Security News > 2021 > September

The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets. According to a Kaspersky analysis of its telemetry from honeypots shared with Threatpost, the firm detected more than 1.5 billion IoT attacks - up from 639 million during the previous half year, which is more than twice the volume.

Another article on the privacy risks of static MAC addresses and always-on Bluetooth connections. Several of the headphones which could be tracked over time are for sale in electronics stores, but according to two of the manufacturers NRK have spoken to, these models are being phased out.

So let's say the worst happens - and you discover data ain't your data any more. Thieves attacking your servers in search of credit card and other valuable data want to stay covert for as long as possible, but when they find they can't call home, they will go for the second bite and start encrypting your data.

Ransomware gangs increasingly purchase access to a victim's network on dark web marketplaces and from other threat actors. When conducting a cyberattack, ransomware gangs must first gain access to a corporate network to deploy their ransomware.

With COVID-19 variants on the rise, widespread remote work may be sticking around longer than IT leaders would like, which comes with a heightened risk for cyberattacks that could expose customer data, steal company information, or take control of internal operations. Three out of four "Common" data security breaches are caused by privilege misuse - when employees have unrestricted access to a system even when it's not needed to do their job.

In this interview with Help Net Security, Baha Zeidan, CEO at Azalea Health, talks about how rural hospitals have been affected by the pandemic and what steps they should take to boost their cybersecurity posture. How has the pandemic affected rural hospitals in particular and what could the long-term repercussions be?

Organizations struggle to identify the warning signs of insider threats, according to a report by the Ponemon Institute. "The vast majority of security threats follow a pattern or sequence of activity leading up to an attack, and insider threats are no exception," said Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute.

Lacework released its cloud threat report, unveiling the new techniques and avenues cybercriminals are infiltrating to profit from businesses. The rapid shift of applications and infrastructure to the cloud creates gaps in the security posture of organizations everywhere.

The number of ransomware attacks analysed by the team has increased by 288% between January-March 2021 and April-June 2021, with organizations continuing to face waves of digital extortion in the form of targeted ransomware. 22% of ransomware data leaks analysed between April and June were attributed to Conti ransomware, which often uses email phishing to remote into a network via an employee's device.

Networking, storage and security solutions provider Netgear on Friday issued patches to address three security vulnerabilities affecting its smart switches that could be abused by an adversary to gain full control of a vulnerable device. The flaws, which were discovered and reported to Netgear by Google security engineer Gynvael Coldwind, impact the following models -.