Internet — Security Issues — December 25th, 2024

Windows includes built-in ransomware protection. Here's how to turn it on
Be sure to enable automatic backups, too.
December 25th, 2024 — Source

Internet — Security Issues — December 20th, 2024

AI-driven gait analysis bridges health care and security fields
The analysis of a person's individual walking pattern, or gait, can reveal details about their identity and reflect differences between individuals, groups and even populations.
December 20th, 2024 — Source

Another NetWalker affiliate sentenced to 20 years in prisonA 30-year old Romanian man was sentenced to 20 years in prison for leveraging the Netwalker ransomware to extort money from victims, the US Department of Justice announced on Thursday.
#2693
December 20th, 2024 — Source or Source

Ascension: Health data of 5.6 million stolen in ransomware attack
​Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation.
December 20th, 2024 — Source

BadBox malware infects close to 200,000 Android devices
There are many Android TV boxes out there for sale. Some are surprisingly cheap. Before you consider pulling the trigger on that cheap Android TV box, think again. This is because according to a report from the researchers at BitSight, the BadBox malware is back and that it has managed to infect close to 200,000 devices so far.
December 20th, 2024 — Source

Botnet of 190,000 BadBox-Infected Android Devices Discovered
Bitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones.
December 20th, 2024 — Source

CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability
CISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week.
December 20th, 2024 — Source

CISA: Use Signal or other secure communications app
In the wake of the widespread compromise of US telecom giants’ networks by Chinese hackers and the FBI advising Americans to use end-to-end encrypted communications, CISA is advising “highly targeted individuals” – senior government officials and politicians – to lock down and protect their smartphones as much as possible and to use “Signal or a similar app” for secure communications.
December 20th, 2024 — Source

Cyber Threats of Tomorrow: Are You Prepared for 2025?
Are you prepared for cyber threats in 2025? You may not be as protected as you think. Traversing the great internet landscape has always left individuals and businesses open to online threats, and these threats only become more prevalent as humanity’s development of new tech increases. Below, I take a look at what new threats are developing in 2025, the cost of these attacks, and what an average internet user can do to protect themselves.
December 20th, 2024 — Source

Data BreachesRansomware Group Claims Theft of Personal, Financial Data From Krispy Kreme
The Play ransomware group claims to have stolen sensitive data from donut and coffee retail chain Krispy Kreme.
December 20th, 2024 — Source

Europe's move toward cybersecurity sovereignty [Q&A]
Governments around the world are increasingly legislating for cybersecurity and privacy. But regions often have differing views on how this should be achieved.
December 20th, 2024 — Source

Five cybersecurity tips to protect yourself from scams and deepfakes
In an age when misinformation and deepfakes blur the lines between fact and fiction, identifying scams has never been more challenging. Falling for a scam can have devastating social, financial, and personal consequences. Over the past year, victims of cybercrime reported losing an average of $30,700 per incident.
December 20th, 2024 — Source

Krispy Kreme breach, data theft claimed by Play ransomware gang
​The Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November.
December 20th, 2024 — Source

Microsoft patches four security vulnerabilities in the latest Edge update
Microsoft has released two updates for the Edge browser. One is available for all users in the Stable Channel, and the other is for those using Edge in the Extended Stable Channel (it receives big updates every eight weeks instead of four). Both updates contain fixes for four high-severity Chromium security vulnerabilities.
December 20th, 2024 — Source

Operational tech under attack, deepfake phishing and learning to use passkeys -- cybersecurity predictions for 2025
With a constant power struggle between attackers and defenders cybersecurity is a fast-moving area. That makes it notoriously hard to predict what might happen, but that doesn't stop us trying. Here are what some industry experts think the cybersecurity world has in store for 2025.
December 20th, 2024 — Source

Ransomware attack on health giant Ascension hits 5.6 million patients
A May ransomware attack on Ascension, a U.S. healthcare giant with more than 140 hospitals and dozens of senior living facilities, allowed hackers to steal personal and sensitive health information on 5.6 million patients, according to a new filing with Maine’s attorney general. The cyberattack caused widespread disruption across its hospital system, with some staff describing harrowing lapses in healthcare as a result, including delayed or lost lab results, and medication errors.
December 20th, 2024 — Source

Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems
Rockwell’s PowerMonitor is affected by critical vulnerabilities that can enable remote access to industrial systems for disruption or further attacks.
December 20th, 2024 — Source

Serbian Government Exploits Qualcomm Zero-Days for Android Spyware ‘NoviSpy’
Researchers have uncovered a new spyware called NoviSpy, linked to the Serbian government. The spyware exploits Qualcomm’s zero-day vulnerabilities to infiltrate Android devices. Amnesty International’s Security Lab discovered the spyware deployed against journalists, activists, and dissidents following reports of suspicious phone activity.
December 20th, 2024 — Source

The Galaxy S25 Slim won't be slim when it comes to specs
The Ultra variants of the Galaxy S phones have typically been the most exciting variants, but that might change next year. While the Galaxy S25 Ultra has a ton of hype around it, our attention remains on the Galaxy S25 Slim. Rumors say that this phone will have a much thinner profile, and that’s all that we know. Well, thanks to some new leaks, we might know some of the Galaxy S25 Slim’s specs.
December 20th, 2024 — Source

US charges Russian-Israeli as suspected LockBit ransomware coder
The US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group.
December 20th, 2024 — Source

VPN used for VR game cheat sells access to your home network
Big Mama VPN tied to network which offers access to residential IP addresses.
December 20th, 2024 — Source

Internet — Security Issues — December 18th, 2024

AI Regulation Gets Serious in 2025 – Is Your Organization Ready?
While the challenges are significant, organizations have an opportunity to build scalable AI governance frameworks that ensure compliance while enabling responsible AI innovation.
December 18th, 2024 — Source

Appdome protects applications running on mobile-enabled platforms
Appdome announced that the Appdome Mobile Defense Platform now protects applications running on mobile-enabled platforms like Apple macOS, Apple visionOS, Meta Quest, HarmonyOS Next, Android Auto, Apple CarPlay, Android TV, Apple TV, and Google Play Games for PC.
December 18th, 2024 — Source

BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356)
BeyondTrust has fixed an unauthenticated command injection vulnerability (CVE-2024-12356) in its Privileged Remote Access (PRA) and Remote Support (RS) products that may allow remote code execution, and is urging organizations with on-premise installations to test the patch and implement it quickly.
December 18th, 2024 — Source

BeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probe
A critical vulnerability in BeyondTrust Privileged Remote Access and Remote Support could lead to arbitrary command execution.
December 18th, 2024 — Source

Bureau Raises $30M to Tackle Deepfakes, Payment Fraud
San Francisco startup scores a Series B round to thwart money mule accounts, deep-fake identities, account takeovers and payment fraud.
December 18th, 2024 — Source

CISA Issues Binding Operational Directive for Improved Cloud Security
CISA’s Binding Operational Directive 25-01 requires federal agencies to align cloud environments with SCuBA secure configuration baselines.
December 18th, 2024 — Source

European companies hit with effective DocuSign-themed phishing emails
A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers.
December 18th, 2024 — Source

Exploitation of Recent Critical Apache Struts 2 Flaw Begins
Researchers warn of malicious attacks exploiting a recently patched critical vulnerability in Apache Struts 2 leading to remote code execution (RCE).
December 18th, 2024 — Source

Hacker Leaks Cisco Data
IntelBroker has leaked 2.9 Gb of data stolen recently from a Cisco DevHub instance, but claims it’s only a fraction of the total.
December 18th, 2024 — Source

GitGuardian launches multi-vault integration to combat secrets sprawl
GitGuardian unveiled a comprehensive Non-Human Identity (NHI) security strategy with integrations across major secrets management platforms, addressing the growing challenge of secrets sprawl in enterprise environments.
December 18th, 2024 — Source

Recorded Future Tagged as ‘Undesirable’ in Russia
The Russian government accuses the US threat-intel firm of participating in the collection and analysis of data on the actions of the Russia’s armed forces.
December 18th, 2024 — Source

Regional Care Data Breach Impacts 225,000 People
Healthcare insurance firm Regional Care has disclosed a data breach impacting more than 225,000 individuals.
December 18th, 2024 — Source

Stairwell Core boosts threat intelligence for security teams
Stairwell announces Stairwell Core, which enables organizations to privately collect, store, and continuously reassess executable files so they can confidently determine if malware has affected their systems.
December 18th, 2024 — Source

Internet — Security Issues — December 16th, 2024

2025 cybersecurity forecast: Preparing for the next generation of threats
As we navigate an increasingly digital landscape, the threats posed by cybercriminals are evolving at an alarming pace. The latest predictions highlight a future where AI-driven technologies, particularly deep fakes, will become more sophisticated, making it challenging for individuals and organizations to distinguish between genuine and malicious entities.
December 16th, 2024 — Source

900,000 People Impacted by ConnectOnCall Data Breach
ConnectOnCall has disclosed a data breach impacting the personal information of more than 900,000 individuals.
December 16th, 2024 — Source

Access tokens and service accounts next target for cyberattacks
New research shows 88 percent of security leaders believe machine identities, specifically access tokens and their connected service accounts, are the next big target for attackers.
December 16th, 2024 — Source

Android users targeted by two new spyware threats
Google’s spokesperson reached out with a statement. The company has confirmed “that users are automatically protected from known versions of this spyware by Google Play Protect, which is on by default on Android devices with Google Play Services“.
December 16th, 2024 — Source

Android Zero-Day Exploited in Spyware Campaigns, Amnesty International Points to Cellebrite
Israeli forensics firm Cellebrite has been linked to an Android zero-day used to secretly install spyware on Serbian journalists’ phones.
December 16th, 2024 — Source

Arctic Wolf Buys Cylance for $160M Plus Stock From BlackBerry, Which Bought It for $1.4B
Security operations firm Arctic Wolf has acquired Cylance from BlackBerry for $160 million in cash and 5.5 million common shares.
December 16th, 2024 — Source

AT&T And Verizon Under Fire For Failing To Inform Millions Of Customers About Data Breaches
Hackers finding vulnerabilities in telecommunication companies has become increasingly common, with sensitive information being compromised in many cases. A major breach that has been going on for quite some time is by a Chinese hacking group, Salt Typhoon, entrenched in the U.S. telecommunication system. It is considered one of the most severe breach cases, but despite the gravity of the situation, it is reported that many of the affected companies have failed to inform the consumer of the intrusion. AT&T and Verizon have both been in hot waters recently for being the most intensely impacted companies yet going with a limited approach to customer notifications.
December 16th, 2024 — Source

CISA Urges Enhanced Coordination in Incident Response Plan
Draft National Response Plan Offers Flexible Coordination Strategies Across Sectors
December 16th, 2024 — Source or Source or Source or Source or Source

Citrix Warns of Password Spraying Attacks Targeting NetScaler Appliances
Citrix issues warning on password spraying attacks targeting NetScaler and NetScaler Gateway appliances deployed by organizations worldwide.
December 16th, 2024 — Source

Clop Ransomware Takes Responsibility for Cleo Mass Exploits
File-Transfer Software Being Exploited by One or More Groups; Vendor Pushes Patches
December 16th, 2024 — Source or Source or Source or Source

Deloitte says cyberattack on Rhode Island benefits portal carries 'major security threat'
Personal and financial data probably stolen
December 16th, 2024 — Source

European Union Sanctions Russian Malicious Cyber Actors
Trading Bloc Includes Doppelganger Actors and GRU Unit 29155 in Sanctions List
December 16th, 2024 — Source or Source or Source or Source or Source

Evasive Node.js loader masquerading as game hack
Malware peddlers are using NodeLoader, a loader written in Node.js, to foil security solutions and deliver infostealers and cryptominers to gamers.
December 16th, 2024 — Source

FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online.
December 16th, 2024 — Source

Hackers seek ransom after getting SSNs, banking info from state gov’t portal
Rhode Island said it's being extorted after hack of Deloitte-run benefits system.
December 16th, 2024 — Source

Israeli spyware maker Paragon bought by US private equity giant
Paragon, an Israeli spyware maker that has largely kept a low profile in recent years, was acquired last week by American private equity giant AE Industrial Partners, according to Israeli news reports.
December 16th, 2024 — Source

Keepit Raises $50 Million for SaaS Data Protection Solution
Denmark-based data protection company Keepit has raised $50 million, which brings the total investment to $90 million.
December 16th, 2024 — Source

Major Auto Parts Firm LKQ Hit by Cyberattack
LKQ, a major provider of auto parts, told the SEC that a recent cyberattack caused disruptions at a Canadian business unit.
December 16th, 2024 — Source

Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot.
December 16th, 2024 — Source

Microsoft confirms critical Windows Defender vulnerability. What you need to do right now.
Not much, it turns out.
December 16th, 2024 — Source

MUT-1244 targeting security researchers, red teamers, and threat actors
A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data.
December 16th, 2024 — Source

Rhode Island confirms data breach after Brain Cipher ransomware attack
Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems.
December 16th, 2024 — Source

Risk Aperture AI360 manages AI-specific vulnerabilities and threats
Risk Aperture launched AI360, a solution designed to address the growing cybersecurity risks posed by artificial intelligence (AI).
December 16th, 2024 — Source

Securing APIs in Modern Web Applications
Learn about key practices for securing APIs in modern web apps, including authentication, encryption, and monitoring, to guard against vulnerabilities.
December 16th, 2024 — Source

Securing Cloud-Native Systems: A Vendor-Neutral Approach
Nick Reva of Snap on Overcoming Cloud Misconfigurations With Scalable Security
December 16th, 2024 — Source or Source or Source

Serbian authorities are reportedly hacking and installing spyware on activists’ phones
Amnesty International says that Serbian police detained activists and journalists on false premises in order to hack their devices with Cellebrite tools and install Android spyware.
December 16th, 2024 — Source

Serbian government used Cellebrite to unlock phones, install spyware
Serbian police and intelligence officers used Cellebrite forensic extraction software to unlock journalists’ and activists’ phones and install previously unknown Android spyware called NoviSpy, a new Amnesty International report claims.
December 16th, 2024 — Source

SRP Federal Credit Union Ransomware Attack Impacts 240,000
SRP Federal Credit Union says the personal information of 240,000 was stolen in a recent cyberattack claimed by a ransomware gang.
December 16th, 2024 — Source

Strengthening IAM Security for Cloud IaaS Accounts
This guide will help you implement IAM-specific configurations in your OCI tenancy account to enhance security and protect your cloud infrastructure.
December 16th, 2024 — Source

Texas Tech University System data breach impacts 1.4 million patients
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients.
December 16th, 2024 — Source

Thousands Affected by Data Theft Hack of Smallest US State
Brain Cipher Gang Claims Credit for Hit on State of Rhode Island's Vendor Deloitte
December 16th, 2024 — Source or Source or Source or Source

Trump adviser wants to make cyberattackers pay
In a recent interview with CBS’ “Face the Nation”, Trump adviser US Rep Mike Waltz suggested that the government needs to take a tougher stance on cyberattackers. Instead of playing defense, Waltz said that it might be time to go on the offense.
December 16th, 2024 — Source

UK internet watchdog gives social media companies three months to improve safety or face huge fines
Ofcom can issue fines up to $23 million, or 10 percent of a company's global revenue.
December 16th, 2024 — Source

Undocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of Orgs
Undocumented vulnerabilities in DrayTek devices were exploited in ransomware campaigns that compromised over 300 organizations.
December 16th, 2024 — Source

US telecoms haven't notified victims of Chinese data breaches
A new report claims that neither AT&T nor Verizon have notified the majority of people impacted by the latest data breaches from China. These two telecom service providers seem to have suffered the most severe impact.
December 16th, 2024 — Source

Watch Now: Navigating Your OT Cybersecurity Journey: From Assessment to Implementation
Learn how to develop a holistic solution that provides you and your team the power to mitigate cyber threats effectively within your OT environment.
December 16th, 2024 — Source

What's behind the surge in mysterious drone sightings over New Jersey, Massachusetts and other states?
A month after mysterious drones were first reported over New Jersey, authorities are still trying to determine where they are coming from as sightings increase in frequency and spread into neighboring states.
December 16th, 2024 — Source

Why AI Adoption Stalls: Data, Talent and Strategy Gaps
Brett Barton of Unisys on Bridging the AI Readiness Gap for Competitive Advantage
December 16th, 2024 — Source or Source or Source or Source

Winnti-Like 'Glutton' Backdoor Targets Cybercriminals
Malware Exploits Cybercrime Ecosystem for Profit
December 16th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — December 13th, 2024

CISA confirms critical Cleo bug exploitation in ransomware attacks
​CISA confirmed today that a critical security vulnerability in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks.
December 13th, 2024 — Source

CISA warns water facilities to secure HMI systems exposed online
CISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks.
December 13th, 2024 — Source

Celigo Private Cloud enhances security and connectivity
Celigo introduced Celigo Private Cloud, a transformative solution offering enterprises fully private automation instances. Designed for businesses that prioritize enhanced security, control, and compliance, Celigo Private Cloud empowers organizations to scale their automation strategies with confidence.
December 13th, 2024 — Source

Clinicians' phones a cybersecurity risk, says study
A new study led by Dr. Tafheem Wani, a La Trobe lecturer in Digital Health Information Management, showed that clinicians' phones (and other digital devices) contained sensitive patient information, which was not often protected by antivirus software and passcodes.
December 13th, 2024 — Source

Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform
Researchers warn about critical vulnerabilities in Ruijie Networks’ Reyee cloud management platform and Reyee OS network devices.
December 13th, 2024 — Source

Crypto Roundup: Crypto Pros Targeted With Fake Meeting Apps
Also: Australia Fines Kraken AU$8 Million Over Breaches
December 13th, 2024 — Source or Source or Source or Source or Source

Game-like ‘task scams’ stole more than $220 million in six months
The FTC says these fake online jobs have accounted for over 40 percent of all scam reports this year.
December 13th, 2024 — Source

Germany blocks BadBox malware loaded on 30,000 Android devices
Germany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country.
December 13th, 2024 — Source

German BSI Disrupts Android Malware Infecting IoT Devices
Around 30,000 German IoT Devices Infected From Backdoored Android Applications
December 13th, 2024 — Source or Source or Source or Source or Source

Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices
Germany’s cybersecurity agency BSI has sinkholed a botnet of 30,000 devices shipped with BadBox malware pre-installed.
December 13th, 2024 — Source

Hackers Possibly Stole Personal Data From Bitcoin ATM Operator Byte Federal
Byte Federal says the personal information of 58,000 was compromised after a GitLab flaw allowed attackers to access a server.
December 13th, 2024 — Source

Hackers Steal 17M Patient Records in Attack on 3 Hospitals
IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider
December 13th, 2024 — Source or Source or Source or Source or Source

In Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Data, MITRE ATT&CK Evaluations
Noteworthy stories that might have slipped under the radar: AV brand owner Gen Digital makes a $1 billion acquisition, Microsoft Recall captures sensitive data, MITRE releases ATT&CK evaluations.
December 13th, 2024 — Source

Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel
The Iranian threat group CyberAv3ngers has used custom-built malware named IOCONTROL to target IoT and OT devices in the US and Israel.
December 13th, 2024 — Source

ISMG Editors: CEO Shooting Sparks AI Accountability Debate
Also: How Leading Cybersecurity Firms Are Gearing Up for 2025
December 13th, 2024 — Source or Source or Source or Source or Source

