Security News

Indian IT shops have been handed another extraordinarily short deadline within which to perform significant infosec work. MII boards must sign off on lists of critical systems.

A favorite of cybercriminals and nation states, ransomware incidents increase again. The use of ransomware to extort money increased 13% in 2021 compared to 2020, according to the Verizon 2022 Data Breach Investigations Report, now in its 15th year.

The 2022 SaaS Security Survey Report, in collaboration with CSA, examines the state of SaaS security as seen in the eyes of CISOs and security professionals in today's enterprises. The report gathers anonymous responses from 340 CSA members to examine not only the growing risks in SaaS security but also how different organizations are currently working to secure themselves.

The RTB industry was worth more than $117 billion last year, the ICCL report said. Information shared with advertisers can include nearly anything that would help them better target ads, and those advertisers bid on the ad space based on the information the ad network provides.

According to a Splashtop's report, that has come at a cost as 65% of IT help desk teams throughout the U.S are reporting an increase in the number of team members reporting unsustainable levels of stress. "With many employees working remotely on a regular basis, IT and help desk staff face higher ticket volumes, more diverse set of devices to support, and greater security challenges," said Philip Sheu, CTO at Splashtop.

According to Kaspersky in a new report, cybercriminals continue to use ransomware to threaten nationwide retailers and enterprises, as old malware variants come back while new ones develop. A careful technological and geopolitical analysis from late 2021 and 2022 brings Kaspersky to list a few new trends in ransomware.

Are you aware of fake clickjacking bug bounty reports? If not, you should be. How to identify a fake clickjacking bug bounty report?

The Iran-linked Cobalt Mirage crew is running attacks against America for both financial gain and for cyber-espionage purposes, according to Secureworks' threat intelligence team. For the espionage strikes, Cobalt Mirage pulls off targeted intrusions to gain access and collect intelligence, though the snoops appear to be experimenting with ransomware here as well, the threat hunters wrote.

India's computer and emergency response team, CERT-In, on Thursday published new guidelines that require service providers, intermediaries, data centers, and government entities to compulsorily report cybersecurity incidents, including data breaches, within six hours. "Any service provider, intermediary, data center, body corporate and Government organization shall mandatorily report cyber incidents to CERT-In within six hours of noticing such incidents or being brought to notice about such incidents," the government said in a release.

Early in April 2022, news broke that various users of Microsoft's GitHub platform had suffered unauthorised access to their private source code. GitHub, if you've never used it, is a cloud-based source code control system, best known for hosting the public repositories of many open source software projects.