Researchers at TrapX Security recently discovered three of the world's largest manufacturers with IoT devices running Windows 7 infected with malware in an alleged supply chain attack. The company identified a cryptocurrency miner on numerous IoT devices, including automatic guided vehicles, a smart TV and a printer. All of these attacks are said to be a part of the same campaign.

New research from Recorded Future claims that hackers are exploiting many of the same security vulnerabilities as last year, demonstrating how failure to apply security updates is leaving organizations vulnerable to attack. Researchers analyzed the top vulnerabilities, exploit kits and malware attacks used by attackers in 2019 and found that six of the most commonly exploited vulnerabilities were repeats from 2018.

The National Institute of Standards and Technology (NIST) recently released a set of new guidelines to help organizations better protect the confidentiality, integrity and availability of data. The first guide is on data integrity and protection is a guide to help organizations identify and protect IT assets from data integrity attacks, including ransomware.

Australian transportation giant Toll Group was forced to shut down some of its online services after experiencing a cybersecurity incident last Friday. Toll Group said it discovered a piece of ransomware on its systems on Friday, January 31. In response, the company shut down several of its IT systems at multiple sites and business units across the country to resolve the issue.

A US government contractor is the latest victim to be taken down by a ransomware attack. Electronic Warfare Associates (EWA) have the Department of Defense, Department of Homeland Security and the Department of Justice listed among clients that they serve, describing the company as a veteran-owned business with a track record dating back over the last four decade.

Hackers are selling the payment card details of more than 30 million Americans and over 1 million foreigners on Joker's Stash, the internets largest payment card forum. This card dump which occurred on Monday was advertised as "BIGBADABOOM-III", but Gemini Advisory found that the card details traced back to Wawa, an East Coast convenience store chain.

As we enter a new year and a new decade, 2020 will be a critical year for businesses and governments around the globe as they deal with a more complex and evolving cyber threat landscape. NNT’s cybersecurity evangelists, CEO Mark Kerrison and CTO Mark Kedgley, have investigated the current state of the industry and identified key cybersecurity predictions and recommendations to help you improve your cybersecurity defenses in 2020.

A study by PAS Global recently discovered over 10,000 industrial endpoints that are affected by over 380,000 known security vulnerabilities. Industrial Control Systems (ICS) are used across the oil and gas industry, power generation, refining and chemical production, pulp and paper manufacturing, and mining industries. While advantageous for various reasons, these systems also pose a serious threat to security.

Detailed information about the job performance of more than 900 Regus employees was accidentally published online after the co-working space provider conducted a review of its sales staff. Regus owner IWG commissioned the mystery shopping business, Applause, to audit its sales staff through covert filming using "spy pens" fitted with miniature cameras.

Last week the National Institute of Standards and Technology (NIST) announced version 1.0 of its new Privacy Framework, a resource designed to help organizations manage privacy risks. A preliminary version of the Privacy Framework was released in September 2019, but the release of version 1.0 was not officially announced until January 2016, 2020.