Major Microsoft Multifactor Authentication Vulnerability Revealed
A vulnerability in Microsoft’s multifactor authentication (MFA) system has been uncovered by cybersecurity firm Oasis Security, allowing attackers to bypass security measures and access sensitive data across services including Outlook, OneDrive, Teams and Azure.
December 13th, 2024 — Source

Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog
Microsoft has patched potentially critical vulnerabilities in Update Catalog and Windows Defender on the server side.
December 13th, 2024 — Source

Researchers: Iranian Custom Malware Targets Fuel Systems
An Iranian state hacking group is using custom malware that researchers liken to a "cyber weapon" to compromise IoT and OT infrastructure in Israel and the United States.
December 13th, 2024 — Source or Source or Source or Source or Source

Rubrik Turbo Threat Hunting accelerates cyber recovery
As organizations around the world struggle with extended downtime and revenue loss due to widespread cyberattacks, Rubrik announces Rubrik Turbo Threat Hunting.
December 13th, 2024 — Source

Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named 'BoneSpy' and 'PlainGnome' to spy on and steal data from mobile devices.
December 13th, 2024 — Source

Rydox Cybercrime Marketplace Disrupted, Administrators Arrested
The US announced the takedown of Rydox, a marketplace for stolen personal information, and the arrest of three administrators.
December 13th, 2024 — Source

Study reveals vulnerability of metaverse platforms to cyber attacks
Having access to virtual worlds from your home computer via your web browser and being able to interact with others in a secure and private manner: that is the promise of metaverse platforms.
December 13th, 2024 — Source

The future of VPNs: Decentralized and post-quantum security
These are the most exciting advancements coming to VPNs in the next few years.
December 13th, 2024 — Source

Threats to encryption, security fears and a race to gain a competitive edge -- quantum predictions for 2025
As we approach the end of the year it's time to start wondering what the next one will have in store. As always we'll be running a series of pieces looking at what industry experts think will be key tech industry trends for 2025.
December 13th, 2024 — Source

US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats
The new agreement has a narrower scope and additional safeguards to minimize the risk to national security.
December 13th, 2024 — Source

Watch out! Your latest data breach notification might not be real
As always, scammers try to capitalize on any and all opportunities.
December 13th, 2024 — Source

Internet — Security Issues — December 10th, 2024

21 years since its inception, GNU Shepherd 1.0.0 is released
GNU Shepherd is a service manager designed to oversee the system’s daemons. It functions both as an “init” system (PID 1) and as a tool for unprivileged users to manage per-user daemons.
December 10th, 2024 — Source

$50 Million Radiant Capital Heist Blamed on North Korean Hackers
Radiant Capital says a North Korean threat actor stole $50 million in assets in a sophisticated October attack.
December 10th, 2024 — Source

Astrix Security Banks $45M Series B to Secure Non-Human Identities
Tel Aviv company building software to secure non-human identities banks a $45 million funding round led by Menlo Ventures.
December 10th, 2024 — Source

Astrix's $45M Series B Targets Non-Human Identity Security
Startup Aims to Secure AI Agents, Expand Global Reach, Do User Access Management
December 10th, 2024 — Source or Source or Source or Source

Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623)
Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday.
December 10th, 2024 — Source

Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure
Cisco Talos has disclosed the details of apparently unpatched vulnerabilities in MC Technologies industrial routers and the GoCast BGP tool.
December 10th, 2024 — Source

Citrix Acquisitions Boost Zero Trust Defense for Hybrid Work
deviceTRUST, Strong Network Acquisitions Improve Zero Trust, Developer Protections
December 10th, 2024 — Source or Source or Source or Source or Source

Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises
CVE-2024-50623, an improperly patched vulnerability affecting Cleo file transfer tools, has been exploited in the wild.
December 10th, 2024 — Source

Containers are a weak link in supply chain security
The use of container images is growing fast thanks to their flexibility and convenience, but they can also represent a weak cybersecurity link in software supply chains.
December 10th, 2024 — Source

Best Free Antivirus Software for 2024
Keep your computer safe with these tried-and-tested free antivirus tools.
December 10th, 2024 — Source

Financial Sector Turning to Multi-Cloud Strategies
Report: Financial Orgs Shift to Multi-Cloud to Address Cyberthreats and Regulation
December 10th, 2024 — Source or Source or Source or Source

Heart surgery device maker's security bypassed, data encrypted and stolen
Sounds like th-aorta get this sorted quickly
December 10th, 2024 — Source

Horizon3.ai NodeZero Insights enables executives to visualize changes in their security posture
Horizon3.ai launched NodeZero Insights, a platform designed for security leaders, CIOs, CISOs and practitioners. This new solution delivers real-time dashboards to measure, track and strengthen an organization’s security posture over time.
December 10th, 2024 — Source

Hospital Notifies 316,000 of Breach in Christmas 2023 Hack
Cybercriminal Gang 'Money Message' Claims Credit, Publishes Stolen Records
December 10th, 2024 — Source or Source or Source or Source or Source

Ivanti warns of maximum severity CSA auth bypass vulnerability
Today, Ivanti warned customers about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution.
December 10th, 2024 — Source

Microsoft Bets $10,000 on Prompt Injection Protections of LLM Email Client
Microsoft offers $10,000 in rewards to researchers who can manipulate a realistic simulated LLM-integrated email client.
December 10th, 2024 — Source

Microsoft Rolls Out Default NTLM Relay Attack Mitigations
Microsoft has rolled out new default security protections that mitigate NTLM relaying attacks across on-premises Exchange, AD CS, and LDAP services.
December 10th, 2024 — Source

Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day
Patch Tuesday: Redmond patches 71 security flaws and calls immediate attention to an exploited Windows zero-day reported by CrowdStrike.
December 10th, 2024 — Source

Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks
Big Game Hunting Will Intensify in 2025, Says Credit Rating Agency
December 10th, 2024 — Source or Source

New Cleo zero-day RCE flaw exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks.
December 10th, 2024 — Source

OpenWrt Update Flaw Exposed Devices to Malicious Firmware
Flaw in Embedded Device Operating System Allowed Hackers to Bypass Integrity Check
December 10th, 2024 — Source or Source or Source

Police 'need to play a larger role' in recovering cybercrime money
The study also recommends that, as a priority, Police Scotland should make clear to communities that it can be relied upon in cases of economic cybercrime.
December 10th, 2024 — Source

SAP Patches Critical Vulnerability in NetWeaver
SAP has released patches for 16 vulnerabilities, including a critical-severity SSRF bug in NetWeaver (Adobe Document Services).
December 10th, 2024 — Source

Satya Nadella's Vision for Microsoft: AI, AI and AI
Copilot Enhancements and Other Key Announcements From Microsoft Ignite 2024
December 10th, 2024 — Source or Source or Source or Source

SecureAuth protects sensitive information with biometric continuous identity assurance
SecureAuth is releasing biometric continuous identity assurance (BCIA). This ability is designed to safeguard a company’s sensitive information for the duration of a user’s session — providing additional protection from emerging threats in today’s hybrid and remote work environments.
December 10th, 2024 — Source

Stamus Networks Clear NDR uncovers unauthorized activity
Stamus Networks announced Clear NDR, an open and transparent NDR system that empowers cyber defenders to uncover and stop serious threats and unauthorized activity before they cause harm to the organization.
December 10th, 2024 — Source

US Indicts, Sanctions Alleged Chinese Sophos Firewall Hacker
Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG Firewall
December 10th, 2024 — Source or Source or Source or Source or Source

US offers $10 mn reward for wanted Chinese hacker
The United States offered a $10 million reward on Tuesday for information leading to the arrest of a Chinese man and co-conspirators wanted for hacking computer firewalls.
December 10th, 2024 — Source

US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks
The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide. Many of the victims were U.S. critical infrastructure companies.
December 10th, 2024 — Source

US sanctions Chinese firm for hacking firewalls in ransomware attacks
The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020.
December 10th, 2024 — Source

Versa Endpoint DLP prevents data exfiltration
Versa announced Versa Endpoint DLP, an integrated endpoint data loss prevention (DLP) capability delivered by the Versa SASE Client as part of the VersaONE Universal SASE Platform.
December 10th, 2024 — Source

Wald.ai Raises $4M in Seed Funding to Protect Data in Conversations With AI Assistants
Wald.ai has raised $4 million in seed funding for a solution designed to ensure data protection when organizations use AI assistants.
December 10th, 2024 — Source

Wipe Your Home Address Permanently Off the Internet With These Tips
Hide your home address from the Web and keep it away from easy Googling with these effective steps.
December 10th, 2024 — Source

Wyden proposes bill to secure US telecoms after Salt Typhoon hacks
U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year.
December 10th, 2024 — Source

You can boost your cybersecurity skills for free with this new initiative
Need to improve your cybersecurity skills but don't know where to start (or have much budget)? This network connects public-interest community organizations with a volunteer professional - entirely free.
December 10th, 2024 — Source

Internet — Security Issues — December 6th, 2024

5 Reasons to Use a Stateless Firewall (+3 Key Downsides)
A stateless firewall is an efficient, low-maintenance way to screen lots of network traffic quickly — but there are a few important drawbacks.
December 6th, 2024 — Source

a16z-backed Toka wants to help US agencies hack into security cameras and other IoT devices
U.S. government agencies legally hack into cell phones or emails all the time: think of the FBI wiretapping a suspected drug lord or the NSA monitoring emails for terrorism plots.
December 6th, 2024 — Source

Atrium Health Data Breach Impacts 585,000 People
Atrium Health has notified the HHS of a data breach impacting 585,000 individuals, and the incident may be related to online tracking.
December 6th, 2024 — Source

Badass Russian techie outsmarts FSB, flees Putinland all while being tracked with spyware
Threatened with life in prison, Kyiv charity worker gives middle finger to state spies
December 6th, 2024 — Source

Blue Yonder SaaS giant breached by Termite ransomware gang
The Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder.
December 6th, 2024 — Source

Cryptohack Roundup: Solana npm Package Attack's Wallet Risks
Also, Man Who Stole $3.5M of Cloud Computing to Mine $1M in Crypto Pleads Guilty
December 6th, 2024 — Source or Source or Source or Source or Source

Cyber defense vs cyber resilience: why it's time to prioritize recovery
In an era when successful hacks are now an inevitability, too many organizations have a false sense of security when it comes to their data. Unfortunately, cyber criminals are ready and willing to take advantage of this complacency.
December 6th, 2024 — Source

Dutch Counter-Ransomware Initiative Led to Global Takedowns
Project Mellissa Contributed Toward Disruptive Actions
December 6th, 2024 — Source or Source or Source or Source or Source

Echoworx enhances secure access to encrypted messages
Echoworx announced the addition of 2-Step Verification (2SV) when using OAuth and Passkeys for authentication for encrypted messages.
December 6th, 2024 — Source

Employee Data Access Behaviors Putting Australian Employers At Risk
New CyberArk research finds Australian employees choosing convenience over cyber security policies.
December 6th, 2024 — Source

Ethyca Raises $10 Million for Data Privacy Platform
Data privacy solutions provider Ethyca has raised $10 million in a funding round led by Aspenwood Ventures and AVP.
December 6th, 2024 — Source

Following Salt Typhoon, FCC targets US telecom security gaps with new regulatory proposal
The Federal Communications Commission (FCC) is introducing a new rule that could force telecom carriers to improve their cybersecurity practices. This move comes after a series of cyberattacks, including one attributed to the Chinese hacking group Salt Typhoon, raised serious concerns about the vulnerability of America's communication infrastructure.
December 6th, 2024 — Source or Source

Google Open Sources Security Patch Validation Tool for Android
Google has announced the open source availability of Vanir, a patch validation tool for Android platform developers.
December 6th, 2024 — Source

Here's Where Top Cybersecurity Vendors Stand as 2025 Nears
Palo Alto, CrowdStrike, Zscaler Eye Firewall, SIEM Replacement, Incident Recovery
December 6th, 2024 — Source or Source or Source or Source or Source

How to choose secure, verifiable technologies?
The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has published a guidance document titled Choosing Secure and Verifiable Technologies, compiled to assist organizations in making informed decisions when procuring software (proprietary or open source), hardware (e.g., IoT devices), and cloud services (SaaS, MSP services).
December 6th, 2024 — Source

In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert
Noteworthy stories that might have slipped under the radar: ENISA and NCSC release cybersecurity reports, abuse of Cloudflare services, FBI warns of gen-AI enabling fraud.
December 6th, 2024 — Source

Insider Breach, Email Attacks Net $1.7M in HIPAA Fines
Incidents at Pain Management Firm, Pediatric Hospital Affect 50,000 People
December 6th, 2024 — Source or Source or Source or Source or Source

PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability
WatchTowr has published proof-of-concept (PoC) code for an unpatched vulnerability in the Mitel MiCollab enterprise collaboration platform.
December 6th, 2024 — Source

Pro-Russian hacktivists target Europe
A new report shows that 96 percent of attacks conducted by a leading pro-Russian hacktivist group targeted Europe this year, with attackers focusing on influencing public perception and trust over direct technical disruptions.
December 6th, 2024 — Source

Protecting the C-Suite in the Wake of UHC CEO's Murder
Chris Pierson, CEO of BlackCloak, on Rising Digital, Physical Threats
December 6th, 2024 — Source or Source or Source or Source or Source

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks
A California teen suspected of being a Scattered Spider member left a long trail of evidence and even used an FBI service to launder money.
December 6th, 2024 — Source

Resecurity introduces AI-powered GSOC at NATO Edge 2024
Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center (GSOC) during NATO Edge 2024, the NATO Communications and Information Agency's flagship conference.
December 6th, 2024 — Source

SonicWall Patches 6 Vulnerabilities in Secure Access Gateway
SonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway.
December 6th, 2024 — Source

Spyware Campaign Targets Sino Minority Groups Via WeChat
Possible Chinese State-Sponsored Exploit Kit Using Browser Flaws to Deploy Spyware
December 6th, 2024 — Source or Source or Source or Source or Source

The 6 Tradeoffs Between a Stateful vs Stateless Firewall
Understanding the stateful firewall vs stateless firewall distinction will help you decide on the best strategy for protecting your network.
December 6th, 2024 — Source

The best antivirus software and apps you can buy
Protect yourself this holiday season with the best antivirus software of 2024, tested and recommended by our experts.
December 6th, 2024 — Source

Trump's AI, Crypto Czar David Sacks Faces Conflict Scrutiny
David Sacks Appointed as Trump's AI and Crypto Czar Amid Growing Industry Concerns
December 6th, 2024 — Source or Source or Source or Source or Source

Weaponized AI: Hot for Fraud, Not for Election Interference
FBI Sees Rising AI-Enabled Fraud; Meta Reports Scant Election Interference Use
December 6th, 2024 — Source or Source or Source or Source or Source

Why it's time for a reset of security metrics [Q&A]
Historically, security metrics have focused on measuring how many attacks are successful and how long it takes for a successful attack to be detected. This is perhaps unsurprising since the bulk of the industry has focused on building tools to detect adversaries./span>
December 6th, 2024 — Source

Windows, macOS users targeted with crypto-and-info-stealing malware
Downloading anything from the internet is a gamble these days: you might think that you are downloading an innocuous app from a legitimate firm but thanks to clever misuse of AI and some social engineering, you can end up with information and cryptocurrency-stealing malware.
December 6th, 2024 — Source

Internet — Security Issues — December 2nd, 2024

Avira Prime review: Comprehensive, user-friendly antivirus
Dig into this dead-simple antivirus suite and you'll find a sophisticated set of PC utilities.
December 2nd, 2024 — Source

Bitwarden Review (2024): Is It a Secure Password Manager?
Bitwarden’s excellent free version makes it one of the best free password managers available. To learn more, read our full Bitwarden review.
December 2nd, 2024 — Source

Cloud security specialist Upwind confirms it raised $100M at a $900M valuation
In November, TechCrunch broke the news that cybersecurity startup SourceUpwind was getting a lot of inbound interest to raise money on a big valuation. Now, we can confirm that the deal is done: Upwind has closed a Series A round of $100 million. The round values it at $900 million post-money.
December 2nd, 2024 — Source

Critical Vulnerability Found in Zabbix Network Monitoring Tool
A critical-severity vulnerability in open source enterprise network monitoring tool Zabbix could lead to full system compromise.
December 2nd, 2024 — Source

Ex-Google CEO Eric Schmidt Warns About AI Risks and Global Security Threats
Eric Schmidt, the former CEO of Google, has issued a stark warning about the accelerating advancements in artificial intelligence (AI). His concerns focus on the global implications of these developments, particularly as nations like China make significant strides in AI innovation. From the risks of open-source AI to the weaponization of autonomous systems, Schmidt emphasizes the urgent need for international cooperation and regulation to address the ethical and security challenges posed by these rapidly evolving technologies.
December 2nd, 2024 — Source

Ex-NBA athlete Omri Casspi launches $60M fund targeting cybersecurity, cloud infra and AI
Former NBA athlete Omri Casspi has raised $60 million for his latest venture fund, Swish Ventures, which will invest in early-stage cybersecurity, cloud infrastructure, and AI startups. The fund plans to back 10 companies, and will invest $5 million to $7 million per deal.
December 2nd, 2024 — Source

Feds Propose AI 'Guardrails' for Medicare Advantage Plans
Provision Emphasizes Existing Medicare Regs for Equitable Access to Health Services
December 2nd, 2024 — Source or Source or Source or Source or Source

Hacking group claims to have cracked Microsoft's software licensing security on a massive scale
Is Microsoft's entire licensing business in trouble?
December 2nd, 2024 — Source

Interim dollar gains, cybersecurity pains: Expert explains how financial loss from data breaches can be mitigated
Between 2005 and 2018, incidents of data breach in the United States rose by nearly eight times, according to the Identity Theft Resource Center.
December 2nd, 2024 — Source

Open source supply chain faces security issues
The open source software supply chain shows signs of 'AppSec exhaustion,' with organizations showing diminished engagement in security practices and struggling to meet vulnerability management goals, according to a new report.
December 2nd, 2024 — Source

Prototype UEFI Bootkit is South Korean University Project; LogoFAIL Exploit Discovered
The ‘Bootkitty’ prototype UEFI bootkit contains an exploit for LogoFAIL and was created in a South Korea university program.
December 2nd, 2024 — Source

Russia arrests one of its own – a cybercrime suspect on FBI's most wanted list
The latest in an unusual change of fortune for group once protected by the Kremlin
December 2nd, 2024 — Source

Russia Indicts Alleged Ransomware Hacker Wanted by the FBI
Suspected LockBit, Babuk Operator Mikhail Matveev Arrested in Russia
December 2nd, 2024 — Source or Source or Source or Source or Source

Russian Hacker With $10 Million Bounty on His Head Reportedly Arrested
Russian authorities have reportedly arrested Mikhail Matveev, who is wanted by the US for ransomware attacks against critical infrastructure.
December 2nd, 2024 — Source

SmokeLoader Campaign Targets Taiwanese Companies
Threat Actor Uses the Trojan as an Infostealer
December 2nd, 2024 — Source or Source or Source or Source or Source

Special abilities of users should be employed in a targeted way in order to increase cyber security, says expert
When it comes to cyber security, many people initially think of sophisticated technologies, such as encryption programs, email filters or anti-virus software. However, even the best encryption program is of little benefit if it is not used. Weak passwords are definitely a risk factor.
December 2nd, 2024 — Source

