically kaput. This metaphor makes sense if you keep reading.
Cloud Security Holes Are Invites for Ransomware: Report
October 14, 2021
While migration to the cloud is at an all-time high, so is the growth of ransomware peddlers. Veritas Technologies surveyed more than 2,000 global IT leaders whose organizations have undertaken pandemic-led digital transformation. The study found the majority are severely vulnerable to ransomware attacks because they have been unable to keep pace with the accelerated digitization.
Researchers Find Cyberattack Discrepancies Based on Race, Gender
September 29, 2021
The research by Malwarebytes, Digitunity and the Cybercrime Support Network based on a survey of 5,000 people in the United States, United Kingdom and Germany found that Black people, Indigenous people, and People of Color (BIPOC) are more likely to have their identities stolen than White people, 21 percent compared to 15 percent.
Ransomware Attacks Have Gone Stratospheric: Report
September 22, 2021
Positive Technologies has released a report that indicates ransomware attacks have reached "stratospheric levels." The report finds ransomware assaults now account for 69 percent of all attacks involving malware. That is among the most disturbing finding. The research also reveals that the volume of attacks on governmental institutions has soared this year.
'Shadow Code' Creates Risk for 99% of Websites
September 21, 2021
Shadow code -- third-party scripts and libraries often added to web applications without security validation -- pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vulnerable to digital skimming and Magecart attacks, the researchers also noted.
Execs Fear Ransomware While Most Unprepared To Fight It
September 14, 2021
High ranking business executives say ransomware is a major concern to them but their organizations are unprepared to do anything about it. Those were the findings of a poll released Monday by global consulting and advisory services firm Deloitte.
Outdated Linux Versions, Misconfigurations Triggering Cloud Attacks: Report
September 8, 2021
The "Linux Threat Report 2021 1H" from Trend Micro found that Linux cloud operating systems are heavily targeted for cyberattacks, with nearly 13 million detections in the first half of this year. As organizations expand their footprint in the cloud, correspondingly, they are exposed to the pervasive threats that exist in the Linux landscape.
Amazon, AWS Trumpet Free Cybersecurity Initiatives
September 1, 2021
Beginning in October, which is Cybersecurity Awareness Month, Amazon will make available to the public the training materials it's developed in-house to keep its employees and sensitive information safe from cyberattacks. It also offer "qualified" AWS customers a free multifactor authentication device designed to strengthen the security of their cloud environments.
Unsupported IoT Devices Are Cyber-Trouble Waiting To Happen
August 27, 2021
Imagine finding out that your neighbor's identity was stolen and their life savings cleaned out by criminals who entered through their 'smart' washing machine. Ridiculous, you say? Well, have you checked your home Wi-Fi network lately? You might have several connected household gadgets and other devices tethered wirelessly through a misconfigured router with no firewall settings.
Study Warns Easy Access to Cloud Apps Putting Business Data at Risk
August 25, 2021
Businesses are flocking to software-as-a-service applications as a means to improve the efficiency of their operations and the productivity of their employees, but weak control of access to cloud apps is putting the data of many organizations at risk. According to a study by DoControl, the average 1,000-person company using SaaS apps is exposing its data to between 1,000 and 15,000 external collaborators.
Protecting the Power Grid: Building Resiliency Into Essential Systems
August 24, 2021
Disruptions to power grid systems can have devastating effects. Despite the fact that consistent electric power has been a basic human need for more than a century; more than ever, the grid faces a growing onslaught of threats. We spoke with experts in the field about the critical nature of the grid -- and what can be done to fortify the backbone of society's infrastructure.
$600 Million Hacker Offered Job, Bug Bounty
August 18, 2021
The hacker who stole US$600 million in tokens from a cryptocurrency platform last week has been offered a security job by the platform. Most of the money has been returned to the Poly Network, but more than $200 million in assets remains locked in an account controlled by the hacker, whom the crypto platform refers to as "Mr. White Hat."
We're Late Closing the Barn Door on Pegasus
August 12, 2021
People are freaking out about reports of NSO Group's Pegasus surveillance tool being used to spy on journalists, political dissidents, and other opponents of regimes worldwide. It's disheartening, and worth discussing. But why are we shocked? In Pegasus' case, the game theory is clear: some company was bound to develop surveillance software, some less-than-scrupulous government was bound to buy it, and they'd eventually get caught.
Half of IT Pros Say Remote Workers Dodging Security Precautions
August 11, 2021
Hackers aren't the only ones evading security measures of many organizations. So are their remote workers. In a new report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizations' security policies.
Study Finds 100% of Commercial Apps Contain Security Flaws
August 4, 2021
A number of popular commercial applications in categories ranging from browsers to messaging and meeting apps all contained open-source components with security vulnerabilities, according to new research performed by Osterman Research for GrammaTech. Online meetings and email clients, which contained the highest average weighting of vulnerabilities, were the most-exposed categories the researchers studied.
US Cybersecurity Plan Welcomed, but Software Tracking Troubles IT Sector
August 3, 2021
The information technology sector, including companies that are directly and indirectly involved in providing IT products and services to the federal government, will be especially affected by the provisions of the "Executive Order on Improving the Nation's Cybersecurity."
Researchers Track Linux Intrusions to Cryptojacking Gang
July 29, 2021
Bitdefender security researchers have uncovered a Romanian-based threat group active since at least last year targeting Linux-based machines with weak Secure Shell Protocol (SSH) credentials. The researchers discovered the group was deploying Monero mining malware used to steal cryptocurrency.
Salt Labs Launched To Heighten API Security Threat Awareness
July 22, 2021
Anyone with a stake in keeping ahead of cybersecurity assaults and enterprise network intrusions through API vulnerabilities can now tap into expert advisories and security reports. API security company Salt Security last week launched Salt Labs, a now-public forum for publishing research on API vulnerabilities.
US, NATO Accuse China of Massive Microsoft Hack
July 20, 2021
In addition to its condemnation of China, the White House announced that the U.S. Justice Department has filed charges against four Ministry of State Security hackers allegedly engaged in a multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education and healthcare in a least a dozen countries.
Cybercriminals Employing Specialists To Maximize Ill-Gotten Gains
July 13, 2021
Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct, as the one-man show has given way to specialization.
Researchers Find Smart Devices Ripe for Hacker Attacks
July 7, 2021
Thousands of hacker attacks were launched on a network of smart home devices designed by researchers to assess the risk the gadgets pose to consumers. During the initial week the "honeypot" network was online, 1,017 unique scans or hacking attempts were directed at the devices on the net, which included smart TVs, printers, wireless security cameras and Wi-Fi kettles.
SolarWinds Hackers Still Targeting Microsoft, Focus on Support Staff
July 6, 2021
Microsoft recently disclosed that it too was no doubt a victim of the same Russian-based hacker gang responsible for the SolarWinds onslaught. As some of the details surrounding the cyberattack become known, the bleak disclosures might justifiably cause a sniffled gasp indicating that if Microsoft can be breached, what hope is left for everyone else?
See More Articles in Cybersecurity Section >>
How does the quality of customer service delivered by government compare to that of the private sector?
Government customer service is far superior.
Government customer service is slightly better.
Government and private sector customer service are about the same.
Private sector customer service is slightly better.
Private sector customer service is far superior.