Two separate attacks on banks in the United States and Pakistan revealed this week highlight once again the inherent weakness of a security practice that relies on passwords or knowledge-based credentials to protect critical information.
Questions are being raised about whether remote-access and testing tools from a mysterious company called Breaking Security are made and sold by cyber criminals, after the tools have been widely adopted as a turnkey solution for setting up and running botnets, according to Cisco Talos.
The Olympic Destroyer malware behind an attack on the 2018 Winter Olympic Games in Seoul resurfaced with new targets in its sites: financial organizations and biological and chemical threat prevention laboratories, according to new research from Kaspersky Lab.
In this industry perspective, Thomas Hofmann of Flashpoint says that sensational coverage of advanced persistent threat (APT) actors does little to help small and mid sized firms defend their IT environments from more common threats like cyber criminals. The key to getting cyber defense right is understanding the risks to your firm and prioritizing investments to protect critical IT assets.
The Department of Homeland Security and the FBI on Thursday warned that the so-called “Dragonfly” hackers linked to the government of Russia are engaged in a “multi-stage intrusion campaign” against U.S. critical infrastructure, including the energy, nuclear, aviation and manufacturing sectors.