Telco security is a dumpster fire and everyone's getting burned
The politics of cybersecurity are too important to be left to the politicians
December 2nd, 2024 — Source

The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before organizations get a chance to revoke them.
December 2nd, 2024 — Source

Top 5 Cyber Security Trends for 2025
The cyber landscape is more turbulent than ever. Microsoft recently reported a 2.75-fold increase in ransomware attempts this year, while research predicts that global cyber attacks in 2024 will surge 105% compared to 2020.
December 2nd, 2024 — Source

Two UK Hospitals Hit by Cyberattacks, One Postponed Procedures
Alder Hey Children’s Hospital and Wirral University Teaching Hospital have fallen victim to cyberattacks, including one involving ransomware.
December 2nd, 2024 — Source

Upwind Raises $100M to Thwart Cloud Security Vulnerabilities
Firm Focuses on Runtime Context, AI Enhancements to Counter Evolving Cloud Threats
December 2nd, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — December 1st, 2024

How a Hacker Outsmarted AI to Win $50,000 in Cryptocurrency
In a high-stakes AI-driven competition, a participant exploited vulnerabilities in an AI agent named "Freysa AI" to extract $50,000 worth of cryptocurrency. This event, designed to test the resilience of AI systems, highlighted critical weaknesses in areas such as prompt engineering and logic safeguards. The AI hacker cryptocurrency outcome exposed not only the fragility of AI in adversarial scenarios but also provided valuable insights into securing AI systems in sensitive environments.
December 1st, 2024 — Source

Week in review: Exploitable flaws in corporate VPN clients, malware loader created with gaming engine
Here's an overview of some of last week's most interesting news, articles, interviews and videos:
December 1st, 2024 — Source

Internet — Security Issues — November 29th, 2024

Bologna FC confirms data breach after RansomHub ransomware attack
Bologna Football Club 1909 has confirmed it suffered a ransomware attack after its stolen data was leaked online by the RansomHub extortion group.
November 29th, 2024 — Source

EU Nations That Missed NIS2 Deadline Put On Notice
European Commission Opens Infringement Procedures Against 23 EU Member States
November 29th, 2024 — Source or Source or Source or Source or Source

Hello Bootkitty! Linux Gets A UEFI Bootkit
It makes sense that UEFI bootkits would work on Linux machines, at that level your operating system doesn't matter to your motherboard. What has been delaying hackers is the infection vector itself, as Linux offers more of a challenge than Windows systems for a variety of reasons. Unfortunately the grace period is now over, with security specialists at ESET detecting a bootkit on VirusTotal.
November 29th, 2024 — Source

In Other News: OPPC Breach Impacts 1.7M, US Soldier Suspected in Snowflake Hack, Cloudflare Loses Logs
Noteworthy stories that might have slipped under the radar: OnePoint Patient Care data breach impact doubles, a US soldier may have been involved in the Snowflake hack, Cloudflare lost customer logs.
November 29th, 2024 — Source

INC Ransom claims cyber-attack on Alder Hey Children's Hospital
Another ransomware attack has targeted the UK's National Health Service (NHS), this time hitting Alder Hey Children's Hospital in Liverpool, one of Europe's largest pediatric hospitals.
November 29th, 2024 — Source

Interconnected devices and security: Designing systems to guarantee integrity, data security from Internet of Things
The progress of new technologies has allowed many of the devices and appliances in homes, offices, industries and streets to be connected to the network through the Internet of Things (IoT), improving and streamlining processes, jobs and even people's quality of life. However, this massive connection of everyday objects can lead to numerous risks, especially when processing personal data, sensitive data or the information handled by these systems.
November 29th, 2024 — Source

Overcoming Identity and Access Challenges in Healthcare
Longtime Cyber Leader Jim Routh on Improving Identity and Access Management
November 29th, 2024 — Source or Source or Source or Source or Source

Privacy Vendor Market Moves From Point to Platform Solutions
PwC's Anirban Sengupta Details Privacy Landscape, Growing Awareness in India Market
November 29th, 2024 — Source or Source or Source or Source or Source

Researchers discover "Bootkitty," the first UEFI bootkit for Linux
The malware is in a proof-of-concept phase, but further refinement could prove a threat
November 29th, 2024 — Source

Russia arrests cybercriminal Wazawaka for ties with ransomware gangs
Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups.
November 29th, 2024 — Source

Russia arrests ransomware attacker Wazawaka
An anonymous Russian news source says Mikhail Pavlovich Matveev is in custody.
November 29th, 2024 — Source

Security must be used as a springboard, not just a shield
Cybersecurity is often frustratingly seen as a boardroom burden -- a compulsory cost to keep threats at bay. This "necessary evil" mindset is holding businesses back and leading to a critical opportunity to leverage security as a driver of success being missed.
November 29th, 2024 — Source

The Growing Quantum Threat to Enterprise Data: What Next?
Key Steps for Navigating the Cybersecurity Transition to Quantum-Safe Cryptography
November 29th, 2024 — Source or Source or Source or Source or Source

Trend Micro Maximum Security review: Better alternatives exist
A once beginner-friendly antivirus suite is now greatly eclipsed by rivals.
November 29th, 2024 — Source

Warning: Patch Advantech Industrial Wireless Access Points
Researchers Discover 20 Critical Flaws Attackers Could Exploit in a Variety of Ways
November 29th, 2024 — Source or Source or Source or Source

Internet — Security Issues — November 27th, 2024

A Recent Patent Teases Apple’s Security Camera With Advanced Apple Intelligence Features, Capable Of Identifying People Beyond Facial Recognition
Companies are increasingly working towards reducing dependency on third-party suppliers and manufacturers by opting for more in-house production. This transition is aimed at not just saving costs but also to have greater control over the processes. Earlier, a report suggested that Apple is working on expanding its Smart Home range by making its own security camera. Now, a new report is doing the rounds that mirrors the same claims and suggests that the camera might be launched in 2026. We also expect the security camera to be packed with advanced privacy settings and Apple Intelligence capabilities that would make most users want to buy one.
November 27th, 2024 — Source

AVG Internet Security review: Reliable, budget-friendly antivirus software
AVG Internet Security rounds out the company’s solid antivirus software with additional online protections, while not costing too much.
November 27th, 2024 — Source

Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity
US senators introduce new legislation to protect health data and strengthen the cybersecurity of the country’s healthcare sector.
November 27th, 2024 — Source

Chinese hackers breached T-Mobile's routers to scope out network
T-Mobile says the Chinese "Salt Typhoon" hackers who recently compromised its systems as part of a series of telecom breaches first hacked into some of its routers to explore ways to navigate laterally through the network.
November 27th, 2024 — Source

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours
Internet security giant Cloudflare announced that it lost 55% of all logs pushed to customers over a 3.5-hour period due to a bug in the log collection service on November 14, 2024.
November 27th, 2024 — Source

Cyber exposure management in today's enterprise landscape [Q&A]
The cybersecurity landscape is more complex than ever and that means enterprises need to have a real-time picture of their exposure.
November 27th, 2024 — Source

Cybercriminals used a gaming engine to create undetectable malware loader
Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses Godot Engine, an open-source game engine.
November 27th, 2024 — Source

Data broker leaves 600K+ sensitive files exposed online
Researcher spotted open database before criminals … we hope
November 27th, 2024 — Source

ESET researchers analyze first UEFI bootkit for Linux systems
ESET Research has discovered the first UEFI bootkit designed for Linux systems, named Bootkitty by its creators. Researchers believe this bootkit is likely an initial proof of concept, and based on ESET telemetry, it has not been deployed in the wild.
November 27th, 2024 — Source

ESET Flags Prototype UEFI Bootkit Targeting Linux
ESET warns of a new reality: “UEFI bootkits are no longer confined to Windows systems alone.”
November 27th, 2024 — Source

Found on VirusTotal: The world’s first UEFI bootkit for Linux
"Bootkitty" is likely a proof-of-concept, but may portend working UEFI malware for Linux.
November 27th, 2024 — Source

Free online tool shines a light on the global threat landscape
Cyber threats are becoming more complex and it can be difficult for defenders to see the big picture and make decisions accordingly.
November 27th, 2024 — Source

Hackers abuse popular Godot game engine to infect thousands of PCs
Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months.
November 27th, 2024 — Source

Hackers exploit ProjectSend flaw to backdoor exposed servers
Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers.
November 27th, 2024 — Source

Microsoft re-releases Exchange updates after fixing mail delivery
​Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules.
November 27th, 2024 — Source

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.
November 27th, 2024 — Source

New EU Tech Commissioner to Focus on Tech Sovereignty
Henna Virkkunen Vows to Boost European Innovation, Cut Regulations
November 27th, 2024 — Source or Source or Source or Source or Source

New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products
Palo Alto Networks and SonicWall VPNs affected by vulnerabilities allowing remote code execution and privilege escalation.
November 27th, 2024 — Source

Passwords vs. Passkeys – Everything You Need to Know About Passkeys
Imagine this: you’re trying to log into an account, but you can’t remember which variation of your go-to password you used. Was it the one with the exclamation point or the one with your pet’s name? Frustrating, right? We’ve all been there, juggling countless passwords, resetting them when we forget, and nervously wondering if they’re secure enough to keep hackers at bay.
November 27th, 2024 — Source

ProjectSend Vulnerability Exploited in the Wild
VulnCheck warns of widespread exploitation of a year-and-a-half-old ProjectSend vulnerability for which multiple public exploits exist.
November 27th, 2024 — Source

Researchers discover first UEFI bootkit malware for Linux
The first UEFI bootkit specifically targeting Linux systems has been discovered, marking a shift in stealthy and hard-to-remove bootkit threats that previously focused on Windows.
November 27th, 2024 — Source

Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets
The Russia-linked RomCom APT has been observed chaining two zero-days in Firefox and Windows for backdoor delivery.
November 27th, 2024 — Source

Russian Hackers Target Mozilla, Windows in New Exploit Chain
Eset Discovers 2 Major Vulnerabilities Exploited by Russian RomCom Hacking Group
November 27th, 2024 — Source

Senators intro bipartisan bill to bolster healthcare cybersecurity
The Health Care Cybersecurity and Resiliency Act of 2024 would provide grants to help healthcare organizations strengthen prevention and response - and push for better coordination between HHS and CISA.
November 27th, 2024 — Source

Source Code of $3,000-a-Month macOS Malware ‘Banshee Stealer’ Leaked
The Banshee Stealer macOS malware operation, which emerged earlier this year, was reportedly shut down following a source code leak.
November 27th, 2024 — Source

T-Mobile Disputes Claims of Chinese Hack on Customer Data
Largest US Telco Blocks Hackers But Warns Other Networks May Be Compromised
November 27th, 2024 — Source or Source or Source or Source or Source

T-Mobile says telco hackers had ‘no access’ to customer call and text message logs
U.S. phone giant T-Mobile said Wednesday that hackers had “no access” to its customers’ calls, text messages, and voicemails during an ongoing industrywide cyberattack targeting internet and phone companies.
November 27th, 2024 — Source

US Appeals Court Reverses Tornado Cash Sanctions
Department of Treasury Overstepped its Authority, Fifth Circuit Rules
November 27th, 2024 — Source or Source or Source or Source or Source

When Hackers Meet Tractors: Surprising Roles in IoT Security
How to Find a Career in Industrial IoT - on the Factory Floor or in the Cornfield
November 27th, 2024 — Source or Source or Source or Source or Source

Zello asks users to reset passwords after security incident
Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach.
November 27th, 2024 — Source

Internet — Security Issues — November 25th, 2024

Best antivirus software 2024: Keep your PC safe from malware, spyware, and more
You need more than just prayer and luck—choose from our top antivirus software picks to stay safe.
November 25th, 2024 — Source

Blue Yonder ransomware attack disrupts grocery store supply chain
Supply chain management firm Blue Yonder is warning that a ransomware attack caused significant disruption to its services, with the outages impacting grocery store chains in the UK.
November 25th, 2024 — Source

China has utterly pwned 'thousands and thousands' of devices at US telcos
Senate Intelligence Committee chair says his 'hair is on fire' as execs front the White House
November 25th, 2024 — Source

Crosspoint to Invest $5M in Each Innovation Sandbox Finalist
Money Aims to Simplify Fundraising for RSA Conference Innovation Sandbox Finalists
November 25th, 2024 — Source or Source or Source or Source or Source

DOJ: Man hacked networks to pitch cybersecurity services
A Kansas City man has been indicted for allegedly hacking into computer networks and using this access to promote his cybersecurity services.
November 25th, 2024 — Source

Experts Urge Sober Assessment of Russian Hacking
Speech by UK Minister Pat McFadden Sparks Backlash
November 25th, 2024 — Source or Source or Source or Source or Source

Faraway Russian hackers breached US organization via Wi-Fi
Forest Blizzard, a threat group associated with Russia's GRU military intelligence service, repeatedly breached a US-based organization via compromised computer systems of nearby firms, which they leveraged to authenticate to the target's enterprise Wi-Fi network.
November 25th, 2024 — Source

Halcyon Raises $100 Million at $1 Billion Valuation
Series C Funding round brings the total amount raised by the ransomware protection firm to $190 million.
November 25th, 2024 — Source

Major cybercrime crackdowns signal shift in global cybersecurity strategies
Months after the UK's National Crime Agency (NCA) launched a major offensive against the notorious ransomware group LockBit, the cybercriminal gang appears to have resurfaced, continuing to carry out attacks. Despite law enforcement efforts, ransomware groups like LockBit remain resilient, demonstrating the evolving challenge in the fight against cybercrime.
November 25th, 2024 — Source

Microlise Confirms Data Breach as Ransomware Group Steps Forward
The SafePay ransomware group claims to have stolen over 1 terabyte of data from vehicle tracking solutions provider Microlise.
November 25th, 2024 — Source

Mysterious Elephant Using Hajj-Themed Bait in Attacks
Group Deploys Upgraded Malware Disguised as Microsoft File on Pilgrimage Goers
November 25th, 2024 — Source or Source or Source or Source or Source

North Korea Deploying Fake IT Workers in China, Russia, Other Countries
The North Korean fake IT workers have infiltrated businesses in China, Russia, and other countries aside from the US.
November 25th, 2024 — Source

New York Fines Geico, Travelers $11.3M for Data Breaches
Fines Tied to Wave of 2021 Driver's License Number Theft
November 25th, 2024 — Source or Source or Source or Source or Source

Recent Zyxel Firewall Vulnerability Exploited in Ransomware Attacks
A ransomware group has been observed exploiting a recently patched command injection vulnerability in Zyxel firewalls for initial access.
November 25th, 2024 — Source

Russian Cyberspies Hacked Building Across Street From Target for Wi-Fi Attack
Russian cyberspy group APT28 conducted a Nearest Neighbor Attack, where it hacked into the building across the street from the victim for a Wi-Fi attack.
November 25th, 2024 — Source

Russian Hackers Exploit Wi-Fi in Sophisticated New Attack
'Nearest Neighbor Attack' Bypasses Cyber Defenses by Breaching Wi-Fi Networks
November 25th, 2024 — Source or Source or Source or Source or Source

Salt Typhoon hackers backdoor telcos with new GhostSpider malware
The Chinese state-sponsored hacking group Salt Typhoon has been observed utilizing a new "GhostSpider" backdoor in attacks against telecommunication service providers.
November 25th, 2024 — Source

UK seeks collaboration for security research lab to counter Russia and 'new AI arms race'
The U.K. is seeking collaboration for a new AI security research lab that's designed to counter Russia and other hostile states in what it dubs the "new AI arms race."
November 25th, 2024 — Source

US National Security Officials Brief Telecom Executives
National Security Officials Share Intelligence on a Cyberespionage Campaign
November 25th, 2024 — Source or Source or Source or Source

Viso Trust Raises $7 Million for Third-Party Risk Management Platform
San Francisco-based third-party risk management provider Viso Trust has raised $7 million in venture funding.
November 25th, 2024 — Source

What Does VPN Stand For And Does It Actually Keep You Safe?
You've probably heard about VPNs. You may have already used one before to stream shows from a different geolocation or hide your ISP when you're using public internet in a coffee shop or airport lounge. But what do the initials "VPN" actually stand for, and what does it mean?
November 25th, 2024 — Source

Wireshark 4.4.2: Security updates, bug fixes, updated protocol support
Wireshark, the popular network protocol analyzer, has reached version 4.4.2. It is used for troubleshooting, analysis, development and education.
November 25th, 2024 — Source

Internet — Security Issues — November 24th, 2024

Scammers exploit tiny typos to trick people into sending money to their crypto wallets
A team of cybersecurity researchers at Stony Brook University has uncovered a new way for scammers to steal from unsuspecting cryptocurrency users. They have posted a paper to the arXiv preprint server describing the new crypto scam and how users can protect themselves.
November 24th, 2024 — Source

Taiwan gets slammed with 15,000 cyber attacks per second — Minister notes figure is 4X more than average
New agencies and ministries have been set up to coordinate protection.
November 24th, 2024 — Source

Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
November 24th, 2024 — Source

White House & US carriers held a meeting on hacks from China
In recent weeks, US authorities have been warning about a potential campaign of attacks on US telecommunications infrastructure from China. Hackers have reportedly been trying to breach the most prominent mobile carriers for months. A new report reveals that White House officials held a meeting with telecom executives to address the alleged hack.
November 24th, 2024 — Source

Internet — Security Issues — November 23rd, 2024

10 Of The Worst Cybersecurity Mistakes You're Probably Making Right Now
The blue screen of death looms large in the cultural mishmash of modern tech-adept consumers. The screen is a simple prompt signaling to its user that the device cannot fix whatever error has befallen it on its own. The crash of a computer could be a sign your CPU is failing after years of hard use, but hardware failing or operating unexpectedly can often come from a cybersecurity breach, too.
November 23rd, 2024 — Source

Hackers Breach Andrew Tate’s ‘University’ Exposing User Data
Hackers have managed to infiltrate and expose sensitive data from Andrew Tate, the controversial influencer behind the internet platform “The Real World.”
November 23rd, 2024 — Source

How ‘Scattered Spider’ hacked some of the world’s biggest tech giants, and got caught
After evading capture for more than two years following a hacking spree that targeted some of the world’s biggest tech companies, U.S. authorities say they have finally caught at least some of the hackers responsible.
November 23rd, 2024 — Source

Intel Arc B580 Battlemage GPU specs leaked in accidental retailer listing — Arc B580 features PCIe 5.0 x8 interface, 12GB GDDR6, and 192-bit memory interface
Somebody accidentally activated the listings for Intel's next-gen GPUs before they launched.
November 23rd, 2024 — Source

Novel Russian hacking method daisy chains Wi-Fi networks to reach intended target
Cybersecurity experts think the attack will become more prevalent
November 23rd, 2024 — Source

Internet — Security Issues — November 21st, 2024

5 charged in "Scattered Spider," one of the most profitable phishing scams ever
Phishing attacks were so well-orchestrated that they fooled some of the best in the business.
November 21st, 2024 — Source

2,000 Palo Alto Firewalls Compromised via New Vulnerabilities
The number of internet-exposed Palo Alto firewalls is dropping, but 2,000 have been compromised, according to Shadowserver Foundation.
November 21st, 2024 — Source

2,000 Palo Alto Networks devices compromised in latest attacks
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation's internet-wide scanning has revealed.
November 21st, 2024 — Source

Active network of North Korean IT front companies exposed
An analysis of the websites belonging to companies that served as a front for getting North Korean IT workers remote jobs with businesses worldwide has revealed an active network of such companies originating in China.
November 21st, 2024 — Source

