US fast food restaurant chain Wendy’s announced recently that it has reached a settlement with the thousands of financial institutions impacted by the data breach suffered by the company in 2015 and 2016. Wendy’s discovered the breach in January 2016 after the payment industry noticed fraud patterns on some cards used at its restaurants. While initially it appeared that roughly 300 locations ...

Google Play announced it will continue its crackdown on malicious apps into 2019 by focusing more on user privacy, developer integrity and harmful app contents and behavior. Google said it plans to introduce additional policies for device permissions and user data throughout the year, according to a Feb. 13 blog post. “In addition to identifying and stopping bad apps from entering ...

Aon’s 2019 Cyber Security Risk Report features eight risks that may impact organizations in the next 12 months, no matter where they are on their digital journey. “In 2018 we witnessed that a proactive approach to cyber preparation and planning paid off for the companies that invested in it, and in 2019, we anticipate the need for advanced planning will only further ...

(ISC)² has launched its Professional Development Institute (PDI) to combat the global shortage of skilled and trained cybersecurity professionals. PDI is provided as a free portfolio of course offerings to (ISC)2 members and associates. It will help enhance their skills and abilities by providing access to rich continuing professional education (CPE) opportunities that augment the knowledge they’ve gained throughout their careers. The multi-year strategy ...

Researchers are warning that hackers are exploiting a plug-in vulnerability to infect MSPs and their customers with GandCrab ransomware. The bug, CVE-2017-18362, dates back to 2017, and is found in unpatched versions of the ConnectWise ManagedITSync integration plug-in tool, explains a Feb. 8 blog post by Chris Bisnett, security researcher at Huntress Labs. This plug-in is designed to sync data between the ConnectWise Manage ...

The study conducted by Comparitech judged countries on the basis of malware attacks, cyber-attack preparedness and most up to date cybersecurity-related legislation. India ranked 15th among 60 countries for the worst cybersecurity with over 25% of its phones and 21% of its computers infected with malware. The study conducted by Comparitech judged countries on the basis of malware attacks, cyber-attack preparedness ...

Research study exposed a security flaw existing in temperature control systems manufactured by Resource Data Management. Many popular names that incorporate these control systems include Marks & Spencer, Ocado & Way-on. Resource Data Management (RDM), a Scottish firm engaged in providing remote monitoring solutions, was found to have security loopholes in its temperature control systems (TCS). According to security researchers ...

The cybercriminal group ‘Cobalt’ has been named after its penetration testing tool ‘Cobalt Strike’. The threat group has targeted several banks and financial institutions across countries such as Armenia, Bulgaria, Belarus, Estonia, Georgia, Kyrgyzstan Moldova, the Netherlands, Poland, Romania, Russia, Spain, Britain, Malaysia, and more. Cobalt group was first spotted in 2016. The cybercriminal group has been named after the ...

Remote Code Execution (RCE) Vulnerability could allow an attacker to gain full control of a victim’s infected machine. An attacker gaining access to a victim’s machine exploiting the RCE vulnerability can execute system commands, write, modify, delete or read files, and can connect to databases. Remote code execution vulnerability allows an attacker to gain access to a victim’s machine and ...

TWO WEEKS OUT from the longest government shutdown in United States history—and with the possibility of another still looming—government employees are still scrambling to mitigate impacts on federal cybersecurity defenses. And the stakes are high. Furloughed cybersecurity employees returned to expired software licenses and web encryption certificates, colleagues burned out from working on skeleton crews, and weeks-worth of unanalyzed network activity logs. The ...