The WannaCry and NotPetya ransomware epidemics demonstrated how quickly malware can spread across the globe and cripple businesses. Their impact extended beyond traditional IT infrastructure into operational systems used to control industrial, manufacturing, and critical infrastructures. The scale of these incidents is forcing organizations to consider the financial impact and business exposure associated with cyber [...]
Cloud computing continues to transform the way organizations use, store, and share data, applications, and workloads. It has also introduced a host of new security threats and challenges. With so much data going into the cloud—and into public cloud services in particular—these resources become natural targets for bad actors. Contrary to what many might think, [...]
Common threats like adware and spyware have a new tricky classmate called “cryptojacking”. Cryptojacking secretly uses your system or laptop or mobile device to mine cryptocurrency when you visit an infected site. Malicious miners aren’t new in themselves, but cryptojacking has exploded in popularity over the past few weeks, because it offers a clever twist. [...]
Attackers have an over-growing list of vulnerabilities to exploit in order to maliciously gain access to your web applications, networks and servers. Whether you’re a novice WordPress user or a sophisticated hosting service, if truly determined then an attacker will find any vulnerability you’ve failed to patch and use it to their advantage. New vulnerabilities [...]
In a world where seconds matter, the right endpoint solution can be the difference between a successful patch management strategy and one that leaves your organization at risk. Hackers are racing to exploit vulnerable computer systems before software vendors publish patches and you can apply them. When hackers win the race, you lose productivity and [...]
Security staff put a lot of emphasis on advanced persistent threats, or APTs, and rightly so. They are extremely difficult to defend against if a hacker is specifically targeting an organization. But with everyone's focus on APTs, we may be missing a different type of attack vector: advanced persistent infrastructure. The evolution of the Apache [...]
A new nonprofit has launched a free Domain Name System (DNS) service that filters malicious domains linked to botnets, phishing campaigns, and other malicious activity. The new Quad9 DNS service built by IBM Security, Packet Clearing House, and the Global Cyber Alliance, is aimed at consumers and small- to midsized businesses, and doesn't share or [...]
More security vulnerabilities will appear in the software of Adobe and Apple than in Microsoft's, more attacks on the Internet's infrastructure will occur, and cybersecurity events will stoke international tensions. Users of Apple desktops and laptops for years have been relatively insulated from the kinds of malicious activity that has besieged those in the Windows [...]