After CrowdStrike Outage, Microsoft Debuts 'Quick Machine Recovery' Tool
Microsoft debuts Quick Machine Recovery tool to apply fixes even when machines are unable to boot, without needing physical access.
November 21st, 2024 — Source

AI -- Implementing the Right Technology for the Right Use Case
Just like other technologies that have gone before, such as cloud and cybersecurity automation, right now AI lacks maturity.
November 21st, 2024 — Source

British Lawmakers Leery of Losing EU Adequacy Status
Lawmakers Expressed Concerns Over Proposed Data Use and Access Bill
November 21st, 2024 — Source or Source or Source or Source

Chinese hackers target Linux with new WolfsBane malware
A new Linux backdoor called 'WolfsBane' has been discovered, believed to be a port of Windows malware used by the Chinese 'Gelsemium' hacking group.
November 21st, 2024 — Source

CISA Red Team Finds Alarming Critical Infrastructure Risks
Red Team Finds Vulnerabilities in Critical Infrastructure Org's Security Framework
November 21st, 2024 — Source or Source or Source or Source or Source

CISA says BianLian ransomware now focuses only on data theft
The BianLian ransomware operation has shifted its tactics, becoming primarily a data theft extortion group, according to an updated advisory from the U.S. Cybersecurity & Infrastructure Security Agency, the FBI, and the Australian Cyber Security Centre.
November 21st, 2024 — Source

Cryptohack Roundup: No Prison Time for FTX's Gary Wang
Also: Bitfinex Launderer Razzlekhan Gets 18-Month Sentence
November 21st, 2024 — Source or Source or Source or Source or Source

Deep Instinct delivers malware and ransomware prevention for cloud data stored in S3 buckets
Deep Instinct launched Deep Instinct DSX for Cloud Amazon S3. As organizations increasingly rely on the cloud to power their digital transformation, businesses are generating and storing record amounts of data in the cloud.
November 21st, 2024 — Source

Exploitation Attempts Target Citrix Session Recording Vulnerabilities
Exploitation attempts seen for two recently patched Citrix Session Recording vulnerabilities tracked as CVE-2024-8068 and CVE-2024-8069.
November 21st, 2024 — Source

Feds Indict 5 Suspects Tied to Scattered Spider Cybercrime
FBI Ties Suspects to at Least 45 Attacks and Theft of Cryptocurrency Worth Millions
November 21st, 2024 — Source or Source or Source or Source or Source

Financial Software Firm Finastra Investigating Data Breach
Finastra is investigating a data breach after a hacker claimed the theft of information from an internal file-transfer application.
November 21st, 2024 — Source

Fortinet VPN design flaw hides successful brute-force attacks
A design flaw in the Fortinet VPN server's logging mechanism can be leveraged to conceal the successful verification of credentials during a brute-force attack without tipping off defenders of compromised logins.
November 21st, 2024 — Source

GAO: HHS Needs to Be a Better Leader in Health Sector Cyber
Watchdog Agency Report Points to Unimplemented Cyber Recommendations
November 21st, 2024 — Source or Source or Source or Source or Source

Google calls the AI fuzz to find vulnerabilities
Not familiar with 'fuzzing'? It's a software testing technique that involves feeding invalid, unexpected, or random data into a program to detect coding errors and security vulnerabilities.
November 21st, 2024 — Source

HiddenLayer Automated Red Teaming prevents malicious manipulation of AI models
HiddenLayer launched Automated Red Teaming solution for artificial intelligence, a transformative tool that enables security teams to rapidly and thoroughly assess generative AI system vulnerabilities.
November 21st, 2024 — Source

HP Enterprise Security Edition protects PC hardware and firmware from physical attacks
HP announced HP Enterprise Security Edition, a suite of security capabilities designed to enhance the physical security of HP business class PCs.
November 21st, 2024 — Source

ICS Security: 145,000 Systems Exposed to Web, Many Industrial Firms Hit by Attacks
Censys and Kaspersky publish ICS security reports looking into exposure to attacks and actual attacks suffered by industrial organizations.
November 21st, 2024 — Source

Lenovo introduces ThinkShield Firmware Assurance
Lenovo introduced ThinkShield Firmware Assurance as part of its portfolio of enterprise-grade cybersecurity solutions.
November 21st, 2024 — Source

Manufacturing faces a wave of advanced email attacks
New data from Abnormal Security shows that between September 2023 and September 2024, phishing, business email compromise, and vendor email compromise attacks on manufacturers increased significantly.
November 21st, 2024 — Source

Mexico's President Says Government Is Investigating Reported Ransomware Hack of Legal Affairs Office
Mexico's president says the government is investigating a reported ransomware hack of the country's legal affairs office.
November 21st, 2024 — Source

Microsoft disrupts ONNX phishing-as-a-service infrastructure
​Microsoft has seized 240 domains used by customers of ONNX, a phishing-as-a-service (PhaaS) platform, to target companies and individuals across the United States and worldwide since at least 2017.
November 21st, 2024 — Source

MITRE Updates List of 25 Most Dangerous Software Vulnerabilities
MITRE has released an updated CWE Top 25 Most Dangerous Software Weaknesses list, with cross-site scripting (XSS) at the top.
November 21st, 2024 — Source

N-able Strengthens Cybersecurity via $266M Adlumin Purchase
Security Operations Purchase Brings Cloud-Native XDR, MDR to IT Management Platform
November 21st, 2024 — Source or Source or Source or Source or Source

Now BlueSky hit with crypto scams as it crosses 20 million users
As many more users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors.
November 21st, 2024 — Source

Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities.
November 21st, 2024 — Source

Owl Cyber Defense Solutions unveils all-in-one PCIe data diode card
Owl Cyber Defense Solutions announced the latest release of Owl Talon, which includes integration with a new all-in-one PCIe data diode card -- Owl Talon One.
November 21st, 2024 — Source

Palo Alto Networks warns hackers are breaking into its customers' firewalls — again
Malicious hackers have compromised potentially thousands of organizations by exploiting two new zero-day vulnerabilities found in widely used software made by cybersecurity giant Palo Alto Networks.
November 21st, 2024 — Source

Researchers unearth two previously unknown Linux backdoors
ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood.
November 21st, 2024 — Source

RSA's Innovation Sandbox: Cybersecurity Startups Must Accept $5 Million Investment
The owners of the RSA Conference will make a $5 million investment a prerequisite for all 10 finalists at next year's Innovation Sandbox.
November 21st, 2024 — Source

Salt Typhoon's Boldest Hack Yet: T-Mobile Attack is Significant, Analysts Say
This week, T-Mobile, the second largest wireless carrier in the U.S., confirmed a breach by China's hacking group, Salt Typhoon.
November 21st, 2024 — Source

Samsung Electronics Scales Up Mobile Security Rewards Program To Boost Industry Collaboration and Safety
Samsung Electronics announced the enhancement of its Mobile Security Rewards Program, increasing the maximum reward amount to $1 million for eligible security vulnerability reports received from the external security community. This is part of Samsung's ongoing efforts to foster transparency and increased collaboration in mobile security, with the criteria of the program laid out in the Samsung Mobile Security Risk Classification, which now includes additional classification factors.
November 21st, 2024 — Source

Samsung Project Infinity: The Team Keeping You Safe Online
Beginning with the Galaxy S24 series, Samsung has been offering up to seven years of mobile security updates. As one of the longest periods of security support available for mobile devices, these updates mean customers can safely use their phones for longer.
November 21st, 2024 — Source

Seattle area's 'bomb cyclone' storm drives demand at EV charging stations -- and gas pumps
A "bomb cyclone" storm with blasting winds and rain on Tuesday caused power outages for more than 640,000 utility customers in Western Washington, forcing electric vehicle drivers who lost power at home to queue up at public charging stations to juice their batteries.
November 21st, 2024 — Source

Security Bite: Ransomware groups surge in Q3 2024, with shifting dominance
Corvus, one of the leading cyber insurance providers, has published its quarterly Cyber Threat Report for Q3 2024, focused on the shifting ransomware landscape. While the rising number of ransomware attacks should be no surprise to anyone, the report outlines how cybercriminals are becoming more competitive and adopting more aggressive strategies rather than waiting for the next mass-exploit event.
November 21st, 2024 — Source

Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service
The Computer Emergency Response Team of Ukraine (CERT-UA), part of the State Service of Special Communications and Information Protection (SSSCIP), has joined forces with the simulation training platform Cyber Ranges to unveil TRYZUB, a cyber resilience training and capability development service.
November 21st, 2024 — Source

Unmasking Shadow AI: The Hidden Threat Lurking in Your Business
In the rapidly evolving landscape of artificial intelligence, a new threat has emerged that demands immediate attention from cybersecurity professionals and business leaders alike: Shadow AI. This term refers to AI projects and systems that operate within organizations without official approval or oversight. As AI becomes increasingly embedded in business operations, recognizing and addressing the risks associated with Shadow AI is not just important—it's essential for maintaining data integrity and organizational security.
November 21st, 2024 — Source

US Charges Five Alleged Scattered Spider Members
Five alleged members of the Scattered Spider cybercrime group were charged for phishing and stealing millions in cryptocurrency.
November 21st, 2024 — Source

US charges five alleged members of Scattered Spider gang
Law enforcement unsealed criminal charges against five alleged members of Scattered Spider, who allegedly targeted employees of companies nationwide with phishing text messages and then used the harvested employee credentials to log in and steal non-public company data and information and to hack into virtual currency accounts to steal millions of dollars in cryptocurrency.
November 21st, 2024 — Source

US seizes PopeyeTools cybercrime marketplace, charges administrators
The U.S. has seized the cybercrime website 'PopeyeTools' and unsealed charges against three of its administrators, Abdul Ghaffar, Abdul Sami, and Javed Mirza, for selling stolen data.
November 21st, 2024 — Source

Vanta announces new products to enhance GRC and trust programs
Vanta announced a number of new and upcoming products enabling customers to build, demonstrate and enhance their GRC and trust programs.
November 21st, 2024 — Source

What is 'Scattered Spider'? How this massive phishing scam worked.
Five people have been charged for stealing millions in cryptocurrency.
November 21st, 2024 — Source

Will Arrests Squash Scattered Spider's Cybercrime Assault?
Members of Loosely Organized Group Recently Tied to Partnership With RansomHub
November 21st, 2024 — Source or Source or Source or Source or Source

Wiz acquires Dazz for $450M to expand its cybersecurity platform
Wiz, one of the most talked-about names in the world of cybersecurity, is making a significant acquisition to expand its product reach in cloud security, particularly with developers. It is buying Dazz, a specialist in security remediation and risk management, and according to sources familiar with the matter, this is a cash-and-share deal valued at $450 million.
November 21st, 2024 — Source or Source or Source or Source or Source or Source

Internet — Security Issues — November 18th, 2024

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks
EPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals.
November 18th, 2024 — Source

Accused Phobos Ransomware Hacker in US Custody
Russian National Evgenii Ptitsyn Faces a 13 Criminal Count Indictment
November 18th, 2024 — Source

AnnieMac Data Breach Impacts 171,000 PeopleAnnieMac Home Mortgage is informing over 171,000 individuals that their data has been compromised in a hacker attack.
#2693
November 18th, 2024 — Source

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
Palo Alto Networks has released fixes for two vulnerabilities (CVE-2024-0012 and CVE-2024-9474) in its next-generation firewalls that have been exploited by attackers as zero-days.
November 18th, 2024 — Source

Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials.
November 18th, 2024 — Source

Controversial United Nations Treaty May Criminalize Cybersecurity Teams
The United Nations Cybercrime Treaty has entered the final route and is moving to a General Assembly vote with the U.S. and the UK supporting the draft.
November 18th, 2024 — Source

Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day
A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet.
November 18th, 2024 — Source

Entrust, Jumio, Sumsub Lead Identity Verification Gartner MQ
Gartner Publishes First Identity Verification MQ as Workforce-Related Uses Multiply
November 18th, 2024 — Source or Source or Source or Source or Source or Source or Source

Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser.
November 18th, 2024 — Source

Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report
The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched.
November 18th, 2024 — Source

It's 'Alarmingly Easy' to Jailbreak LLM-Controlled Robots
Researchers Manipulate LLM-Driven Robots into Detonating Bombs in Sandbox
November 18th, 2024 — Source or Source or Source or Source or Source

Library of Congress Says an Adversary Hacked Some Emails
The Library of Congress has notified lawmakers of a "cyber breach" of its IT system by an adversary and a hack of emails.
November 18th, 2024 — Source

Major security audit of critical FreeBSD components now available
The FreeBSD Foundation, in partnership with the Alpha-Omega Project, has released the results of an extensive security audit of two critical FreeBSD components: the bhyve hypervisor and the Capsicum sandboxing framework.
November 18th, 2024 — Source

McAfee Total Protection review: Top security undermined by a major feature
The interface could use a touch more refinement, too.
November 18th, 2024 — Source

Microsoft 365 Admin portal abused to send sextortion emails
The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the messages appear trustworthy and bypassing email security platforms.
November 18th, 2024 — Source or Source

Palo Alto Networks Releases IoCs for New Firewall Zero-Day
Palo Alto Networks has released IoCs for the attacks exploiting a newly uncovered firewall zero-day vulnerability.
November 18th, 2024 — Source

Protect your home network with these essential router tweaks
These tweaks will make your router more secure.
November 18th, 2024 — Source

Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Great Plains Regional Medical Center says the personal information of 133,000 individuals was compromised in a ransomware attack.
November 18th, 2024 — Source

Russian extradited to US from SKorea to face ransomware charges
A Russian national has been extradited to the United States from South Korea to face charges he distributed ransomware that targeted schools, hospitals and other institutions, the Justice Department said Monday.
November 18th, 2024 — Source

Serious WordPress Plugin Security Flaw Discovered Affects Millions Of Websites
Wordfence, a cybersecurity company that specializes in making WordPress security products, has found a critical vulnerability in a plugin used by over 4 million internet websites. The company says that "this is one of the more serious vulnerabilities that we have reported on in our 12 year history."
November 18th, 2024 — Source

Suspected Russian Hackers Infect 20,000 IoT Devices
Water Barghest Group Lists Infected Devices Within 10 Minutes of Initial Compromise
November 18th, 2024 — Source or Source or Source or Source or Source

T-Mobile Also Targeted in Chinese Telecom Hacking Campaign
T-Mobile has also been targeted by the Chinese group Salt Typhoon in a major espionage campaign targeting US telecom companies.
November 18th, 2024 — Source

T-Mobile Hit by Chinese Cyber Spies; Sees Minimal Impact
Telco Giant's Probe Finds 'No Evidence' of Customer or Sensitive Data Breach
November 18th, 2024 — Source or Source or Source or Source or Source

US space tech giant Maxar discloses employee data breach
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals.
November 18th, 2024 — Source

VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw
The saga of VMWare's critical CVE-2024-38812 vCenter Server bug has reached the "exploitation detected" stage.
November 18th, 2024 — Source

Welcome to Spotlight Week: Passkeys
We're kicking off Spotlight Week with a deep dive into passkeys! This week we're partnering with the Chrome team to feature exciting announcements, insightful resources, and expert guidance on how to build seamless and secure authentication experiences for your apps.
November 18th, 2024 — Source

WordPress Plug-In Vulnerability Threatens 4 Million Sites
Critical Authentication Flaw Impacts Both Free and Pro Users
November 18th, 2024 — Source or Source or Source or Source or Source

Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection
The ability to internalize and operationalize customized threat intelligence as part of a holistic security system is no longer a luxury; it's a necessity.
November 18th, 2024 — Source

Internet — Security Issues — November 17th, 2024

Security plugin flaw in millions of WordPress sites gives admin access
A critical authentication bypass vulnerability has been discovered impacting the WordPress plugin 'Really Simple Security' (formerly 'Really Simple SSL'), including both free and Pro versions.
November 17th, 2024 — Source

Phishing emails increasingly use SVG attachments to evade detection
Threat actors increasingly use Scalable Vector Graphics (SVG) attachments to display phishing forms or deploy malware while evading detection.
November 17th, 2024 — Source

Week in review: Microsoft patches actively exploited 0-days, Amazon and HSBC employee data leaked
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
November 17th, 2024 — Source

Will passkeys ever replace passwords? Can they?
Here's why they really should
November 17th, 2024 — Source

Internet — Security Issues — November 16th, 2024

Cybercriminals Turn Away From Telegram: Expert Analysis
With Telegram in the spotlight over legal issues and security concerns, cybercriminals are beginning to leave the platform in droves, seeking other platforms and alternatives.
November 16th, 2024 — Source

Malwarebytes Premium Security review: An antimalware staple is now optional
This app can be a good option for those who want dead simple antivirus software.
November 16th, 2024 — Source

NSO Cuts Off Customers From Pegasus After Abuse Discoveries
Israeli spyware firm NSO admitted cutting off access to its powerful Pegasus spyware for 10 government clients due to abuse, new court documents have revealed.
November 16th, 2024 — Source

Thief pretends to be Apple security and scams elderly victim out of her life's savings
Shawna Perdue of Wichita, Kansas was the victim of a scam that cost her more than $5,500. As a result of getting ripped off, a GoFundMe account was created for Perdue and thus far it has raised $5,090 from 55 kind souls. The main part of the story that has something to do with you is how Shawna got scammed. That's because you could end up being a possible victim too if you don't use common sense.
November 16th, 2024 — Source

Internet — Security Issues — November 15th, 2024

ANZ CIO Challenges: AI, Cybersecurity & Data Analytics for 2025
ANZ government CIOs face budget constraints while prioritizing AI, cybersecurity, and data analytics for productivity gains and digital transformation in 2025.
November 15th, 2024 — Source

Avast One review: Well-priced PC security with excellent protection
This security suite stands out for more than just its excellent antivirus protection.
November 15th, 2024 — Source

Bitsight acquires Cybersixgill to help organizations manage cyber exposureBitsight announced it has signed a definitive agreement to acquire Cybersixgill, a global cyber threat intelligence (CTI) data provider.
#2693
November 15th, 2024 — Source

Bitfinex burglar bags 5 years behind bars for Bitcoin heist
A nervous wait for rapper wife who also faces a stint in the clink
November 15th, 2024 — Source or Source or Source or Source

Bitfinex Hacker Lichtenstein Sentenced to 5 Years in Prison
Co-Conspirator and Wife Heather Morgan Set to be Sentenced on Monday
November 15th, 2024 — Source or Source or Source or Source or Source

McAfee reports rise in AI scams and deepfake threats for holiday shoppers
McAfee has released its 2024 Global Holiday Shopping Scams Study, providing insight into how AI-driven scams and deepfake technology are increasingly affecting shoppers during the holiday season. The research highlights that these advanced scams are becoming harder to identify, causing many consumers to change their shopping behavior to avoid potential risks.
November 15th, 2024 — Source

CISA Faces Uncertain Future Under Trump
Trump Administration Picks May Test Bipartisan Support for Cybersecurity Agency
November 15th, 2024 — Source or Source or Source or Source or Source

CISA Warns of Two More Palo Alto Expedition Flaws Exploited in Attacks
CISA has added two more Palo Alto Networks Expedition flaws, CVE-2024-9463 and CVE-2024-9465, to its KEV catalog.
November 15th, 2024 — Source

CISO Forum Virtual Summit: Full Session List On Demand
All sessions from the 2024 CISO Forum Virtual Summit are now available to watch on demand.
November 15th, 2024 — Source

