Search

Brace yourself, 2022 promises to bring expanded cyber confrontations as ransomware attacks gain the high ground. A dangerous increase in ransomware attacks last year caused devastating compromises to government organizations, critical infrastructure, and businesses. Much of the increase resulted fro...

Cybercriminals in 2022 will move from identity theft to identity fraud, predicted the Identity Theft Resource Center. Bad actors are accumulating personal identifying information, but they're not using it to target consumers as much as they used to do. Rather, they're using it in credential attacks ...

This nasty software bug has much of the IT world in a panic as it follows us into the New Year. No doubt, many organizations and SMBs with no IT staff are clueless about its existence. But ignorance of Log4j only makes them more susceptible to an attack. They remain defenseless.

The Finland-based security consultancy discovered vulnerabilities affecting over 150 different HP multifunction printer products. Attackers can exploit the flaws to seize control of devices, steal information, and further infiltrate networks to inflict other types of damage, according to F-Secure's ...

The year 2020 forever changed the way we work and perform routine tasks. With the emergence of the deadly coronavirus and the resultant adoption of social distancing, even as the virus approaches its second anniversary, the concept of digital, contactless payments remains prevalent. These payments c...

Over the last year, ethical hackers have prevented more than US$27 billion in cybercrime, according to a report by a leading bug bounty platform. In its annual Inside the Mind of a Hacker report, Bugcrowd maintained that ethical hackers working on its platform were able to prevent those cybercrime l...

Today LinuxInsider introduces a bimonthly news column to summarize some of the Linux and open-source consumer and enterprise events scattered around the Linux Sphere. Look forward to an assortment of topics that will keep Linux users and open-source supporters up to speed with new developments.

Shadow code -- third-party scripts and libraries often added to web applications without security validation -- pose risks to websites and jeopardize compliance with privacy regulations, according to new research conducted by Osterman Research for PerimeterX. Third-party code leaves organizations vu...

People are freaking out about reports of NSO Group's Pegasus surveillance tool being used to spy on journalists, political dissidents, and other opponents of regimes worldwide. It's disheartening, and worth discussing. But why are we shocked? In Pegasus' case, the game theory is clear: some company ...

Hackers aren't the only ones evading security measures of many organizations. So are their remote workers. In a new report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizati...

Bitdefender security researchers have uncovered a Romanian-based threat group active since at least last year targeting Linux-based machines with weak Secure Shell Protocol (SSH) credentials. The researchers discovered the group was deploying Monero mining malware used to steal cryptocurrency.

Microsoft recently disclosed that it too was no doubt a victim of the same Russian-based hacker gang responsible for the SolarWinds onslaught. As some of the details surrounding the cyberattack become known, the bleak disclosures might justifiably cause a sniffled gasp indicating that if Microsoft c...

Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader ...

That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at le...

Google is now paying developers more money to work on securing their Linux kernels this year. The gesture may well be the start of the company's bid to enforce a tighter grip on open source. Google's action comes on the heels of rising threats to Linux that unfolded in the last year, as hackers pivo...

Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be...

Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However...

In a recent Linux Foundation blog post titled "Preventing Supply Chain Attacks like SolarWinds," the foundation's Director of Open Source Supply Chain Security, David A. Wheeler, adamantly pushed the need for software developers to embrace the LF's security recommendations. Given the magnitude of th...

Cyberattacks are increasing in frequency, ramping up the data privacy threats they pose to government agencies and businesses alike. Governments both domestic and foreign need to step up efforts to pass legislation that bolsters technological defenses this year, warn privacy groups. Stiffer privacy ...

A new coalition is building a low-cost solution to save lives in earthquake-threatened regions, rather than garnishing a profit from a new early-warning system. OpenEEW is an open-source IoT project with the goal to save lives by reducing the cost of earthquake early-warning systems and accelerating...