Androxgh0st botnet integrates Mozi payloads to target IoT devices
Androxgh0st, a botnet known to steal cloud credentials and exploit vulnerabilities in web frameworks and servers, is now also targeting IoT devices such as home routers, security firm CloudSEK said in...
View ArticleClik here to view.
Authentifizierungslösungen: 10 Passwordless-Optionen für Unternehmen
Um Passwörter hinter sich zu lassen, gibt es bessere Lösungen. Wir zeigen Ihnen zehn. Foto: Raffi Ilham Pratama – shutterstock.comPasswörter sind seit Jahrzehnten der Authentifizierungsstandard für...
View ArticleUAB CIO Gonçal Badenes on ransomware lessons learned
“Although it happened two and a half years ago, it still generates anxiety and restlessness to remember it,” is how Gonçal Badenes, CIO of the Universitat Autònoma de Barcelona (UAB), feels about the...
View Article7 reasons security breach sources remain unknown
One-third of companies still don’t know what caused their data security incidents over the past year, and three-quarters say it’s becoming more complex to understand their security tech stack — two...
View ArticleClik here to view.
Schadenersatz nach Datendiebstahl bei Facebook?
Begründet der Verlust der Kontrolle über Daten einen immateriellen Schaden und wie dieser zu bemessen?TY Lim – Shutterstock.com Nach einem Datendiebstahl bei Facebook will der Bundesgerichtshof (BGH)...
View ArticleBlackBerry Cylance customers should ‘explore options’ now that its immediate...
At last month’s SecTor cybersecurity conference in Toronto, BlackBerry’s booth highlighted its Cylance endpoint detection and response (EDR) product, featuring the new Cylance-based managed EDR...
View ArticleClik here to view.
So verhindern Sie KI-gestützte Datenvorfälle
Teerachai Jampanak – Shutterstock.com Es ist der Alptraum jedes Unternehmens: Ein Wettbewerber spricht mit gezielten Kampagnen die eigenen Kunden an. Und zwar so präzise, dass dies kein Zufall sein...
View ArticleCISA’s VDP is going gangbusters but could still be improved
CISA’s vulnerability disclosure policy (VDP) platform grew to encompass 51 US government agencies and 12,000 bug reports in its first two years. Experts say increased bug bounties, the consolidation...
View Article13 essential enterprise security tools — and 10 nice-to-haves
As CISOs grapple with a plethora of changing threats daily, the quality of security tools in their kit takes on more importance. The breadth of tools available for securing the enterprise today is...
View ArticleClik here to view.
Hackerangriff auf Berufsförderungswerk Oberhausen
Das Berufsförderungswerk Oberhausen ist Opfer einer Cyberattacke. Auszubildende können derzeit nicht an ihren Rechnern arbeiten.Juice Verve – Shutterstock.com Nach der Cyberattacke auf mehrere Schulen...
View ArticleClik here to view.
9 unverzichtbare Open Source Security Tools
Diese Open-Source-Tools adressieren spezifische Security-Probleme – mit minimalem Footprint. Foto: N Universe | shutterstock.comCybersicherheitsexperten verlassen sich in diversen Bereichen auf...
View ArticleThe CISO paradox: With great responsibility comes little or no power
The title of chief information security officer suggests that the position would come with a level of authority like that enjoyed by other “chief” officers such as the CEO or CFO – in this case,...
View ArticleClik here to view.
BSI-Lagebericht: Hacker werden immer professioneller und aggressiver
Das Böse ist immer und überall, sang schon die EAV – das gilt insbesondere auch für den Cyberraum.your – Shutterstock.com Die Zahl der Schadprogrammvarianten explodiert und die Cyberkriminellen...
View ArticleVolt Typhoon returns with fresh botnet attacks on critical US infrastructure
Volt Typhoon, a China-linked cyber-espionage group, has renewed its assault on US infrastructure through an advanced botnet operation, exploiting outdated Cisco and Netgear routers to breach critical...
View ArticleClik here to view.
Amazon bestätigt Datenklau
Amazon ist von einem Datenleck betroffen. Hintergrund ist eine Sicherheitslücke bei einem Drittanbieter. bluestork – Shutterstock.com Anfang November meldete ein Cyberkrimineller unter dem Namen...
View ArticleNovember 2024 Patch Tuesday patches four zero days and three critical flaws
After hitting users with five zero-day vulnerabilities in October, November’s Patch Tuesday update has followed up with another four from a total haul of 89 CVEs. In terms of priorities, admins will...
View ArticleNIST publishes timeline for quantum-resistant cryptography, but enterprises...
The US National Institute of Standards and Technology (NIST) on Tuesday published its timetables for moving government agencies off current types of encryption onto what they hope will be...
View ArticleCitrix admins advised to install hotfixes to block vulnerabilities
CISOs with Citrix Virtual Apps and Desktop in their environments should patch two holes that could give an authenticated hacker the ability to escalate privileges and run remote code. This warning...
View ArticleHow to defend Microsoft networks from adversary-in-the-middle attacks
An office worker received an email that appeared to be from a vendor but was caught in quarantine and the user requested its release. It looked innocent enough, so an administrator released the email....
View ArticleUS says China conducted massive espionage through breached telcos
Multiple US telecommunications companies were hacked into by a People’s Republic of China (PRC)-backed threat actor to carry out a full-blown cyber-espionage attack, according to a joint FBI and CISA...
View Article