Cloud Platform Bugs Threaten Smart Home Security
Researchers Find Exploitable Flaws in the OvrC Platform
November 15th, 2024 — Source or Source or Source or Source

Could You Get $10,000 From 23andMe's Data Breach Settlement? Here's What to Know
Nearly 7 million of 23andMe's customers were exposed in a recent data leak. Now they -- and potentially, you -- could be in line for a major payout.
November 15th, 2024 — Source

Common way to test for leaks in large language models may be flawed
Large language models are everywhere, including running in the background of the apps on the device you're using to read this. The auto-complete suggestions in your texts and emails, the query responses composed by Gemni, Copilot and ChatGPT, and the images generated from DALL-E are all built using LLMs.
November 15th, 2024 — Source

Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover
Over 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access.
November 15th, 2024 — Source

Cyber crooks push Android malware via letter
Cyber crooks are trying out an interesting new approach for getting information-stealing malware installed on Android users’ smartphones: a physical letter impersonating MeteoSwiss (i.e., Switzerland’s Federal Office of Meteorology and Climatology).
November 15th, 2024 — Source

Cybercriminals hijack DNS to build stealth attack networks
Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and the risk to organizations are significant.
November 15th, 2024 — Source

Cyberstarts Program Sparks Debate Over Ethical Boundaries
Scrutiny Over Ethics of Profit-Sharing Prompts End to Cyberstarts CISO Compensation
November 15th, 2024 — Source or Source or Source or Source or Source

p>DHS intros framework for AI safety and security, in healthcare and elsewhere
The U.S. Department of Homeland Security sees three areas of concern as artificial intelligence is used across critical infrastructure sectors: attacks using AI, attacks targeting AI systems and design, and implementation failures.
November 15th, 2024 — Source

Glove Stealer Malware Bypasses Chrome’s App-Bound Encryption
The Glove Stealer malware leverages a recently disclosed App-Bound encryption bypass method in attacks.
November 15th, 2024 — Source

Hackers can wirelessly watch your display by HDMI radiation
A newly discovered technique combines wireless EM monitoring and AI algorithms to "read" text on a victim's screen via HDMI radiation, and it's already being used in the wild.
November 15th, 2024 — Source

Homeland Security Department Releases Framework for Using AI in Critical Infrastructure
The framework recommends that AI developers evaluate potentially dangerous capabilities in their products, ensure their products align with “human-centric values” and protect users’ privacy.
November 15th, 2024 — Source

IBM announces Autonomous Security for Cloud
IBM announced Autonomous Security for Cloud (ASC), an AI-powered solution from IBM Consulting designed to automate cloud security management and decision-making to help mitigate risk for organizations accelerating their cloud journey on Amazon Web Services (AWS) environments.
November 15th, 2024 — Source

In Other News: TSA Wants New Cyber Rules, Scam Call Detection in Android, SIM Swappers Arrested
Noteworthy stories that might have slipped under the radar: TSA proposes new cyber rules for pipelines and railroads, Google adds scam call detection to Android, SIM swappers arrested in US.
November 15th, 2024 — Source

ISMG Editors: Ransomware - The Growing Public Health Crisis
Also: Anticipating Donald Trump's Second Term; a Surprising Cybersecurity Merger
November 15th, 2024 — Source or Source or Source or Source or Source

Keyboard robbers steal 171K customers' data from AnnieMac mortgage house
Names and social security numbers of folks looking for the biggest loan of their lives exposed
November 15th, 2024 — Source

Known Brand, Government Domains Hijacked via Sitting Ducks Attacks
Threat actors have hijacked over 70,000 domains, including known brands and government entities, because of failed domain ownership verification.
November 15th, 2024 — Source

Microsoft Exchange update fixes security flaws, breaks other stuff
Flawed patch stops on-premises, hybrid server transport rules in their tracks for some
November 15th, 2024 — Source or Source

NSO Group admits cutting off 10 customers because they abused its Pegasus spyware, say unsealed court documents
On Thursday, WhatsApp scored a legal victory by convincing a U.S. federal judge to publicly release three court documents that include new revelations about the inner workings of Pegasus, the spyware made by Israeli surveillance tech maker NSO Group.
November 15th, 2024 — Source

NSO Group used another WhatsApp zero-day after being sued, court docs say
Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued.
November 15th, 2024 — Source

One Brooklyn Agrees to $1.5M Settlement in 2022 Hack Lawsuit
Health System's Cyberattack Affected More Than 235,000 Patients, Employees, Others
November 15th, 2024 — Source or Source or Source or Source or Source

Oscilar Cognitive Identity Intelligence Platform combats AI-powered fraud
Oscilar unveiled its Cognitive Identity Intelligence Platform to combat the rising tide of AI-powered fraud.
November 15th, 2024 — Source

Palo Alto Reports Firewalls Exploited Using an Unknown Flaw
No Patch Yet; Management Interface Lockdown Blunts Attacks, Networking Giant Says
November 15th, 2024 — Source or Source or Source

Palo Alto Networks Confirms New Firewall Zero-Day Exploitation
Palo Alto Networks has confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote code execution flaw.
November 15th, 2024 — Source

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday.
November 15th, 2024 — Source

Palo Alto Networks warns of critical RCE zero-day exploited in attacks
Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as 'PAN-SA-2024-0015,' is actively being exploited in attacks.
November 15th, 2024 — Source

SurePath AI Raises $5.2 Million for Gen-AI Governance Solution
SurePath AI has raised $5.2 million in seed funding for a solution that helps enterprises securely use generative AI.
November 15th, 2024 — Source

Trump Picks Robert F. Kennedy Jr. to Head HHS
Vaccine Skeptic's Views on Health Privacy Not Well-Known
November 15th, 2024 — Source or Source or Source

US officials confirm Chinese hackers had access to law enforcement wiretap systems for months
The group is a splinter of a larger state-backed hacking collective known as Typhoon
November 15th, 2024 — Source

Worst passwords of 2024 prove we still suck at digital security
It's 2024 and people are still using "123456."
November 15th, 2024 — Source

Internet — Security Issues — November 12th, 2024

23andMe is laying off 40 percent of its staff
The genetic testing service is also winding down its therapeutics division.
November 12th, 2024 — Source

Amazon Confirms Employee Data Breach Through Third-Party Vendor
A data breach has exposed work-related contact details of Amazon employees, the company has confirmed.
November 12th, 2024 — Source

Amazon Employee Data Leaked by Hacker
Amazon has confirmed that some employee data was compromised as a result of a MOVEit hack last year.
November 12th, 2024 — Source

Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford
Cybersecurity incident impacts Giant Food, Hannaford, and other Ahold Delhaize USA brands, including pharmacies and e-commerce services.
November 12th, 2024 — Source

Australia on Track to Ban Social Media Access for Minors
Advocacy Groups Call for Government to Regulate Social Media Platforms
November 12th, 2024 — Source or Source or Source or Source or Source

Bitdefender vs. Malwarebytes: Which antivirus is best?
Bitdefender offers feature-rich antivirus at a competitive price, while Malwarebytes focuses on protection against malware. Here's how to decide between the two.
November 12th, 2024 — Source

BlackFog platform enhancements boost data loss prevention
BlackFog launched its next generation enterprise platform to deliver even more powerful ransomware and insider threat prevention.
November 12th, 2024 — Source

CHERI Alliance Launches with Major Partners Like Google to Address Hardware-Level Cybersecurity
The CHERI Alliance CIC (Community Interest Company) today announced its official launch and the expansion of its membership, welcoming Chevin Technology (UK), Critical Technologies (USA), the Defence Science and Technology Laboratory (DSTL, UK), Google (USA), Light Momentum Technology Corporation (Taiwan), National Cyber Security Centre (NCSC, a part of GCHQ, UK), Parvat Infotech (India), SRI International (USA), TechWorks (UK), Trusted Computer Center of Excellence (USA), the University of Birmingham (UK), and the University of Glasgow (UK) as founding members.
November 12th, 2024 — Source or Source or Source or Source or Source or Source

'Cybersecurity issue' at Food Lion parent blamed for US grocery mayhem
Stores still open, but customers report delayed deliveries, invoicing issues, and more at Stop & Shop and others
November 12th, 2024 — Source

Druva empowers businesses to secure data throughout Microsoft environments
Druva announced support for Microsoft Dynamics 365 to help enterprises secure mission-critical data across Dynamics 365 Sales and Customer Service CRM modules.
November 12th, 2024 — Source

Eurotech ReliaGATE 15A-14 enables organizations to meet regulatory standards
Eurotech launches ReliaGATE 15A-14, a cybersecure modular edge gateway designed to meet the growing demand for secure, flexible, and globally deployable IoT solutions.
November 12th, 2024 — Source

F5 AI Gateway secures and optimizes access to AI applications
F5 announced early access of F5 AI Gateway to streamline interactions between applications, APIs, and large language models (LLMs) driving enterprise AI adoption.
November 12th, 2024 — Source

FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023
​The FBI, the NSA, and Five Eyes cybersecurity authorities have released a list of the top 15 routinely exploited vulnerabilities throughout last year, most of them first abused as zero-days.
November 12th, 2024 — Source

Form I-9 Compliance Data Breach Impacts Over 190,000 People
The impact of a data breach suffered by Form I-9 Compliance is growing, with the number of affected individuals reaching 190,000.
November 12th, 2024 — Source

'FYI. A Warrant Isn’t Needed': Secret Service Says You Agreed To Be Tracked With Location Data
The Secret Service has used a technology called Locate X which uses location data harvested from ordinary apps installed on phones. Because users agreed to an opaque terms of service page, the Secret Service believes it doesn't need a warrant.
November 12th, 2024 — Source

GitLoker Strikes Again: New “Goissue” Tool Targets GitHub Developers and Corporate Supply Chains
GoIssue is a new tool for cybercriminals that allows attackers to extract email addresses from GitHub profiles and send bulk emails to users.
November 12th, 2024 — Source

Growth of extended reality tech means new 'enhanced' regulation needed to protect people's privacy
The growth of extended reality technology means new enhanced measures are needed to protect people's privacy, a new study says.
November 12th, 2024 — Source

Hackers bury malware in new ZIP file attack — combining multiple ZIPs into one bypasses antivirus protections
Malware starts hiding deeper in phishing email ZIP files.
November 12th, 2024 — Source

Hamas Tied to October Wiper Attacks Using Eset Email
'Wirte' Threat Actor Used Wiper That Checks if Victim Is Located in Israel
November 12th, 2024 — Source or Source or Source or Source or Source

Hot Topic breach: Has your credit card info been compromised?
If you’re wondering whether your personal and financial data has been compromised in the massive Hot Topic breach, you can use two separate online tools to check: Have I Been Pwned? or DataBreach.com.
November 12th, 2024 — Source

Immersive Labs AI Scenario Generator improves cyber skills against various attack types
Immersive Labs introduced AI Scenario Generator. This new capability enables organizations to generate threat scenarios for crisis simulations to ensure their workforces are ready for the latest threats.
November 12th, 2024 — Source

IP Spoofing Attack Tried to Disrupt Tor Network
A coordinated IP spoofing attack that involved port scans tried to disrupt the Tor network by getting relays on blocklists.
November 12th, 2024 — Source

Massive troves of Amazon, HSBC employee data leaked
A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP – ostensibly compromised during the May 2023 MOVEit hack by the Cl0p ransomware gang, which affected British Airways, the BBC, Aer Lingus, Boots. Zellis, and others.
November 12th, 2024 — Source

McAfee+ Ultimate review: Comprehensive security that needs more polish
More polish would make this flagship security suite shine.
November 12th, 2024 — Source

Meta now allows military agencies to access its AI software. It poses a moral dilemma for everybody who uses it
Meta will make its generative artificial intelligence (AI) models available to the United States' government, the tech giant has announced, in a controversial move that raises a moral dilemma for everyone who uses the software.
November 12th, 2024 — Source

Microsoft Confirms Zero-Day Exploitation of Task Scheduler Flaw
Patch Tuesday: Microsoft patches 90 security flaws across the Windows ecosystem and warns of zero-day exploitation and code execution risks.
November 12th, 2024 — Source

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)
November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 – are actively exploited by attackers.
November 12th, 2024 — Source

Millions of Hot Topic Customers Impacted by Data Breach
Hot Topic has suffered a data breach impacting approximately 57 million unique email addresses and the personal information of roughly 25 million.
November 12th, 2024 — Source

New iOS Security Feature Reboots Devices to Protect User Data: Reports
A new feature in the latest iOS release reportedly reboots locked devices that have not been unlocked for longer periods of time.
November 12th, 2024 — Source

New tool helps prepare workforces for cyber threats
Humans are generally the weakest link in the cybersecurity chain, so training and awareness are essential alongside technology to keep organizations safe.
November 12th, 2024 — Source

North Korean hackers caught spreading new malware for macOS
North Korean hackers are well-known for their bold cyberattacks, mostly aimed at stealing money to fund the country’s goals and get around economic sanctions. Researchers at Jamf have discovered some sneaky malware on macOS that appears to be linked to North Korean hackers. They found it on VirusTotal, a site where people check files for malware, but oddly, it was listed as “clean.” The malware came in three versions: one written in Go, another in Python, and the third using Flutter.
November 12th, 2024 — Source

North Korean hackers create Flutter apps to bypass macOS security
North Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by a legitimate Apple developer ID.
November 12th, 2024 — Source

Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator
Adobe patches critical-severity bugs in multiple products, including the Adobe Commerce and Magento Open Source platforms.
November 12th, 2024 — Source

Pentagon Secrets Leaker Jack Teixeira Sentenced to 15 Years in Prison by a Federal Judge
Teixeira pleaded guilty in March to six counts of the willful retention and transmission of national defense information under the Espionage Act.
November 12th, 2024 — Source

Reporting into the void: Research validates victims' doubts about response to phishing reports
The cybersecurity refrain when encountering phishing emails invariably advises: "don't click on that link" and "report that email"—but new research from Drexel University and Arizona State University has revealed a problematic reality: Most major companies do little to support reporting and few take action to shut down phishing sites disguised as their own after they have been reported.
November 12th, 2024 — Source

SAP Patches High-Severity Vulnerability in Web Dispatcher
SAP has released eight new security notes on November 2024 patch day, including one addressing a high-severity vulnerability in Web Dispatcher.
November 12th, 2024 — Source

Snowflake hackers identified and charged with stealing 50 billion AT&T records
The U.S. government has accused Connor Moucka and John Binns of being the hackers who broke into the systems of AT&T, stealing around 50 billion customer call and text records.
November 12th, 2024 — Source

Snyk Acquires Probely to Strengthen API Security for AI Apps
Snyk Boosts API Security with Enhanced Dynamic App Security Testing Capabilities
November 12th, 2024 — Source or Source or Source or Source or Source

SpyNote Malware Targets Android Antivirus Users
Malware Spotted Masquerading as Avast Antivirus
November 12th, 2024 — Source or Source or Source or Source or Source

Trustwave, Cybereason Merge to Form an MDR Security Stalwart
Merger to Strengthen MDR, EDR, Consulting Services and Threat Intelligence Globally
November 12th, 2024 — Source or Source or Source or Source or Source

US Still Backing UN Cybercrime Treaty Despite Criticism
US to Advocate for Human Rights Safeguards from Supporting Member Nations
November 12th, 2024 — Source or Source or Source or Source or Source

Volt Typhoon rebuilds malware botnet following FBI disruption
The Chinese state-sponsored hacking group Volt Typhoon has begun to rebuild its "KV-Botnet" malware botnet after it was disrupted by law enforcement in January, according to researchers from SecurityScorecard.
November 12th, 2024 — Source

Zscaler Zero Trust Segmentation prevents lateral movement from ransomware attacks
Zscaler announced a Zero Trust Segmentation solution to provide a more secure, agile and cost-effective means to connect users, devices, and workloads across and within globally distributed branches, factories, campuses, data centers, and public clouds.
November 12th, 2024 — Source

Internet — Security Issues — November 10th, 2024

Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability
Here's an overview of some of last week's most interesting news, articles, interviews and videos: Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) Synology has released fixes for an unauthenticated "zero-click" remote code execution flaw (CVE-2024-10443, aka RISK:STATION) affecting its popular DiskStation and BeeStation network attached storage (NAS) devices.
November 10th, 2024 — Source

Internet — Security Issues — November 9th, 2024

50 countries warn UN of ransomware attacks on hospitals
The World Health Organization and some 50 countries issued a warning Friday at the United Nations about the rise of ransomware attacks against hospitals, with the United States specifically blaming Russia.
November 9th, 2024 — Source

Internet — Security Issues — November 8th, 2024

AI Recruitment Tools Prone to Bias, Privacy Issues
ML, NLP Tools Collect More Personal Information Than Required, U.K. Regulator Says
November 8th, 2024 — Source or Source or Source

or Source

Anthropic, Palantir, AWS to Build AI for US Defense
New AWS-Hosted Solution to Integrate Claude With Palantir AI Platform
November 8th, 2024 — Source or Source or Source

AppOmni partners with Cisco to extend zero trust to SaaS
AppOmni announced a significant partnership that combines the company's Zero Trust Posture Management (ZTPM) solution with Cisco's Security Service Edge (SSE) technology suite to enable zero trust principles at the application layer in Security-as-a-Service (SaaS) applications.
November 8th, 2024 — Source

Breach Roundup: Chinese Cyberespionage Using Open-Source VPN
Also: Ransomware Hackers Demand Baguettes
November 8th, 2024 — Source or Source or Source or Source or Source

Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)
A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed on Thursday.
November 8th, 2024 — Source

Critical Veeam RCE bug now used in Frag ransomware attacks
After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware.
November 8th, 2024 — Source

Cyderes' New CEO Eyes Identity-Cybersecurity Convergence
CEO Chris Schueler Aims to Combine AI With Identity to Prevent, Detect Cyber Issues
November 8th, 2024 — Source or Source

FBI says hackers are sending fraudulent police data requests to tech giants to steal people's private information
The FBI is warning that hackers are obtaining private user information — including emails and phone numbers — from U.S.-based tech companies by compromising government and police email addresses to submit "emergency" data requests.
November 8th, 2024 — Source

Feds Warn Health Sector of an Array of Cyberthreats
HHS Alerts on Scattered Spider, Living of the Land, Miracle Exploit, F5 Attacks
November 8th, 2024 — Source or Source or Source or Source

Hackers Are Using Police Emails to Send Tech Companies Fraudulent Data Requests
Law enforcement send "emergency" requests to tech giants when they believe it's necessary to stop an immediate threat. Hackers are taking advantage of that.
November 8th, 2024 — Source

HPE Patches Critical Vulnerabilities in Aruba Access Points
HPE this week warned of two critical vulnerabilities in Aruba Networking access points that could lead to unauthenticated command injection.
November 8th, 2024 — Source

ISMG Editors: US Election Impact on Cybersecurity, HIPAA
Also: Potential Government Policy Changes; AI-Driven Zero-Day Discoveries
November 8th, 2024 — Source or Source

ISMG Summit Highlights Growing Third-Party Vendor Threats
Financial Services Experts Call for Stronger Focus on Third-Party Risk Management
November 8th, 2024 — Source or Source or Source or Source or Source

Malwarebytes Acquires VPN Provider AzireVPN
Malwarebytes has acquired Sweden-based privacy-focused VPN provider AzireVPN to expand its product offerings.
November 8th, 2024 — Source

