Cybersecurity News

Cybersecurity News including Analytics, CISO, Cloud Security, Cybercrime, Data Security, DevOps, GRC, IoT, Social Engineering, Threats & Breaches and more.

Asian Dark Web Communities Thrive on Cultural Differences

Asian Dark Web Communities Thrive on Cultural Differences

A new report sheds light on the little-understood dark web markets in Asia, showing how they’re driven by cultural differences and local government policies. Researchers from IntSights Cyber Intelligence have investigated dark web cybercrime websites in Japan, China, South Korea, Indonesia and Vietnam to see how they differ from their ... Read More
5G Networks Security Challenge

Juniper Networks Rises to 5G Networks Security Challenge

Juniper Networks this week took the wraps off an acceleration card for its firewall designed to keep pace with the volume of traffic expect to be generated by 5G networks. Amy James, director of security product marketing for Juniper Networks, said the SPC3 Advanced Security Acceleration card the company is ... Read More
New WPA2 Attack Can Compromise Wireless Networks

New WPA2 Attack Can Compromise Wireless Networks

Researchers have found a new and easier way of attacking wireless networks protected by the WPA2 security standard that could work against certain routers with roaming enabled. The new technique was discovered by Jens Steube, the lead developer of the Hashcat password-cracking tool, while he was investigating the new WPA3 ... Read More
Stealing Infrastructure Cryptomining Attacks

170K+ MikroTik Routers Inject Cryptomining Script

A hacker has managed to compromise more than 170,000 routers made by MikroTik and uses them to inject browser-based cryptomining scripts into legitimate websites visited by users. According to Simon Kenin, a researcher a Trustwave who spotted and investigated the attack, the hacker is breaking into routers by exploiting a ... Read More
Iran-Linked RASPITE Group Targets U.S. Electric Utilities

Iran-Linked RASPITE Group Targets U.S. Electric Utilities

A known threat group believed to be based in Iran is trying to gain access to computer infrastructure belonging to U.S. electric utility organizations. The group, which researchers from industrial control systems (ICS) security firm Dragos track as RASPITE, has been operating since 2017 and has previously targeted organizations from ... Read More
FireEye Infuses Machine Learning

FireEye Infuses Machine Learning into Endpoint Security

FireEye has become the latest provider of IT security technologies to incorporate machine learning algorithms into their portfolio. Unveiled this week, MalwareGuard adds a machine learning-based detection and prevention engine to FireEye Endpoint Security solution to make it possible to respond immediately to zero-day attacks, said Phil Montgomery, vice president ... Read More
Supreme Court Ruling Changes

U.S. Charges 3 Members of the Notorious FIN7 Cybercriminal Group

The U.S. Department of Justice announced charges against three leading members of a cybercriminal group called FIN7 that hacked into more than 100 U.S. businesses. The three men are Ukrainian nationals and are already in custody. FIN7, also known as Carbanak, is a group that has been operating since 2015 ... Read More
Highly Targeted Ransomware SamSam Earned Its Creator $6 Million

Highly Targeted Ransomware SamSam Earned Its Creator $6 Million

A ransomware threat called SamSam that’s known for crippling IT systems in hospitals, schools and government organizations has made many more victims than previously believed. Security researchers from Sophos worked with cryptocurrency tracking firm Neutrino to follow ransom payments associated with SamSam and found that they totaled nearly $6 million, ... Read More
Imperva Acquires RASP Provider

Imperva Acquires RASP Provider to Advance DevSecOps

Imperva revealed it plans to more closely align application and data security after acquiring Prevoty, provider of runtime application self-protection (RASP) software designed to be embedded in an application. The all-cash transaction, expected to close in the third quarter of this year, is valued at $140 million. Eldad Chai, vice ... Read More
Safeguard Email Compromised Attacks

Researchers Uncover Massive Malvertising Operation

While analyzing recent drive-by download attacks, security researchers have uncovered a large malvertising operation that infiltrated the legitimate online ad ecosystem and abuses more than 10,000 compromised websites. Malicious advertising, or malvertising, is the practice of displaying rogue ads on legitimate websites without their owners’ consent or knowledge. This has ... Read More