Cybersecurity

Sponsored
by

Cybersecurity / News Briefs

Microsoft Takes Legal Action Against North Korean Cybercrime Group, Takes Down 50 Domains

Microsoft has taken control of 50 domains used by a North Korean cybercrime group dubbed "Thallium" to steal information from users, including government employees, think tanks, university staff members, and those working on nuclear proliferation issues. more

U.N. Approves Resolution to Combat Cybercrime Despite Opposition From E.U., the U.S. and Others

The U.N. General Assembly has approved a resolution to start the process of drafting a new international treaty against cybercrime despite objections from the European Union, the United States and other countries. The Russian-drafted resolution received approval from a 193-member world body with a vote of 79-60 and 33 abstentions. more

Microsoft Announces Plans to Adopt DoH in Windows

Microsoft announced today its plans to adopt DNS over HTTPS (DoH) protocol in Windows and will also keep other options such as DNS over TLS (DoT) on the table for consideration. more

Cybersecurity Workforce Needs to Grow 145% to Close Skills Gap Worldwide, Says New Study

The cybersecurity workforce needs to grow by 145% to close the skills gap and better defend organizations worldwide according to a report released by (ISC)², a nonprofit membership association of certified cybersecurity professionals. more

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

A group of leading domain name registries and registrars have joined forces in the fight against abuse in the Domain Name System (DNS), by developing a "Framework to Address Abuse." Each contributing company has shared its expertise and experience mitigating abusive practices with the goal of submitting the resulting Framework as a foundational document for further discussion in the multistakeholder community.  more

EU Member States Release Report on Coordinated Risk Assessment on Cybersecurity in 5G Networks

European Union Member States published a report on the 'EU coordinated risk assessment on cybersecurity in Fifth Generation (5G) networks'. The report is based on the results of the national cybersecurity risk assessments by all EU Member States. It identifies the main threats and threats actors, the most sensitive assets, the main vulnerabilities, and several strategic risks. more

More Than 500 Schools in the U.S. Hit by Ransomware in 2019, Says Report

A recent report published by the cybersecurity firm Armor says ransomware infections have hit over 500 US schools in 2019 to date. Armor warns the rate of attack seems to be picking up with 15 new ransomware victims in the last two weeks, all of them educational institutions. more

27 Countries Issue Joint Statement on 'Advancing Responsible State Behavior in Cyberspace'

The joint statement was released on Monday at the United Nations ahead of the UN General Assembly's General Debate calling on all states to support the evolving framework and to join in ensuring "greater accountability and stability in cyberspace." more

Cyber Risk Now on Top of Corporate Risk Agendas, Cyber Insurance Expanding

Results from the 2019 Marsh-Microsoft Global Cyber Risk Perception survey indicates several encouraging signs of improvement in the way organizations view and manage cyber risk. more

The Insecurity of the IoT is Only Getting More Profound, Says Principal Researcher at F-Secure

"Three years after Mirai first appeared, and two years after WannaCry, it shows that we still haven't solved the problems leveraged in those outbreaks," said F-Secure Principal Researcher Jarno Niemela. more

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

A new report published by the insurance giant, AIG, claims phishing attacks via email, often targeted at senior executives, has overtaken ransomware. more

There's a Full-On War for Cybersecurity Talent, CEOs Forking Millions to Fill Roles

With companies realizing the threat of hefty fines, lawsuits, and executive resignations that can follow security breaches, companies are scrambling to scoop up scarce security experts. more

Close to 200K Phishing Domains Discovered in a 5-Month Span, 66% Targetted Consumers, Akamai Reports

Between December 2, 2018 and May 4, 2019, 197,524 phishing domains were discovered, 66% of which directly targeted consumers according to the latest State of the Internet report by Akamai. more

A Seattle Woman Charged With Capital One Data Theft Affecting 106 Million People

Major US bank Capital One Financial Corporation confirmed Monday evening that unauthorized access was made by an outside individual who obtained "certain types of personal information" on credit card products and Capital One credit card customers. more

A 60% Rise Reported on Malware Designed to Harvest Consumers' Digital Data, aka Password Stealers

A significant rise has been detected in the use of malware aimed at harvesting consumer data, known as password stealers. more

Industry Updates

How Domain Reputation API Can Help Detect HTTPS-Protected Phishing Sites

Reverse Domain Hijacking and the Use of WHOIS and Domain Brand Monitoring Tools

DNS Hijacking: The Iranian Cybersecurity Threat That May Be Overlooked

Addressing Cybersquatting Dangers Using Brand Alert API and WHOIS Lookup

Retrospective: Post-GDPR Compliance Rates for Domain Enforcement

Fake Airline Ticket Scams: Domain Spoofing and Other Red Flags

Reverse Domain Name Hijacking: What It Is and How to Avoid It through a Domain Availability Check

The Need for Email Address Verification in Light of Subpoena-Themed Phishing Attacks

Mobile Apps Take the Lead, Scammers Follow

The High Cost Of Privacy In A Post-GDPR World

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations

The Louisiana State Ransomware Attack: Enhancing Cyberdefense with Reverse IP Address Lookup

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?