A quick review of some of the most destructive cyberattacks and data breaches over the past few years show just how much damage unpatched vulnerabilities can inflict on an organization.
While still in development, cloud solutions are beginning to address their customers' needs for improving online security, complying with regulations, scaling up operations, and exploring new business opportunities.
The total amount cybercriminals attempted to steal via business email compromise (BEC) scams rose to an alarming average of US$301 million per month — a substantial increase from the US$110 million monthly average that was tracked in 2016.
The GandCrab gang might be back to their old tricks. Various security researchers reported that the group might be responsible for releasing a more advanced ransomware variant called Sodinokibi.
New mobile malware Agent Smith targets Android devices to install malicious versions of popular apps. The malware displays fraudulent ads for the attackers' financial gain but can be further used for bigger attacks. Google has removed the malicious apps.
A newly uncovered ransomware family was found targeting QNAP network-attached storage (NAS) devices. Named eCh0raix, the malware was reportedly designed for targeted ransomware attacks.
Two vulnerabilities, assigned CVE-2019-9629 and CVE-2019-9630, were uncovered in Sonatype’s Nexus Repository Manager (NXRM) — an open-source governance platform used by DevOps professionals.
In a new phishing campaign, audio recordings purportedly shared via OneNote were used as a lure to lead email recipients to a fake Microsoft login page that steals user account credentials.