Cyber-crime group TA505 leverages 'Remote Manipulator system', a legitimate RAT, to target major retailers & financial organisations in the US, Chile, India, Italy, Malawi, Pakistan, & South Korea.
CISOs are turning to drink, drugs & meditation to overcome the inevitability of breaches in the face of inadequate human or financial resources to defend their organisations; as 1 in 5 are available 24/7.
The ICO fined pregnancy and parenting club Bounty UK £400,000 for illegally sharing personal data of more than 14 million people with third parties for the purpose of electronic direct marketing.
CISOs are delaying the adoption of important security updates and patches to ensure uninterrupted business growth iwith a quarter certain their organisations aren't compliant with data security legislation.
Spyware distribution campaign involves developers abusing Apple's Developer Enterprise programme to circumvent the Apple App Store and promote surveillance software to iOS users via phishing websites.
London-based Nigerian spear-phishing cyber-criminals London Blue have started spoofing e-mail addresses of CEOs of target companies to make its BEC emails appear more legitimate and persuasive.
Facebook reverses policy of asking for passwords as Zuckerberg advocates more countries adopt GDPR-like regulation as a common framework to protect users' rights & choose how their information is used.
A critical infrastructure component driving a range of motor and software controls in industrial applications such as conveyors, fans, pumps, and mixers was recently found containing a critical vulnerability.
Update:Critical flaw in Magento e-commerce platform exposes 300,000 e-commerce sites to SQL injection
Critical security vulnerabilities in Magento's commercial and open source platforms have left over 300,000 e-commerce websites exposed to remote code execution, SQL injection and cross-site scripting.
Organisations to believe that their internal networks are safe from browser-based threats because of the separation of local networks from the public Internet - but attackers can leverage network loopholes.