Mirantis provides support offerings for Harbor Registry and KubeVirt
Mirantis launched Mirantis Harbor Registry Support and Mirantis KubeVirt Support offerings, providing support for managing container image registries and virtual machine workloads within any Kubernetes environment, irrespective of the underlying infrastructure or Kubernetes distribution.
November 8th, 2024 — Source

Nokia Says Impact of Recent Source Code Leak Is Very Limited
After the hacker IntelBroker leaked stolen source code, Nokia said the impact of the cybersecurity incident is limited.
November 8th, 2024 — Source

Palo Alto Networks Expedition Vulnerability Exploited in Attacks, CISA Warns
CISA has added a Palo Alto Networks Expedition flaw tracked as CVE-2024-5910 to its Known Exploited Vulnerabilities Catalog.
November 8th, 2024 — Source

Texas Oilfield Supplier Newpark Hit by Ransomware
Texas-based oilfield supplier Newpark Resources says a ransomware attack disrupted information systems and business applications.
November 8th, 2024 — Source

Unpatched Vulnerabilities Allow Hacking of Mazda Cars: ZDI
ZDI discloses vulnerabilities in the infotainment system of multiple Mazda car models that could lead to code execution.
November 8th, 2024 — Source

US Gov Agency Urges Employees to Limit Phone Use After China 'Salt Typhoon' Hack
The US government's CFPB sent an email with a simple directive: "Do NOT conduct CFPB work using mobile voice calls or text messages."
November 8th, 2024 — Source

US Prison Sentences for Nigerian Cybercriminals Surge in Recent Months
A significant number of Nigerian cybercriminals have been sent to prison in recent months in the United States, and some of them received lengthy sentences.
November 8th, 2024 — Source

Why Small Developer Tools Get Flagged as Malware and How to Safely Use Their Software
Recently, a reader of our newsletter called me to task for recommending software that Malwarebytes tagged as suspicious or a PUP. Rightly so, I think. I should have given a warning. We have written about PUPs and False Postives detections sometime ago, but this is an excellent time to discuss how tools from small developers often face an uphill battle regarding being recognized as safe.
November 8th, 2024 — Source

Internet — Security Issues — November 7th, 2024

Android Banking Trojan ToxicPanda Targets Europe
ToxicPanda is a China-linked Android banking trojan spotted targeting over a dozen banks in Europe and Latin America.
November 7th, 2024 — Source

Assessing Banking Product Risks to Improve KYC Programs
Trapets CEO Gabriella Bussien on Why Banks Need to Fine-Tune, Automate KYC Processes
November 7th, 2024 — Source or Source or Source or Source or Source

AudioEye Accessibility Protection Status identifies high-impact areas for improvement
AudioEye launched Accessibility Protection Status, a new benchmark in digital accessibility compliance that empowers businesses to achieve better transparency, clarity, and control over their digital accessibility efforts.
November 7th, 2024 — Source

Breach Roundup: Chinese Cyberespionage Using Open-Source VPN
Also: Ransomware Hackers Demand Baguettes
November 7th, 2024 — Source or Source or Source or Source or Source

Canada Orders TikTok’s Canadian Business to Be Dissolved but Won’t Block App
Canada won’t block access to TikTok but is ordering the dissolution of its Canadian business after a national security review.
November 7th, 2024 — Source

Cisco Patches Critical Vulnerability in Industrial Networking Solution
A critical vulnerability in Cisco Unified Industrial Wireless software could allow remote, unauthenticated attackers to inject commands with root privileges.
November 7th, 2024 — Source

Combating Cybercrime: What to Expect From Trump Presidency?
Close International Law Enforcement Collaboration Will Continue, Experts Forecast
November 7th, 2024 — Source or Source or Source or Source or Source

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418)
Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) affecting its Ultra-Reliable Wireless Backhaul (URWB) Access Points that can be exploited via a HTTP requests and allows complete compromise of the devices.
November 7th, 2024 — Source

Cryptohack Roundup: M2, Metawin Exploits
Also: LottieFiles Attack, Craig Wright's Contempt of Court
November 7th, 2024 — Source or Source or Source or Source or Source

Cyberattack on Microlise Disables Tracking in Prison Vans, Courier Vehicles
Vehicle tracking services for Serco, DHL, and other fleets were disrupted after Microlise fell victim to a cyberattack.
November 7th, 2024 — Source

Drawbridge simplifies cyber governance for alternative investment firms
Drawbridge is debuting a real-time executive summary of a manager’s cyber risk program.
November 7th, 2024 — Source

Embed Security Raises $6 Million to Help Overworked Analysts
Embed Security has raised $6 million in an early stage funding round led by Paladin Capital Group.
November 7th, 2024 — Source

Fortinet expands GenAI capabilities across its portfolio with two new additions
Fortinet announced the expansion of GenAI capabilities across its product portfolio with the launch of two new integrations with FortiAI, Fortinet’s AI-powered security assistant that uses GenAI to guide, simplify, and automate security analyst activities.
November 7th, 2024 — Source

Hacker Claims to Leak Nokia Source Code
Noka 'Is Aware of Reports'
November 7th, 2024 — Source or Source or Source

Hackers are stealing more info than ever. These 4 actions keep you safe
The pace of data breaches and leaks is insane.
November 7th, 2024 — Source

Industrial companies in Europe targeted with GuLoader
A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a remote access trojan that would permit attackers to steal information from and access compromised computers whenever they wish.
November 7th, 2024 — Source

Law Firm Hack Compromises Health System's Patient Data
Did Data Theft at Firm Also Affect Other Clients' Information?
November 7th, 2024 — Source or Source or Source or Source or Source

Malwarebytes acquires AzireVPN to boost security for customers
Malwarebytes announced the acquisition of AzireVPN, a renowned privacy-focused VPN provider.
November 7th, 2024 — Source

Microsoft Reports 600 Million Cyberattacks per Day
Findings From the Tech Giant's Defense Report 2024 Flag Expanding Threat Landscape
November 7th, 2024 — Source or Source or Source or Source or Source

New Malware Spreads to Windows PCs Through Gaming Apps
Researchers have uncovered a new malware, Winos4.0, which spreads undetected by hiding in gaming-related apps on Windows, such as installation tools and performance boosters.
November 7th, 2024 — Source

North Korean hackers employ new tactics to compromise crypto-related businesses
North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware.
November 7th, 2024 — Source or Source or Source

Sinister SteelFox Malware Uses A Sly Trick To Take Over Your Windows PC
Security researchers at Kaspersky have discovered malware, dubbed SteelFox, which has been spreading “via forums posts, torrent trackers and blogs” since February of last year. It’s a potent piece of malicious software that attackers can use to extract a whole host of data from a victim’s computer, and can even enable the Sourcemining of cryptocurrency.
November 7th, 2024 — Source

‘SteelFox’ Miner and Information Stealer Bundle Emerges
Impersonating legitimate software such as Foxit PDF Editor and AutoCAD, the SteelFox crimeware bundle steals user information.
November 7th, 2024 — Source

The Biggest Inhibitor of Cybersecurity: The Human Element
Essential steps such as security awareness training, MFA, and Zero Trust identity management help organizations reduce the human element and stay ahead in the cybersecurity curve.
November 7th, 2024 — Source

Zywave enhances Cyber Quoting to provide insight into coverage limit adequacy and potential loss gaps
Zywave announced an enhancement to its Cyber Quoting solution with the addition of embedded benchmarking.
November 7th, 2024 — Source

Internet — Security Issues — November 5th, 2024

9 benefits of AI-driven SIEM for boosting security
9 benefits of AI-driven SIEM for boosting security
November 5th, 2024 — Source or Source or Source or Source or Source or Source

9 Remote Work Security Best Practices & Tips in 2024
Working from home or anywhere else has become common because it's flexible and convenient. However, it also comes with security risks that must be addressed to protect sensitive corporate information.
November 5th, 2024 — Source

9 things you realize when you first start using a VPN
VPN novices take note.
November 5th, 2024 — Source

Alleged Snowflake Hacker Appears in Court, Says Prison in Lockdown
Connor Moucka said he didn't have a lawyer yet. He was arrested at the request of the U.S.
November 5th, 2024 — Source

Beware of phishing emails delivering backdoored Linux VMs!
Unknown attackers are trying to trick Windows users into spinning up a custom Linux virtual machine (VM) with a pre-configured backdoor, Securonix researchers have discovered.
November 5th, 2024 — Source

BigID DSPM Starter App enhances data security posture for Snowflake customers
BigID launched Data Security Posture Management (DSPM) Starter App, built natively in Snowflake and using the Snowflake Native App Framework. BigID's DSPM Starter App will be available via Snowflake Marketplace and provide rapid data discovery and classification assessment natively in the Snowflake AI Data Cloud.
November 5th, 2024 — Source

Canadian Cops Bust Suspected Hacker Tied to Snowflake Hits
Hacking Suspect Tied to Theft of Data From AT&T, TicketMaster, Santander and Others
November 5th, 2024 — Source or Source or Source or Source or Source

Could New Cyber Regs Be in the Future for Clinicians?
Medicare 2025 Pay Rule for Physicians Hints of Possible New Cyber Expectations
November 5th, 2024 — Source or Source or Source or Source or Source

Canadian Authorities Arrest Suspected Snowflake Hacker
Canadian authorities have arrested Alexander 'Connor' Moucka, suspected of hacking multiple Snowflake accounts earlier this year.
November 5th, 2024 — Source

Criminals open DocuSign's Envelope API to make BEC special delivery
Why? Because that's where the money is
November 5th, 2024 — Source

Cybersecurity M&A Roundup: 37 Deals Announced in October 2024
Roundup of the thirty-seven cybersecurity-related merger and acquisition (M&A) deals announced in October 2024.
November 5th, 2024 — Source

DocuSign Abused to Deliver Fake Invoices
Cybercriminals are abusing DocuSign APIs to send bogus email messages that bypass protections such as spam and phishing filters.
November 5th, 2024 — Source

Driving Real Cyber Risk Reduction in Healthcare
Key Steps for Healthcare Organizations to Safeguard Sensitive Data
November 5th, 2024 — Source or Source or Source

Google Gives AI Kudos For Finding Its First Real 0-Day Security Threat
Usually, it takes a human to uncover vulnerabilities in a computer system, but before long, the computers may be doing it alone. Google's Deep Mind and Project Zero divisions have teamed up to create a new kind of large language model (LLM) that can identify security flaws, and the model spotted its first critical threat in the open source SQLite database engine.
November 5th, 2024 — Source

Google patches actively exploited Android vulnerability (CVE-2024-43093)
Google has delivered fixes for two vulnerabilities endangering Android users that "may be under limited, targeted exploitation": CVE-2024-43047, a flaw affecting Qualcomm chipsets, and CVE-2024-43093, a vulnerability in the Google Play framework.
November 5th, 2024 — Source

Hacker suspected in massive Ticketmaster, AT&T breaches arrested in Canada
Authorities arrested a Canadian man suspected of carrying out attacks on dozens of companies using Snowflake's cloud storage system.
November 5th, 2024 — Source

Hackers demand France's Schneider Electric pay a $125k ransom in baguettes
Hand over the dough or your 40GB of secret data is toast.
November 5th, 2024 — Source or Source

Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41
Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II.
November 5th, 2024 — Source

Lumifi acquires Critical Insight to boost incident response capabilities
Lumifi announces the acquisition of Critical Insight, marking its third acquisition in 13 months. This strategic move expands Lumifi's service offerings and strengthens its presence in the healthcare and critical infrastructure cybersecurity sector.
November 5th, 2024 — Source

New Bolster CEO Discusses AI-Driven Fraud and Data Security
CEO Rod Schultz Aims to Bridge External, Internal Data Challenges, Eyes CISO Bonds
November 5th, 2024 — Source or Source or Source or Source or Source

Office apps crash on Windows 11 24H2 PCs with CrowdStrike antivirus
Office apps like Word and Excel are crashing on Windows 11 24H2 systems managed by CrowdStrike antivirus software.
November 5th, 2024 — Source

Ongoing typosquatting campaign impersonates hundreds of popular npm packages
Puppeteer or Pupeter? One of them will snoop around on your machine and steal your credentials
November 5th, 2024 — Source

Pros and Cons of Anti-Scam Rules in UK, Australia, Singapore
3 Countries Taking Different Approaches to Accountability and Victim Compensation
November 5th, 2024 — Source or Source or Source or Source or Source

Proton's VPN app now works natively on Windows ARM devices
It claims to be one of the first VPN providers to do so.
November 5th, 2024 — Source

Report: Voice of Practitioners 2024 -- The True State of Secrets Security
In this study, GitGuardian and CyberArk reveal the stark reality of secrets management across 1,000 organizations. With 79% experiencing secrets leaks and an average remediation time of 27 days, the findings expose critical gaps between security confidence and reality.
November 5th, 2024 — Source

Researcher Discloses 36 Vulnerabilities Found in IBM Security Verify Access
Attackers could have exploited IBM Security Verify Access vulnerabilities to compromise the entire authentication infrastructure.
November 5th, 2024 — Source

Russian Fake News and Bomb Threats Target Election Day Votes
Russian Threats Aim to Disrupt Nationwide Voting as Americans Flock to the Polls
November 5th, 2024 — Source or Source or Source or Source or Source

Schneider Electric Launches Probe After Hackers Claim Theft of User Data
Hackers claim to have stolen sensitive information, including user data, after breaching Schneider Electric's Jira system.
November 5th, 2024 — Source

Schneider Electric ransomware crew demands $125k paid in baguettes
Hellcat crew claimed to have gained access via the company's Atlassian Jira system
November 5th, 2024 — Source

The coming of 6G poses new IoT security vulnerabilities
A growing challenge for 6G wireless development involves the potential for unexpected cybersecurity vulnerabilities. This is especially true given the growing set of Internet of Things (IoT) use cases with complexities such as connected cars, smart cities, and even satellite-based (non-terrestrial networks (NTN) IoT. The expanding security threat surface is particularly concerning due to its novelty and the lack of thorough testing by researchers.
November 5th, 2024 — Source

The FBI says Russian emails are sending fake bomb threats to polling stations
Russian threats to polling locations are part of a yearslong campaign to sow chaos in US politics.
November 5th, 2024 — Source

The Internet Archive's Wayback Machine is fully back in action with saving pages
It's another feature restored after DDoS attacks on the nonprofit last month.
November 5th, 2024 — Source

US warns of last-minute Iranian and Russian election influence ops
The U.S. Cybersecurity & Infrastructure Security Agency is warning about last-minute influence operations conducted by Iranian and Russian actors to undermine the public trust in the integrity and fairness of the upcoming presidential election.
November 5th, 2024 — Source

Internet — Security Issues — November 2nd, 2024

Financial institutions told to get their house in order before the next CrowdStrike strikes
Calls for improvements will soon turn into demands when new rules come into force
November 2nd, 2024 — Source

Genode-Based Sculpt OS 24.10 Introduces Multi-Monitor Support
Sculpt OS 24.10 delivers on an overhauled GUI stack that is now able to support multi-monitor setups.
November 2nd, 2024 — Source

Meta Denied Regulator's Request to Test Rights Manager's Effectiveness
Prompted by concerns aired by photographers, French telecoms regulator Arcom sought to evaluate content recognition tools deployed at online content-sharing platforms. Meta's Rights Manager and Pinterest's Claim Portal were of particular interest, but both companies denied Arcom's request to measure their effectiveness. Despite the regulator's authority under law, private agreements with rightsholders took priority.
November 2nd, 2024 — Source

Okta vulnerability allowed accounts with long usernames to log in without a password
The company has fixed the issue, three months after an update introduced it.
November 2nd, 2024 — Source

Internet — Security Issues — November 1st, 2024

A security flaw in Synology's Photos App exposes users to Zero-Click Attacks
A newly identified Remote Code Execution (RCE) vulnerability in Synology’s network-attached storage (NAS) devices has placed millions of users at risk, allowing attackers to remotely access these systems without any interaction from users.
November 1st, 2024 — Source

Bug Bounty Platform Bugcrowd Secures $50 Million in Growth Capital
Bugcrowd has secured $50 million in growth capital facility from Silicon Valley Bank for expansion and innovation.
November 1st, 2024 — Source

Chinese Hackers Use Quad7 Botnet for Credential Theft
Hackers Using Password Spraying to Steal User Microsoft Account Credentials
November 1st, 2024 — Source

CyberEdBoard Profiles in Leadership: Alex Galho
Veteran CIO on Balancing Digital Change, Security and Continuous Learning
November 1st, 2024 — Source or Source or Source or Source or Source

DDoS site Dstat.cc seized and two suspects arrested in Germany
The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years.
November 1st, 2024 — Source

Doctor Hit With $500K HIPAA Fine: Feds Worse Than Hacker
Plastic Surgeon Paid $53K Ransom But Says ‘the Real Criminal’ Is HHS
November 1st, 2024 — Source or Source or Source or Source

Everfox Deepens Cyber Case Management Expertise with Yakabod
Yakabod Deal to Strengthen Everfox's Insider Risk, Cyber Incident Response Platform
November 1st, 2024 — Source or Source or Source or Source

Ex-Disney Worker Accused of Hacking Computer Menus to Add Profanities, Errors
A former worker hacked servers at Walt Disney World in order to manipulate menus by changing prices, adding profanities and altering notifications.
November 1st, 2024 — Source

German Pharma Wholesaler AEP Targeted in Ransomware Attack
Firm Supplies More Than 6,000 Pharmacies
November 1st, 2024 — Source or Source or Source or Source

GreyNoise Credits AI for Spotting Exploit Attempts on IoT Livestream Cams
GreyNoise Intelligence says an internal AI tool captured attempts to exploit critical vulnerabilities in commercial livestream IoT cameras.
November 1st, 2024 — Source

HardPwn 2024: A Researcher's Passion for Hacking IoT Devices
Engineer Dennis Giese on Hacking Robot Vacuum Cleaners and Running Hackathons
November 1st, 2024 — Source

In Other News: FBI’s Ransomware Disruptions, Recall Delayed Again, CrowdStrike Responds to Bloomberg Article
Noteworthy stories that might have slipped under the radar: FBI conducted over 30 ransomware disruption operations this year, Windows Recall delayed until December, CrowdStrike responds to a Bloomberg article.
November 1st, 2024 — Source

LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by BleepingComputer.
November 1st, 2024 — Source

Lottie-Player Supply Chain Attack Targets Cryptocurrency Wallets
LottieFiles has confirmed that Lottie-Player has been compromised in a supply chain attack whose goal is cryptocurrency theft.
November 1st, 2024 — Source

MSP Efficiency Set to Surge With SaaS Alerts Joining Kaseya
Kaseya Acquisition of SaaS Alerts to Boost MSP Efficiency, Security With New Hires
November 1st, 2024 — Source

NCSC Details ‘Pygmy Goat’ Backdoor Planted on Hacked Sophos Firewall Devices
A stealthy network backdoor found on hacked Sophos XG firewall devices is programmed to work on a broader range of Linux-based devices.
November 1st, 2024 — Source

Paradox warns a popular Cities: Skylines II mod may have spread malware
Cities: Skylines II players who have played with mods recently may want to run some scans on their computers, according to Paradox Interactive, the game's publisher. A popular mod on the game's built-in modding platform, Paradox Mods, has seemingly been updated to include an unauthorized .dll outside of the mod author's control, and Paradox believes this file to be malicious.
November 1st, 2024 — Source

