Cyber criminals launched an online scam designed to trick U.K.-based retail stores' Marks and Spencer (M&S) customers into handing over confidential data by by impersonating the retailer’s CEO Steve Rowe in fraudulent, impersonated ads on Facebook.
Rapid 7 has disclosed a set of address bar spoofing vulnerabilities that affect a number of mobile browsers, ranging from the more common browsers, like Apple Safari and Opera Touch, to the less common, like Bolt Browser and RITS Browser. The announcement is a coordinated vulnerability disclosure publication with security researcher, Rafay Baloch.
Attacks within digital communications channels (like Slack, TEAMS, Twitter, Facebook, LinkedIn) have grown more targeted, more social engineering-focused, and the payloads have become "softer,” and the risks are not in files and links/IP's alone anymore. Instead, recent attacks are laser-targeted and evade traditional detection by focusing on human connections. To find out more about these “soft attacks,” we talk to Otavio Freire, CTO, President & Co-Founder SafeGuard Cyber.
The National Security Agency (NSA) has released a cybersecurity advisory on Chinese state-sponsored malicious cyber activity. This advisory provides 25 Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.
Financial services institutions and banks around the globe face monumental challenges as they look to streamline service delivery for customer transactions, manage multi-party loan processes, collaborate on industry benchmarks and indices, and eliminate fraud and cybercrime. Historically the market has primarily relied upon manual approaches for sharing and managing transaction data. But advances in confidential computing (sometimes called CC or trusted computing), combined with federated machine learning (FML), are helping financial organizations better share data and outcomes, while alleviating many privacy and security concerns.
Artificial intelligence (AI) is now a major priority for government and defense worldwide — one that some countries, such as China and Russia, consider the new global arms race. AI has the potential to support a number of national and international security initiatives, from cybersecurity to logistics and counter-terrorism.
While the concept of Zero Trust was created 10 years ago, the events of 2020 have thrust it to the top of enterprise security agendas. How should organizations go about applying the Zero Trust blueprint to address their new and complex network reality? These five steps represent the most logical way to achieve Zero-Trust networking.
The U.S. Department of Justice (DOJ) has charged six computer hackers, all of whom were residents and nationals of the Russian Federation (Russia) and officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces. The group is believed to be part of one of Russia's most elite and secretive hacking groups, known as Sandworm.
The restaurant group that owns more than 80 locations was dealing outdated legacy hardware and changing regulations, which posed a challenge for a 45-year-old company like Thrive. Unreliable CCTV equipment left the restaurants vulnerable to security risks. Constantly evolving PCI-compliance rules meant the company had to devote hours of his limited bandwidth to keeping up with the latest changes and updates so Thrive could avoid major penalties and security threats.