Newly discovered China-linked threat operation LongNosedGoblin has leveraged Windows Group Policy to compromise Southeast Asian and Japanese government organizations with malware as part of a cyberespionage campaign, according to The Hacker News.
BleepingComputer reports that automated credential-based intrusions were launched against Palo Alto Networks GlobalProtect and Cisco SSL VPN instances last week.
The UK's Investigatory Powers Commissioner, Sir Brian Leveson, has warned of significant regulatory gaps in the Investigatory Powers Act 2016 that remain unaddressed by recent amendments, potentially undermining oversight of intelligence activities, according to The Register.
U.S. National Cyber Director Sean Cairncross has been urged by Senate Intelligence Committee Chair Tom Cotton, R-Ark., to combat risks associated with the growing involvement of China and Russia in open-source software development, CyberScoop reports.
Despite the average data breach now costing $4.88 million, many organizations still fail to integrate threat intelligence effectively into their cybersecurity strategies, according to Forbes.
The most basic web application firewalls use regular expressions to find potentially malicious code, but that method has severe limitations. Here's why your WAF should use more than regex to spot attacks.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
