In addition to its condemnation of China, the White House announced that the U.S. Justice Department has filed charges against four Ministry of State Security hackers allegedly engaged in a multiyear campaign targeting foreign governments and entities in key sectors, including maritime, aviation, defense, education and healthcare in a least a dozen countries.

Ransomware gangs are increasingly turning to specialists to complete their capers on corporations, according to a Dark Net intelligence provider. A report issued by Tel Aviv-based Kela noted that the days when lone wolves conducted cyberattacks from start to finish are nearly extinct, as the one-man show has given way to specialization.

Thousands of hacker attacks were launched on a network of smart home devices designed by researchers to assess the risk the gadgets pose to consumers. During the initial week the "honeypot" network was online, 1,017 unique scans or hacking attempts were directed at the devices on the net, which included smart TVs, printers, wireless security cameras and Wi-Fi kettles.

Microsoft recently disclosed that it too was no doubt a victim of the same Russian-based hacker gang responsible for the SolarWinds onslaught. As some of the details surrounding the cyberattack become known, the bleak disclosures might justifiably cause a sniffled gasp indicating that if Microsoft can be breached, what hope is left for everyone else?

Clients of SolarWinds, which experienced a high-profile data breach last year, are being targeted in a probe by the U.S. Securities and Exchange Commission, according to a Reuters report. "The impact of these large-scale breaches clearly has the potential to destabilize stock prices and the broader stock market, so it makes sense that the SEC would pursue such a line of inquiry," said Oliver Tavakoli, CTO of Vectra AI.

That old adage about crime never pays could not be more false, at least when it comes to modern-day cybercriminals. For those bad actors using ransomware as their weapon, crime is paying more than ever. A new report by the eSentire security research team found that six ransomware gangs claimed at least 290 new victims fo far this year. The combined spoils tallied potentially $45 million for the hackers.

IT experts at the hacked Colonial Pipeline did a good job in mitigating the May 7 cyberattack and successfully stopped it when discovered by shutting down the network. But the attack was mostly invisible in the weeks-long initial stages, according to a briefing NTT Security executives conducted Tuesday.

Cybercriminals are deliberately targeting phones, tablets, and Chromebooks to increase their odds of finding a vulnerable entry point. The Financial Services Threat Report from Lookout disclosed that 20 percent of mobile banking customers had a trojanized app on their devices when trying to sign into their personal mobile banking account.

The 2021 edition of Proofpoint's Voice of the CISO report -- based on a survey of more than 1,400 CISOs in 14 countries -- found 66 percent of the executives acknowledged their organizations were unprepared to handle a targeted cyberattack this year. In addition, more than half the CISOs admitted they are more concerned about the repercussions from a cyberattack this year than they were in 2020.

As cryptocurrency values continue to rise, cryptojacking becomes more attractive to cybercriminals. Now, a powerful hardware-based threat detection technology is being integrated into a Microsoft enterprise security product to help protect businesses from cryptojacking malware. The action integrates Intel Threat Detection Technology with Microsoft Defender for Endpoint.

A recent study from Consumer Reports' Digital Lab reveals that 96 percent of Americans agree that more should be done to protect consumer privacy. But don't expect to see a whole new alternative Internet emerging any year soon. Instead, you will see a focus on software offerings built around privacy and security rather than hardware.

A set of flaws in a widely used network communication protocol that could affect millions of devices has been revealed by Forescout Research Labs and JSOF Research. The nine vulnerabilities discovered by security researchers dramatically increase the attack surface of at least 100 million Internet of Things devices, exposing them to potential attacks that could take the devices offline or to be hijacked by threat actors.

Jonathan Cran, founder and CEO of Intrigue, a cybersecurity startup based in Austin, Texas, used his company's network security tools to compile a list of Fortune 500 companies still exposed to last month's Microsoft Exchange breach. Potentially, many of those companies may not know their networks are compromised.

Startup information security firm Intrigue has announced a US$2 million seed round led by LiveOak Venture Partners for a new attack service management platform that helps secure enterprise networks. The Intrigue tools scan all public, exposed attack surfaces inside and outside a company. The seed funding will also support the security and developer communities contributing to Intrigue Core.

Businesses fearful their workers may be targeted by fraudsters will want to take a look at the free Tax Scam Awareness Kit offered by Proofpoint. The kit, for both Windows and macOS, includes materials for an employee education campaign about tax fraud, three educational videos, an infographic, answers to frequently asked questions about tax scams, and a tax scam flyer.

