Suspected Iranian cybercriminals target universities for intellectual property

– Suspected Iranian nation-state threat group Cobalt Dickens has launched a new global attack campaign to steal intellectual property, discovered Secureworks Counter Threat Unit (CTU) researchers. ​The group, also known as Silent Librarian, has been using spoofed library services login pages as part of a campaign targeting academics in order to steal intellectual property.

Continue Reading

ECB takes blame for Bird website infection

– A malware infection which caused the shutdown of a European Central Bank (ECB) website should not be blamed on its third-party service provider, according to a spokesperson at the ECB, as the central bank is responsible for its upkeep.

Continue Reading

#HowTo Gain Visibility of Third Parties

– Today, organizations work with third parties for a variety of reasons. External vendors, outsourcers, and contractors play a vital and growing role within an organization, but when given access to an institution’s network and systems, they can be difficult to monitor and manage.

Continue Reading

Is Artificial Intelligence a massive con?

– Have you heard the one about the toothbrush that uses artificial intelligence to tell you to brush harder? Morey Haber of BeyondTrust has and it annoys him intensely. He's seen a company sued because it claimed basic pattern recognition was AI and it just wasn't - and he's had enough.

Continue Reading

Privileged Attack Vectors: Key Defenses

– Attackers crave insider-level access to IT infrastructure, and to get it, they regularly target insiders - and especially anyone with "super user" or admin-level access - to steal their credentials, says Karl Lankford of BeyondTrust.

Continue Reading

The trouble with enterprise IoT and its identity management problem

– The Internet of Things (IoT) encompasses a growing number of connected devices ranging from security cameras to smart thermostats. Many businesses use enterprise-level IoT devices to help workers get things done more efficiently or to assist with meeting facilities management needs. ​But, there's one area where enterprise IoT falls short — identity management ​

Continue Reading