Threats

Carnegie researchers seek urgent action to combat financial cyberthreats

Fintech business development and digital transformation in banking is creating opportunities for malicious actors to attack vulnerable systems.

By David Jones • Nov. 20, 2020

Why does industry say there are air gaps between IT and OT?

Not only is OT connected to the internet now, cyberattacks can trickle through IT environments.

By Samantha Ann Schwartz • Nov. 16, 2020

Ransomware latches onto fake ads for Microsoft Teams updates

When a victim clicked on a corrupt link, a PowerShell script was executed via a payloader. To disguise the malicious activity, a "legitimate copy" of Microsoft Teams was also installed.

By Samantha Ann Schwartz • Nov. 12, 2020

How companies are meeting the challenge of a changing cyberthreat landscape

Security teams don't have as much access to remote work devices, which obscures network visibility. Cybercriminals capitalized on the opportunity.

By Sue Poremba • Nov. 11, 2020

US election cybersecurity ushers in public, private sector coordination next steps

A quiet Election Day highlights what's possible in cybersecurity deterrence, Sen. Angus King said. 

By Samantha Ann Schwartz • Nov. 09, 2020

Ryuk is challenging traditional 'find a flaw, fix a flaw' strategy

There is no universal solution for ransomware prevention, and even simulated phishing campaigns for employee awareness and deterrence fall short.

By Samantha Ann Schwartz • Nov. 04, 2020

Most organizations don't have an election cyber war room. They don't need one

The latest technological developments are almost irrelevant if security is absent from company culture. It's a matter of reminding organizations of their security hygiene.

By Samantha Ann Schwartz • Nov. 03, 2020

Parked domains are simple but effective distributors of phishing, malware

At least 60,000 parked domains transitioned to "malicious" since March, Palo Alto Networks' Unit 42 found. 

By Samantha Ann Schwartz • Nov. 02, 2020

Maze operators to close shop, report says

It's unknown if the operators will release decryption keys like other retired ransomware, reports Bleeping Computer.

By Samantha Ann Schwartz • Oct. 30, 2020

5 cybersecurity and threat trends CISOs must watch

Attacks are all but guaranteed, threats are evolving and a digital realm is targeting the physical. What's keeping CISOs up at night? Everything. 

By Naomi Eide • Oct. 26, 2020

Transit agencies 'ill prepared' for cyberattack: survey

Only 60% of agencies have a cybersecurity plan in place and 43% say their plan is insufficient, according to the Mineta Transportation Institute.

By Chris Teale • Oct. 13, 2020

'Rogue' employees caused Shopify's data breach. What makes an insider a threat?

Coinciding crises are contributing to "a perfect storm for malicious insiders," Forrester's Joseph Blankenship says.

By Samantha Ann Schwartz • Sept. 24, 2020

Passwords for everything. Why are they still terrible?

Passwords are the cockroaches of cybersecurity, yet the methods for managing them don't have to live forever.

By Samantha Ann Schwartz • July 24, 2020

Everyone is struggling with cloud security

WIth rising complexity, 96% of organizations are concerned about their cloud security, a Sophos report found. Misconfigurations are at the heart of the trouble.

By Samantha Ann Schwartz • July 10, 2020

4 myths cybersecurity experts want busted

No, malware cannot spread from devices sitting next to each other.

By Samantha Ann Schwartz • May 19, 2020