Security News

As in the Coinbase incident, many MFA bypass attacks begin with a phishing attack. Organizations use MFA to protect users against these attacks.

Credit agency warns weak cybersecurity defenses could hurt a company's credit rating, even before an attack. As cyberattacks and data breaches grow bigger and more frequent, companies that don't build strong cybersecurity defenses may feel a direct financial hit even before hackers show up.

Fortinet's partnership with AWS ensures your workloads and applications on AWS are protected by best-in-class security solutions. With simplified security management, full visibility across environments, and broad, comprehensive protection, gain the ultimate flexibility and control you need to build in the cloud.

The global 5G in defense market reached a value of $765.2 million in 2021, and looking forward, the market is set to reach a value of $8,952. The widespread adoption of autonomous defense vehicles and robots in the defense sector is one of the key factors primarily driving the market growth.

The Center for Internet Security Community Defense Model v2.0 can be used to design, prioritize, implement, and improve an enterprise's cybersecurity program. Enterprises naturally want to know how effective the CIS Critical Security Controls are against the most prevalent types of attacks.

Criminal defense law firm Tuckers Solicitors is facing a fine from the UK's data watchdog for failing to properly secure data that included information on case proceedings which was scooped up in a ransomware attack in 2020. Data held on the archive server had not been encrypted, Tuckers admitted to the ICO. This wouldn't have prevented the attack but may have mitigated the risk to data subjects.

Intel this month published an advisory to address a novel Spectre v2 vulnerability in its processors that can be exploited by malware to steal data from memory that should otherwise be off limits. Spectre is one of two closely related chip architecture blunders, details of which emerged in 2018; the other being Meltdown that The Register first highlighted.

Rostec, a Russian state-owned aerospace and defense conglomerate, said its website was taken down today following what it described as a "Cyberattack." Rostec claims the website was brought back online quickly and attributed the attack to Ukrainian "Radicals."

Department of Defense contractors struggling to comply with upcoming cybersecurity regulations under the Cybersecurity Maturity Model Certification can breathe a sigh of relief-the DoD has announced its intent to release CMMC 2.0, with promises to streamline the certification process and ease security regulations for contractors and sub-contractors handling low-priority information. Intended to promote compliance with DoD cybersecurity procedures and give teeth to enforcement, the CMMC program was first announced in 2020 to regulate the control of unclassified information and high-value assets by external contractors.

Cybersecurity researchers have taken the wraps off a previously undocumented and stealthy custom malware called SockDetour that targeted U.S.-based defense contractors with the goal of being used as a secondary implant on compromised Windows hosts. "SockDetour is a backdoor that is designed to remain stealthily on compromised Windows servers so that it can serve as a backup backdoor in case the primary one fails," Palo Alto Networks' Unit 41 threat intelligence said in a report published Thursday.