Lookout, Inc. announced the discovery of two novel Android surveillanceware, Hornbill and SunBird. The Lookout Threat Intelligence team believes these campaigns are connected to the Confucius APT, a well-known pro-India state-sponsored advanced persistent threat group. Hornbill and SunBird have sophisticated capabilities to exfiltrate SMS message content, encrypted messaging app content, geolocation, contact information, call logs, as well as file and directory listings. The surveillanceware targets personnel linked to Pakistan’s military and nuclear authorities and Indian election officials in Kashmir.
As 5G technology continues to be rolled out worldwide—providing latency of a mere 1 millisecond—it is critical that information security professionals become familiar with 5G system architecture and security architecture, as well as the risks that come with implementing new cellular technologies. ISACA’s new white paper, 5G Security: Addressing Risk and Threats of Mobile Network Technologies, explores these topics, and compares 5G technology with 4G and previous generation cellular technologies.
COVID-19 wasn’t the only thing to sweep the globe in 2020 — the year also brought a wave of privacy legislation. Major players, including Brazil, Canada and China, all introduced privacy legislation that closely aligns with the EU General Data Protection Regulation. And in the U.S., California debuted the highly anticipated California Consumer Privacy Act (CCPA) and quickly followed up by approving the California Privacy Rights Act of 2020 (CPRA), which modifies the existing CCPA obligations and introduces new ones. So, what’s in store for 2021?
Your next home will be connected in creepy ways. It will take a while, but eventually every machine and device in your house will talk to everything else, and Consumer Electronic Show (CES)-born inspiration will be at their roots. From e-toothbrushes to connected e-toilets that can detect a health issue (Really!), the items in your home will be controlled via the internet and will be everywhere. But what does that mean for security?
In a recent State of DDoS Weapons Report for H2 2020, which covers the second half of 2020, researchers saw an increase of over 12% in the number of potential distributed denial of service weapons available on the internet, with a total of approximately 12.5 million weapons detected. So how can organizations defend against this common and highly damaging type of attack?
The Cybersecurity and Infrastructure Security Agency (CISA) and CYBER.ORG jointly announce a cyber safety video series to help those learning or working online take proactive steps to protect themselves and their business. CYBER.ORG is a cybersecurity workforce development organization that targets K-12 students with cyber career awareness, curricular resources, and teacher professional development.
Organizations invest more than $3 billion annually on SIEM software and expect this investment to result in comprehensive threat coverage. However, an analysis of live SIEM deployments across select CardinalOps customers in multiple industry verticals, including healthcare and financial services, reveals that the threat coverage remains far below what organizations expect and what SIEM and detection tools can provide. Worse, organizations are often unaware of the gap between the theoretical security they assume they have and the actual security they get in practice, creating a false impression of their security posture.
Fraudsters are taking advantage of the pandemic and increasing the threat landscape for governments and enterprises around the world in a wide-reaching fashion.
Fraudsters are taking advantage of the pandemic and increasing the threat landscape for governments and enterprises around the world. Where are the threats coming from and can security leaders expect to see an elevated threat landscape into the future?
Arkose Labs released new data on the latest fraud trends that reveal a massive spike in fraud across all industries from Black Friday onwards. As consumers continue to flock online in droves greater than ever before, credential stuffing, account takeover (ATO) attacks and gift card fraud are poised to be top attack vectors in 2021.
Internet usage in 2020 rose sharply compared to pre-pandemic levels. More online activity also drove more consumer consciousness around what happens to their online data; nearly three-quarters (72%) of Americans say they are "very concerned" to "extremely concerned" about their online privacy, according to a new Startpage study.
RSS