Ransomware attacks hit record levels in 2024 despite law enforcement crackdowns
Is it time to ban payments to ransomware gangs?
November 1st, 2024 — Source

Ransomware still the #1 cyber threat
A new report from Check Point Research shows that ransomware remains the top cyber threat, with RansomHub emerging as the fastest-growing group, operating through Ransomware-as-a-Service (RaaS).
November 1st, 2024 — Source

Regulator's Call to Breached Organizations: 'Be Human'
Breaches Often Have Harmful, Under-Acknowledged 'Ripple Effect' on Victims' Lives
November 1st, 2024 — Source or Source or Source or Source or Source

The biggest underestimated security threat of today? Advanced persistent teenagers
If you ask some of the top cybersecurity leaders in the field what’s on their worry list, you might not expect bored teenagers to be top of mind. But in recent years, this entirely new generation of money-driven cybercriminals has caused some of the biggest hacks in history and shows no sign of slowing down.
November 1st, 2024 — Source

US, Israel Describe Iranian Hackers’ Targeting of Olympics, Surveillance Cameras
The US and Israel have published an advisory describing the latest activities of Iranian cyber firm Emennet Pasargad, now called Aria Sepehr Ayandehsazan.
November 1st, 2024 — Source

What the CrowdStrike Crash Exposed About the Future of Software Testing
Leveraging automated software testing to mitigate costly failures in today’s fast-evolving and complex digital landscape.
November 1st, 2024 — Source

Internet — Security Issues — October 30th, 2024

Android Trojan that intercepts voice calls to banks just got more stealthy
FakeCall malware can reroute calls intended for banks to attacker-controlled numbers.
October 30th, 2024 — Source

Australia's new digital ID scheme falls short of global privacy standards. Here's how it can be fixed
Australia's new digital ID system promises to transform the way we live. All of our key documents, such as driver's licenses and Medicare cards, will be in a single digital wallet, making it easier for us to access a range of services.
October 30th, 2024 — Source

Canadian Centre for Cyber Security releases National Cyber Threat Assessment 2025-2026
The Canadian Centre for Cyber Security (Cyber Centre) has released its National Cyber Threat Assessment 2025-2026 (NCTA 2025-2026). As with previous assessments, it provides a snapshot of cyber threats affecting Canada and Canadians and forecasts how they may evolve in the coming years. The Cyber Centre’s flagship report helps build Canada’s resilience to cyber threats.
October 30th, 2024 — Source

CISA Opens Election War Room to Combat Escalating Threats
United States' Top Cyber Defense Agency Mobilizes Nationwide Election Support Hub
October 30th, 2024 — Source or Source or Source or Source or Source

Colorado Accidentally Put Voting System Passwords Online, but Officials Say Election Is Secure
Voting system passwords were mistakenly put on the Colorado Secretary of State’s website for several months before being spotted and taken down.
October 30th, 2024 — Source

Data Loss Prevention Startup MIND Emerges From Stealth With $11M in Funding
MIND has emerged from stealth mode with a data loss prevention (DLP) solution and $11 million in seed funding.
October 30th, 2024 — Source

Delta Air Lines' IT Outage Lawsuit: CrowdStrike Countersues
Vendor Blames Delta's Outage Severity on Its 'Own Response and IT Infrastructure'
October 30th, 2024 — Source or Source or Source or Source or Source

Do Leading AI Models Comply With the EU AI Act?
New Compliance Tool Say Many AI Firms Fail to Meet Security, Fairness Standards
October 30th, 2024 — Source or Source or Source or Source

Enterprises increase use of Apple products driven by security and user preference
A new report from Apple endpoint management specialist Kandji shows that 73 percent of organizations report that their number of Apple products has increased over the last year, driven primarily by employee preference (76 percent), security (50 percent), and reliability (43 percent).
October 30th, 2024 — Source

FakeCall Android Trojan Evolves with New Evasion Tactics and Expanded Espionage Capabilities
The FakeCall Android banking trojan now employs advanced evasion tactics and expanded surveillance capabilities, posing heightened risks for banks and enterprises.
October 30th, 2024 — Source

FBI: Upcoming U.S. general election fuel multiple fraud schemes
The Federal Bureau of Investigation (FBI) is warning of multiple schemes taking advantage of the upcoming U.S. general election to scam people out of their money or personal data.
October 30th, 2024 — Source

Filigran Expands AI-Driven Threat Intel With $35M Series B
Insight Partners-Led Round Boosts US Growth, Fuels Threat Intelligence for Filigran
October 30th, 2024 — Source or Source or Source or Source or Source

Hackers steal 15,000 cloud credentials from exposed Git config files
A large-scale malicious operation named "EmeraldWhale" scanned for exposed Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories.
October 30th, 2024 — Source

Health monitoring devices at risk of being hacked, study shows
Billions of people around the world are using internet-connected medical devices to monitor their health, but could be putting themselves at risk of hackers using their data for unhealthy reasons, according to a new cybersecurity study.
October 30th, 2024 — Source

Immuta Data Marketplace automates data access workflows
Immuta announced an expansion of its platform with the launch of a new Data Marketplace solution to power fast and safe internal data sharing.
October 30th, 2024 — Source

Kaseya 365 User helps MSPs to protect user data
Kaseya announced Kaseya 365 User, joining Kaseya 365 Endpoint which launched in April 2024. Kaseya 365 User gives managed service providers (MSPs) the ability to help their customers prevent, respond to and recover from threats to user identity and security.
October 30th, 2024 — Source or Source

Largest U.S. healthcare data breach exposes medical records of 100 million customers
While the hack happened in February, the total of those affected has finally been revealed.
October 30th, 2024 — Source

Microsoft issues warning for ongoing Russia-affiliated spear-phishing campaign
The threat actor behind the 2020 SolarWinds attacks has a new intelligence-gathering operation.
October 30th, 2024 — Source

Microsoft Warns of Ongoing Russian Intelligence Campaign
Russian SVR Targeting Government, Academia, Defense Organizations Globally
October 30th, 2024 — Source or Source or Source or Source or Source

Microsoft Warns of Russian Spear-Phishing Attacks Targeting Over 100 Organizations
Microsoft says a new spear-phishing campaign by Russia’s Midnight Blizzard uses RDP files, a new vector for this threat group.
October 30th, 2024 — Source

National Cyber Threat Assessment 2025-2026
The Canadian Centre for Cyber Security (Cyber Centre) is Canada’s technical authority on cyber security. Part of the Communications Security Establishment Canada (CSE), we are the single unified source of expert advice, guidance, services, and support on cyber security for Canadians and Canadian organizations.
October 30th, 2024 — Source

Neon Authorize: Granular access controls at the database layer
Neon, the serverless Postgres database built for developers, launched Neon Authorize. It enables developers to manage permissions and access controls with ease.
October 30th, 2024 — Source

No Matter What the Bank Says, It's YOUR Money, YOUR Data, and YOUR Choice
The Consumer Finance Protection Bureau (CFPB) has just finalized a rule that makes it easy and safe for you to figure out which bank will give you the best deal and switch to that bank, with just a couple of clicks.
October 30th, 2024 — Source

North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions.
October 30th, 2024 — Source

Operation Magnus: Joint Law Enforcement Operation Targets Major Infostealer Networks
In a sweeping international effort, the U.S. Department of Justice, Federal Bureau of Investigation, and multiple global law enforcement agencies have exposed "Operation Magnus," targeting two of the world's most notorious information-stealing malware networks, RedLine Stealer and META.
October 30th, 2024 — Source

Police Move Against RedLine & Meta Infostealers: Will They Make Arrests?
Working in close cooperation with the FBI and other international law enforcement partners, Operation Magnus claims to have disrupted the distribution of Redline and META infostealers.
October 30th, 2024 — Source

Product showcase: Shift API security left with StackHawk
With the proliferation of APIs, and the speed at which AI functionality is helping fuel innovation, a strategic approach for securing APIs is no longer a nice to have, it’s a criticality. Without a proactive approach, your APIs could become easy targets for attackers. StackHawk is here to flip the script by offering a proactive, Shift-left API security solution that helps organizations secure their APIs from the start, not after it’s too late.
October 30th, 2024 — Source

Quickstart Guide to Cleaning Data and Building Reporting Dashboards
Navigating the world of data management can often feel like a daunting task, especially when faced with messy datasets that seem to defy order. If you’ve ever spent hours manually cleaning data in Excel, only to find yourself repeating the same tedious tasks over and over, you’re not alone
October 30th, 2024 — Source

Recent Version of LightSpy iOS Malware Packs Destructive Capabilities
A newer version of the LightSpy malware for iOS includes over a dozen new plugins, many with destructive capabilities.
October 30th, 2024 — Source

Russia fines Google $20.5 decillion for blocking YouTube channels
The estimated global GDP is $100 trillion
October 30th, 2024 — Source

Russian hackers deliver malicious RDP configuration files to thousands
Midnight Blizzard – a cyber espionage group that has been linked to the Russian Foreign Intelligence Service (SVR) – is targeting government, academia, defense, and NGO workers with phishing emails containing a signed Remote Desktop Protocol (RDP) configuration file.
October 30th, 2024 — Source

Russian spies use remote desktop protocol files in unusual mass phishing drive
The prolific Midnight Blizzard crew cast a much wider net in search of scrummy intel
October 30th, 2024 — Source

Seclore secures sensitive intellectual property and data in CAD files
Seclore announced the extension of its Seclore Enterprise Digital Rights Management (EDRM) capabilities to support neutral or interoperable computer-aided design (CAD) files for industries that create, manage, and share intellectual property (IP). The support for neutral CAD files creates better visibility for manufacturers with compliance reporting and auditing needs.
October 30th, 2024 — Source

Secure messaging through distributed messages
Most internet communications today rely on the TLS (Transport Layer Security) protocol, which protects against eavesdropping on the network, but not against access by service providers themselves. While end-to-end encryption (E2EE) ensures only the sender and recipient can read the messages, existing solutions are often not user-friendly or widely adopted.
October 30th, 2024 — Source

State Forces ENT Practice to Spend $2.25M on Better Security
NY AG Action and $1M Fine Follow Back-to-Back Hacks That Affected 224,500 in 2023
October 30th, 2024 — Source or Source or Source or Source or Source

Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland
Synology, QNAP and TrueNAS have started patching and mitigating the vulnerabilities exploited recently at Pwn2Own Ireland 2024.
October 30th, 2024 — Source

The best antivirus software and apps you can buy
Protect yourself this holiday season with the best antivirus software of 2024, tested and picked by our experts.
October 30th, 2024 — Source

The cybsecurity problems and opportunities facing open-source startups
Open-source software is everywhere, and in everything.Many startups are pursuing explicitly open-source business models. But every company out there that builds software has at least some dependency on open-source code. Recent security issues, however, have made it plain that open-source software is a target for state-level hackers.
October 30th, 2024 — Source or Watch Video

WhiteRabbitNeo: High-Powered Potential of Uncensored AI Pentesting for Attackers and Defenders
Version 2.5 of WhiteRabbitNeo is designed to think like a seasoned red team expert, capable of identifying and exploiting vulnerabilities with remarkable speed and precision.
October 30th, 2024 — Source

X makes its basic API tier more costly, launches annual subscriptions
Elon Musk-owned social network X made changes to its API pricing and limits today and also announced annual plans with a discounted rate.
October 30th, 2024 — Source

XM Cyber Vulnerability Risk Management boosts prioritization with actual impact analysis
XM Cyber launched its innovative Vulnerability Risk Management (VRM) solution, extending its Continuous Exposure Management Platform.
October 30th, 2024 — Source

Internet — Security Issues — October 28th, 2024

Abstract Security Raises $15 Million in Series A Funding

Abstract Security has raised $15 million in an oversubscribed Series A funding round led by Munich Re Ventures.
October 28th, 2024 — Source

Armis raises $200 million to fuel growth strategy

Armis announced the close of a $200 million Series D round of investment, increasing its total company valuation to a new high of $4.2 billion.
October 28th, 2024 — Source

Black Basta operators phish employees via Microsoft Teams

Black Basta ransomware affiliates are still trying to trick enterprise employees into installing remote access tool by posing as help desk workers, now also via Microsoft Teams.
October 28th, 2024 — Source

Cop Companies Want All Your Data and Other Takeaways from This Year's IACP Conference

Artificial intelligence dominated the technology talk on panels, among sponsors, and across the trade floor at this year's annual conference of the International Association of Chiefs of Police (IACP).
October 28th, 2024 — Source

Cyber Guru Raises $25 Million for Training Platform

Cybersecurity training provider Cyber Guru has raised $25 million in a Series B funding round led by Riverside Acceleration Capital.
October 28th, 2024 — Source

Delta Air Lines Sues CrowdStrike Over July System Meltdown

Lawsuit Compares Botched Software Update to Hacking
October 28th, 2024 — Source or Source or Source or Source

Delta officially launches lawyers at $500M CrowdStrike problem

Legal action comes months after alleging negligence by Falcon vendor
October 28th, 2024 — Source

Delta Sues Cybersecurity Firm CrowdStrike Over Tech Outage That Canceled Flights

Delta Air Lines has sued CrowdStrike, claiming the cybersecurity company had cut corners and caused a worldwide technology outage that led to thousands of canceled flight in July.
October 28th, 2024 — Source

Don't Let a Third-Party Data Breach Destroy Your Institution's Reputation

Strategies for Safeguarding Data and Reputation at Financial Institutions
October 28th, 2024 — Source or Source or Source

Dutch Police and FBI Infiltrate Info-Stealer Infrastructure
Cops Recover Redline, Meta Infostealer Data; Promise Criminal Users: 'See You Soon'
October 28th, 2024 — Source or Source or Source or Source

Entrust helps banks fight fraud during account opening

Entrust announced an all-in-one consumer banking platform that allows banks and credit unions to provide high-assurance security throughout the customer lifecycle -- from account opening to financial credential issuance to on-going, everyday transactions and interactions.
October 28th, 2024 — Source

ExtremeCloud Universal ZTNA enhancements boost visibility and security

Extreme Networks introduced new features within ExtremeCloud Universal Zero Trust Network Access (ZTNA), an identity-based network access solution.
October 28th, 2024 — Source

Filigran raises $35 million to drive global expansion

Filigran announces the completion of its $35 million Series B fundraise, led by global software investor Insight Partners, with continued support from existing investors Accel and Moonfire.
October 28th, 2024 — Source

Filigran Secures $35M Investment to Disrupt Threat Intel

French startup scores investments from Insight Partners, Accel and Moonfire, bringing the total raised to $56 million.
October 28th, 2024 — Source

Four REvil Ransomware Group Members Sentenced to Prison in Russia

Four members of the REvil ransomware group, arrested in 2022, were last week sentenced to prison by a Russian court.
October 28th, 2024 — Source

Free, France's second largest ISP, confirms data breach after leak

Free, a major internet service provider (ISP) in France, confirmed over the weekend that hackers breached its systems and stole customer personal information.
October 28th, 2024 — Source

Google Invests in Alternative Neutral Atom Quantum Technology

Google invested in QuEra Computing, which is developing a very different and potentially rival quantum computer technology.
October 28th, 2024 — Source

Jumio Liveness detects various sophisticated spoofing attacks

Jumio unveiled Jumio Liveness, an enhanced, in-house technology designed to address increasingly sophisticated fraud tactics. This solution expands beyond traditional presentation attacks, such as paper or screen copies, and employs sophisticated AI models to block advanced threats like injection attacks and deepfakes.
October 28th, 2024 — Source

Key Federal Cyber Panel to Probe Chinese Telecoms Hacking

Cyber Safety Review Board to Examine Beijing-Linked Telecom Breaches
October 28th, 2024 — Source or Source or Source or Source

Russia Tied to Ukrainian Military Recruit Malware Targeting

Anti-Mobilization Messaging Lead to Malware-Pushing 'Civil Defense' Site
October 28th, 2024 — Source or Source or Source

Police hacks, disrupts Redline, Meta infostealer operations

The Dutch National Police, along with partner law enforcement agencies, has disrupted the operation of the Redline and Meta infostealers and has collected information that may unmask users who paid to leverage the infamous malware.
October 28th, 2024 — Source

Socure Acquires Risk Decisioning Company Effectiv for $136M

Predictive analytics firm Socure will spend $136 million to acquire Effectiv, a provider of fraud and risk decisioning technologies.
October 28th, 2024 — Source

Internet — Security Issues — October 25th, 2024

A Vulnerability in Fortinet FortiManager Could Allow for Remote Code Execution

A vulnerability has been discovered in Fortinet FortiManager which could allow for remote code execution. FortiManager is a network and security management tool that provides centralized management of Fortinet devices from a single console. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution in the context of the system. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
October 25th, 2024 — Source

Apple offers $1 million for hackers to test Apple Intelligence’s Private Cloud Compute

Apple has opened up its Private Cloud Compute (PCC) to researchers, offering up to $1 million to anyone who finds a hole in the secure cloud platform that supports its Apple Intelligence features. The first handful of Apple Intelligence features are about to roll out next week.
October 25th, 2024 — Source

AuthenticID360 blocks AI-generated IDs during digital onboarding

AuthenticID released AuthenticID360, its new holistic identity verification platform. AuthenticID360 delivers robust verification and risk signaling capabilities, including a 2-second response time for identity transactions.
October 25th, 2024 — Source

AWS Seizes Domains Used by Russia’s APT29

AWS announced the seizure of domains used by Russian hacker group APT29 in phishing attacks targeting Ukraine and other countries.
October 25th, 2024 — Source

Black Basta ransomware poses as IT support on Microsoft Teams to breach networks

The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack.
October 25th, 2024 — Source

Change Healthcare Cyberattack Exposed Data of Over 100 Million People

Threat actors accessed the private health information of more than 100 million people in the February breach of Change Healthcare — the largest-ever health care data breach reported to federal regulators — the U.S. Office for Civil Rights revealed on Oct. 22.
October 25th, 2024 — Source

Chinese Hackers Reportedly Targeted Trump, Vance Phones

FBI Probing 'Specific Malicious Activity Targeting' Telecommunications Providers
October 25th, 2024 — Source or Source or Source or Source

Concentric AI Secures $45M Series B Funding to Expand DSPM Tech

Concentric AI banks capital to compete in the data security governance market that includes DSPM and Data Access Governance technologies.
October 25th, 2024 — Source

Concentric AI Secures $45M Series B to Expand Data Security

Top Tier Capital, HarbourVest Support Concentric's Path to Autonomous Data Security
October 25th, 2024 — Source or Source or Source or Source or Source or Source

Europol Details Pursuit of LockBit Ransomware Affiliates

Operation Cronos Prioritized Disrupting Criminal Trust in the Group, Official Says
October 25th, 2024 — Source or Source or Source or Source or Source

Exploited: Cisco, SharePoint, Chrome vulnerabilities

Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google’s Chrome browser (CVE-2024-4947).
October 25th, 2024 — Source

Hackers Probing Newly Disclosed Fortinet Zero-Day

Mandiant Says High-Severity Flaw Could Give Attackers Remote Unauthenticated Access
October 25th, 2024 — Source or Source or Source or Source or Source

How to crack your forgotten passwords

Forget your password? Try these free tools.
October 25th, 2024 — Source

In Other News: CVE Turns 25, Henry Schein Data Breach, Reward for Shahid Hemmat Hackers

Noteworthy stories that might have slipped under the radar: CVE Program celebrates 25th anniversary, one year after ransomware attack Henry Schein says 160,000 are impacted, US offering rewards for Shahid Hemmat hackers.
October 25th, 2024 — Source