A rich cache of data on some 533 million Facebook users was posted to a hacker forum over the weekend and is available to download for practically free. In a statement provided to TechNewsWorld by Facebook, the company said it is confident the posted information is old data that originated from a weakness in its contact importer feature that was discovered and fixed in August 2019.

Cloud cybersecurity -- or a lack of it -- is feeding a frenzy of companies out of the public cloud. A similar concern about managing compliance obligations is keeping organizations from moving to the cloud in general. However, much of the growing concerns over cloud cybersecurity result from experiences with public and private cloud platforms. A trend toward hybrid cloud computing could be an approach to better ensure data security.

Malicious online actors used email as their prime vehicle for delivering malware to their victims in the last quarter of 2020. The HP-Bromium Threat Insights Report found that 88 percent of malware was delivered by email into its targets' inboxes, many times evading measures at email gateways to filter out the infected correspondence.

Microsoft on Monday reported that multiple malicious actors were taking advantage of vulnerabilities in its Exchange software last week to attack systems at organizations that have failed to patch the flaws. The company attributed the attacks "with high confidence" to Hafnium, a group believed to be state-sponsored and operating out of China.

Catastrophic events, like a pandemic, coupled with hasty technological change such as many people forced to work from home immediately, have been a rich environment in the past for phishers, who use deception to infect machines with malware, steal credentials, and invade corporate networks. However, malicious actors achieved only a marginal increase in success in 2020, according to a recent report.

Cybersecurity experts predict that in 2021 there will be a cyberattack incident every 11 seconds. This is nearly twice what it was in 2019, and four times the rate five years ago in 2016. The rapidly growing increase in cyberattacks worldwide comes at a hefty cost for businesses in order to better protect their computer networks from intrusions. Cyberattacks not only are increasing in frequency, but they are costing victims larger financial losses.

A cyber intruder broke into the computer network of the water treatment system of Oldsmar, Fla. and attempted to poison it with lye. News of the attack was made public Monday by officials of Oldsmar, who revealed the attack was foiled by an operator at the facility within minutes of its launch. The Oldsmar plant provides water to businesses and about 15,000 residents.

Cybersecurity firm FireEye, which has been prominent in the fight against nation-state cyberthreats, has been itself attacked by "a highly sophisticated threat actor, one whose discipline, operational security, and techniques," company CEO Kevin Mandia announced Tuesday. This indicates the attack is likely state-sponsored, by a nation "with top-tier offensive capabilities."

There's no question that hackers are getting increasingly ambitious -- the average ransom demand increased from about $29,000 in 2018 to more than $302,000 in 2019. U.S. law doesn't prohibit paying ransom per se; but when victims pay monies to people or organizations who have been sanctioned by the U.S. government...they get into more trouble.

An outlaw online network that's been used to infect millions of computers with ransomware has been disrupted by Microsoft. The company announced Monday that, together with telecommunications providers around the world, it was able to cut off the infrastructure used by the Trickbot botnet so it could no longer be used to initiate new infections or activate ransomware already planted on computer systems.

Earlier this month, a woman with a life-threatening condition passed away after hackers crashed the IT systems of a major hospital in the city of Dusseldorf. Incidents like this raise the question of why corporations do not patch vulnerabilities as soon as software manufacturers issue a fix.

Surely spurred by the work-from-home necessities of 2020, people have connected a multitude of non-business devices to their corporate networks, making it progressively difficult to implement cybersecurity because every device is a potential weak point. So, who will ultimately be responsible for cybersecurity of an IoT network?

Automated purchasing bots, also known as "sneaker bots," "click bots," "Instacart bots" and other names, are ruining the online shopping and gig economy experience for both consumers and workers. These bots can cause considerable damage to a mobile business' reputation and bottom line. There are a number of measures that e-tailers should take a to protect their mobile apps from sneaker bots.

Data breaches were rampant in 2019, occurring at an unprecedented pace. However, the first half of this year has seen a reduction in the number of reported events. Reported being the operative word. In all, more than 15 billion records were exposed in nearly 7,100 data breaches last year. This year however, the number of publicly reported data breaches has decreased.

Software piracy involves much more than businesses and consumers using illegal copies of computer programs. What lurks within the pirated copies is often rogue code -- malware -- that can be just as deadly to computers and users' finances. Software companies are reporting that piracy has increased 20 to 30 percent due to COVID-19.