Landmark Admin Discloses Data Breach Impacting 800,000 People

Insurance administrator Landmark Admin says personal information stolen in a ransomware attack earlier this year.
October 25th, 2024 — Source

LinkedIn Fined 310 Million Euros for Privacy Violations

Irish Data Protection Commission Cites Social Platform for GDPR Violations
October 25th, 2024 — Source or Source or Source or Source or Source

LinkedIn Hit With 310 Million Euro Fine for Data Privacy Violations From Irish Watchdog

LinkedIn has received a 310 million euro fine from Ireland’s Data Protection Commission for data privacy violations.
October 25th, 2024 — Source

New Rules for US National Security Agencies Balance AI’s Promise With Need to Protect Against Risks

New rules from the White House on AI use by US national security and spy agencies aim to balance the technology’s promise with the need to protect against risks.
October 25th, 2024 — Source

OnePoint Patient Care Data Breach Impacts Nearly 800,000 People

OnePoint Patient Care has disclosed a data breach impacting the personal information of nearly 800,000 individuals.
October 25th, 2024 — Source

Over $1 Million Paid Out at Pwn2Own Ireland 2024

Pwn2Own Ireland 2024 participants have earned over $1 million for camera, printer, NAS device, smart speaker and smartphone exploits.
October 25th, 2024 — Source

Proof Verify reduces false positives and improves fraud detection accuracy

Proof launched Verify, a live face-to-face experience that delivers high-level assurance with identity verification performed in the presence of an agent, reducing the risk of fraudulent activities such as deepfakes by ensuring that users are legitimate.
October 25th, 2024 — Source

Russia sentences REvil ransomware members to over 4 years in prison

Russia has sentenced four members of the REvil ransomware operation to over 4 years in prison for distributing malware and illegal circulation of means of payment.
October 25th, 2024 — Source

SEC fines tech companies for misleading SolarWinds disclosures

The Securities and Exchange Commission charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially misleading disclosures regarding cybersecurity risks and intrusions. The SEC also charged Unisys with disclosure controls and procedures violations.
October 25th, 2024 — Source

Singapore Requires Banks, Telecoms to Prevent Scams

SMS Impersonation Scam Victims Must Be Made Whole
October 25th, 2024 — Source or Source or Source or Source

SMG Editors: 2024 Election Security, Tackling Global Threats

Examining Cyberthreats, Foreign Tactics Aimed at 2024 U.S. Election
October 25th, 2024 — Source or Source or Source or Source or Source

Top 10 Malware Q3 2024

In Q3 2024, the Top 10 Malware observed via the MS-ISAC’s monitoring services changed moderately from the previous quarter. The downloader, SocGholish, continued to lead as the top malware, making up 42% of the list. Following SocGholish were the downloaders LandUpdate808 and ClearFake. This quarter marked the first time the MS-ISAC observed either of these downloaders in its quarterly Top 10 Malware list.
October 25th, 2024 — Source

UnitedHealth Confirms 100M People’s Data Stolen in Largest U.S. Healthcare Breach

According to Change Healthcare’s notification to the Department of Health and Human Services (HHS), approximately 100 million individuals have been notified about the breach.
October 25th, 2024 — Source or Source

Updated Qilin Ransomware Escalates Encryption and Evasion

Rust-Based Ransomware Employs Aggressive Anti-Detection Tactics
October 25th, 2024 — Source or Source or Source or Source or Source

US, Australia Release New Security Guide for Software Makers

CISA, FBI, and ACSC have published guidance to help software manufacturers establish secure deployment processes.
October 25th, 2024 — Source

What's in Store for HIPAA Regulations

How Might Election Outcome Affect HHS' Healthcare Cyber Work?
October 25th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — October 22nd, 2024

AI video generation expert discusses the technology's rapid advances—and its current limitations

This presidential cycle has already seen several high-profile examples of people using deepfakes to try to influence voters. Deepfakes are images, audio recordings, or videos generated or modified using artificial intelligence (AI) models to depict real or fictional people. Recent deepfake examples include manipulated audio of Joe Biden urging voters to stay home during primaries and fabricated images of Taylor Swift endorsing Donald Trump.
October 23rd, 2024 — Source

Akira ransomware is encrypting victims again following pure extortion fling

Crooks revert to old ways for greater efficiency
October 23rd, 2024 — Source

Best Antivirus Software for 2024

Protect your devices with these CNET-approved antivirus programs.
October 23rd, 2024 — Source

BlackCat Ransomware Successor Cicada3301 Emerges

The Cicada3301 ransomware shows multiple similarities with BlackCat and is believed to mark the reemergence of the threat.
October 23rd, 2024 — Source

Bumblebee Malware Loader Resurfaces Following Law Enforcement Takedown

New malicious campaign suggests the Bumblebee malware loader might be resurfacing following the May 2024 law enforcement takedown.
October 23rd, 2024 — Source

CEOs Levy, Thomas on Perks of $859M Sophos-Secureworks Deal

$859M Purchase Targets Secureworks' XDR Platform to Enhance Sophos' MDR Offerings
October 23rd, 2024 — Source or Source or Source

CISA Ramping Up Election Security Warnings as Voting Begins

US Cyber Defense Agency Says Election Is Secure Despite Intensifying Threat
October 23rd, 2024 — Source or Source or Source or Source or Source

Cranium Detect AI accelerates AI governance

Cranium launched Detect AI, an AI discovery tool at scale. With this launch, Cranium is extending its platform capabilities to include visibility and access across an organization's AI instances, which enables security and compliance teams to uncover and label all AI systems within hours, instead of days or weeks.
October 23rd, 2024 — Source

Critical Vulnerabilities Expose mbNET.mini, Helmholz Industrial Routers to Attacks

Critical and high-severity vulnerabilities that can lead to full device compromise have been found in mbNET.mini and Helmholz industrial routers.
October 23rd, 2024 — Source

Dangers of the metaverse and VR for US youth revealed in new research

The metaverse, a space where the lines between physical and digital realities blur, is rising among younger populations. As of March, 33% of teens own a virtual reality (VR) device and 13% use it weekly.
October 23rd, 2024 — Source

Dental Center Chain Settles Data Breach Lawsuit for $2.7M

2023 Hacking Incident Affected 1.9 Million Patients, Employees
October 23rd, 2024 — Source or Source or Source or Source or Source

EFF to Massachusetts' Highest Court: Pretrial Electronic Monitoring Should Not Eviscerate Privacy Rights

When someone is placed on location monitoring for one purpose, it does not justify law enforcement's access to that information for a completely different purpose without a proper warrant.
October 23rd, 2024 — Source

Facebook and Instagram bring back facial recognition to 'protect people'

Do you trust Meta to scan and analyze your face?
October 23rd, 2024 — Source

Fastly DDoS Protection blocks malicious traffic

Fastly released Fastly DDoS Protection to provide automatic protection from Layer 7 and other application-level DDoS attacks.
October 23rd, 2024 — Source

Google Messages adds enhanced scam detection tools

There's also a forthcoming feature to disable texts from unknown international senders.
October 23rd, 2024 — Source

Google Warns of Samsung Zero-Day Exploited in the Wild

A zero-day vulnerability in Samsung mobile processors has been abused as part of an exploit chain for arbitrary code execution.
October 23rd, 2024 — Source

Hackers infect thousands of WordPress sites with malware plugins

The world's most popular website platform is under attack via bogus malicious plugins.
October 23rd, 2024 — Source

Helping Medical Device Makers Meet Latest Cyber Expectations

Medcrypt's Axel Wirth and Velentium's Christopher Gates on Top Security Challenges
October 23rd, 2024 — Source or Source or Source

How AI Can Eliminate Graymail to Increase Employee Productivity

The trend toward remote working over the last several years has bred all kinds of tools intended to help us improve productivity and facilitate easier, faster digital communications with colleagues. So why does workplace productivity still feel impossible to achieve?
October 23rd, 2024 — Source or Source or Source or Source

IBM Guardium Data Security Center protects hybrid cloud and AI

As hybrid cloud-, AI-, and quantum-related risks upend the traditional data security paradigm, IBM is launching IBM Guardium Data Security Center -- allowing organizations to protect data in any environment, throughout its full lifecycle, and with unified controls.
October 23rd, 2024 — Source

ICS Detection Improves, Response Still Lacking

SANS Survey Finds Incident Detection Improving
October 23rd, 2024 — Source or Source or Source or Source or Source

Insurance Firm Johnson & Johnson Discloses Data Breach

Johnson & Johnson has disclosed a data breach impacting the personal information of thousands of people.
October 23rd, 2024 — Source

Ivanti Neurons for App Control strengthens endpoint security

Ivanti introduced Ivanti Neurons for App Control, which safeguards devices from unauthorized applications.
October 23rd, 2024 — Source

Latrodectus Malware Increasingly Used by Cybercriminals

Latrodectus malware has been increasingly used by cybercriminals, with recent campaigns targeting the financial, automotive and healthcare sectors.
October 23rd, 2024 — Source

New group of digital criminals are exploiting the United States' financial systems

Cryptocurrency fraud in Nigeria is exclusively committed by young men, with 100% of convicted fraudsters being male and nearly two-thirds under the age of 30, according to a new study from the University of Surrey. The United States is firmly in the sights of these criminals, with 55% of all cases involving American targets.
October 23rd, 2024 — Source

Palo Alto Networks Adds New Capabilities to OT Security Solution

Palo Alto Networks has added new remote access, virtual patching and firewall capabilities to its OT Security solution.
October 23rd, 2024 — Source

Researchers Debut AI Tool That Helps Detect Zero-Days
Vulnerability Tool Detected Flaws in OpenAI and Nvidia APIs Used in GitHub Projects
October 23rd, 2024 — Source or Source or Source or Source or Source

Retaining EU Adequacy Crucial to UK Economy: Lawmaker

Europe Will Renew or Deny Data Sharing Agreement in June
October 23rd, 2024 — Source or Source or Source or Source or Source

Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)

Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered.
October 23rd, 2024 — Source

Palo Alto Networks extends security into harsh industrial environments

The convergence of IT and operational technology (OT) and the digital transformation of OT have created new opportunities for innovation and efficiency in critical Industrial Automation and Control Systems. However, these advancements also broaden the potential attack surface, making it even more crucial to improve and extend security for OT environments.
October 23rd, 2024 — Source

SailPoint Machine Identity Security reduces the risk associated with unmanaged machine identities

SailPoint launched SailPoint Machine Identity Security, a new Identity Security Cloud product.
October 23rd, 2024 — Source

SEC Charges Avaya, Unisys Over 'Misleading' Security Disclosures

The SEC has fined four companies in the US for denying involvement in a massive data breach and sharing "misleading" disclosures with affected customers.
October 23rd, 2024 — Source

SEC Charges Four Companies Over Misleading Disclosures on SolarWinds Hack

The SEC announces penalties against Unisys, Avaya, Check Point and Mimecast for downplaying the impact of the SolarWinds Orion hack.
October 23rd, 2024 — Source

SEC fines four companies $7M for 'misleading cyber disclosures' regarding SolarWinds hack

The Securities and Exchange Commission (SEC) announced on Tuesday that it charged and imposed penalties on four companies for making misleading disclosures linked to the 2019 SolarWinds data breach.
October 23rd, 2024 — Source

SecurityWeek's 2024 ICS Cybersecurity Conference Kicks Off in Atlanta

Premier Industrial Cybersecurity Conference offers 80+ sessions and hands-on training to tackle critical infrastructure cyber threats.
October 23rd, 2024 — Source

Socket Accelerates Open-Source Security With $40M Series B

Socket Plans to Triple Headcount After Big Growth, Deliver Open-Source Tools Faster
October 23rd, 2024 — Source or Source or Source or Source or Source

Stream.Security Secures $30 Million Series B

Stream.Security (formerly Lightlytics) has raised a total of $55 million since launching in 2020 with a cloud data security product.
October 23rd, 2024 — Source

US Police Detective Charged With Purchasing Stolen Credentials

Terrance Michael Ciszek is charged with buying stolen account credentials from the Genesis Market dark web marketplace.
October 23rd, 2024 — Source

VMware fixes critical vCenter Server RCE bug -- again! (CVE-2024-38812)

Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn't been fully addressed the first time and could allow attackers to achieve remote code execution.
October 23rd, 2024 — Source

Will the Real Satoshi Nakamoto Please Stand Up?

Why Peter Todd May Be Another Conspiracy Theory on the Bitcoin Creator
October 23rd, 2024 — Source or Source or Source or Source

Internet — Security Issues — October 20th, 2024

Internet Archive breached again through stolen access tokens
The Internet Archive was breached again, this time on their Zendesk email support platform after repeated warnings that threat actors stole exposed GitLab authentication tokens.
October 20th, 2024 — Source

The Internet Archive hackers still have access to its internal emailing tools
Hackers began emailing replies to Internet Archive Zendesk support tickets last night.
October 20th, 2024 — Source

Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
October 20th, 2024 — Source

Internet — Security Issues — October 18th, 2024

Alabama Man Arrested in SEC Social Media Account Hack That Led the Price of Bitcoin to Spike

An Alabama man has been arrested over his role in the hacking of the SEC's X account, which led to a Bitcoin price spike.
October 18th, 2024 — Source

Arrested: USDoD, Anonymous Sudan, SEC X account hacker

Law enforcement agencies have arrested suspects involved in cyber attacks claimed by USDoD and Anonymous Sudan, as well as a person involved in the hacking of SEC's X (Twitter) account.
October 18th, 2024 — Source

AVG Internet Security review: Reliable, budget-friendly antivirus software

AVG Internet Security rounds out the company's solid antivirus software with additional online protections, while not costing too much.
October 18th, 2024 — Source

BianLian Ransomware Gang Claims Heist of Pediatric Data

Boston Children's Health Physicians Says Incident Involved Unnamed IT Vendor
October 18th, 2024 — Source

or Source or Source or Source or Source

BlackBerry Cuts Cylance Spend to Focus on Profitable Areas

Company Shifts Cyber Focus to QNX and Secure Communications as Key Growth Drivers
October 18th, 2024 — Source or Source or Source or Source

Cyber resilience versus cybersecurity: Which is more critical?

Today, it's not 'if' but 'when' any organization will be compromised. So, while it's essential to strengthen cybersecurity across the entire organization, it's also imperative to plan for a significant cyber-attack and the worst-case scenario. No business can be 100 percent secure but they can be resilient. Resilience is about continuing to thrive amidst adversity.
October 18th, 2024 — Source

Cyberrisk quantification and how to measure it [Q&A]

Enterprises face an increasing range of cybersecurity risk, but quantifying and managing those risks can be a difficult task.
October 18th, 2024 — Source

CyCognito expands automated testing capabilities

CyCognito announced several enhancements to its CyCognito Automated Security Testing (AST) product, a module in the CyCognito platform built for automated exposure validation and security testing. These additions speed the configuration of automated testing for AWS cloud environments, provide enhanced data exposure detection and augment pentesters and red teams with automated reconnaissance and prioritization of issues.
October 18th, 2024 — Source

Cyera Acquires Data Loss Prevention Firm Trail Security for $162 Million

Data security company Cyera has acquired stealth mode startup Trail Security for its data loss prevention (DLP) technology.
October 18th, 2024 — Source

ESET partner breached to send data wipers to Israeli orgs

Hackers breached ESET's exclusive partner in Israel to send phishing emails to Israeli businesses that pushed data wipers disguised as antivirus software for destructive attacks.
October 18th, 2024 — Source

Ex-NCSC Chief: UK Cyber Incident Reporting a 'Good Step'

Cyber Security and Resilience Bill Includes 72-Hour Reporting Deadline, Hefty Fines
October 18th, 2024 — Source or Source or Source

Hacker Poses as Israeli Security Vendor to Deliver Wiper

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With Malware
October 18th, 2024 — Source

How to leverage $200 million FCC program boosting K-12 cybersecurity

In 2024, the Federal Communications Commission (FCC) launched the K-12 Cybersecurity Pilot Program, a groundbreaking initiative backed by $200 million in funding. As threats escalate, educational institutions are increasingly vulnerable to cyberattacks, ranging from ransomware to data breaches.
October 18th, 2024 — Source

ISMG Editors: DSPM, DLP Converge to Reshape Data Security

Also: Impact of NIS2 Directive in Europe, Cloud Governance Challenges
October 18th, 2024 — Source or Source or Source or Source or Source

Microsoft lost some customers' cloud security logs

Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions.
October 18th, 2024 — Source

Microsoft warns of 600 million daily cyberattacks and advanced tactics by nation-state actors

Their tech tools are getting more sophisticated, too
October 18th, 2024 — Source

Military Exercises Trigger Russian DDoS Attacks on Japan

Russian Actors Disrupt Websites of Political Party, Business and Government Groups
October 18th, 2024 — Source or Source or Source or Source or Source

North Korean IT Scam Workers Shift to Extortion Tactics

Report Reveals North Korean Workers Expanding Into Intellectual Property Theft
October 18th, 2024 — Source or Source or Source or Source or Source

Omni Family Health Data Breach Impacts 470,000 Individuals

Omni Family Health has disclosed a data breach impacting nearly 470,000 current and former patients and employees.
October 18th, 2024 — Source

Organizations Faster at Detecting OT Incidents, but Response Still Lacking: Report

SANS has published its 2024 State of ICS/OT Cybersecurity report, based on a survey of over 530 critical infrastructure sector professionals.
October 18th, 2024 — Source

Protect Yourself with Surfshark's Free Data Leak Checker

In today's digital age, protecting personal information is more crucial than ever. With the increasing frequency of data breaches and cyber attacks, individuals must remain vigilant in safeguarding their sensitive data.
October 18th, 2024 — Source

Securing Cloud-Native Applications: A CISO's Perspective on Broken Access Control

Here is a CISO's perspective on preventing broken access control vulnerabilities and the components and importance of proper permission management for cloud-native apps.
October 18th, 2024 — Source

Study reveals potential top cyber threats facing health care extended reality technology

A recent study in JMIR XR and Spatial Computing identifies potential cybersecurity and privacy risks associated with using extended reality (XR) in health care settings. The study, titled "Cybersecurity and Privacy Issues in Extended Reality Health Care Applications: Scoping Review," reviews the identified potential threats posed by XR technology and strategies for mitigating these risks.
October 18th, 2024 — Source

The Horrifying Burnout of Cybersecurity Leaders: Expert Analysis

One in four cybersecurity leaders plans to quit, and a survey shows some shocking impacts of an ever-escalating job that is leading to 'cybersecurity burnout' — with constant stress on cybersecurity teams.
October 18th, 2024 — Source

Internet — Security Issues — October 16th, 2024

24% of Cybersecurity Leaders Are Ready to Quit Jobs: Here's Why
A new survey reveals that 24% of cybersecurity leaders are considering leaving their jobs, citing overwhelming stress from AI-driven attacks and malware threats.
October 16th, 2024 — Source

AI Models in Cybersecurity: From Misuse to Abuse
In a constant game of whack-a-mole, both defenders and attackers are harnessing AI to tip the balance of power in their respective favor.
October 16th, 2024 — Source

AI-driven video analyzer sets new standards in human action detection
What if a security camera could not only capture video but understand what's happening—distinguishing between routine activities and potentially dangerous behavior in real time? That's the future being shaped by researchers at the University of Virginia's School of Engineering and Applied Science with their latest breakthrough: an AI-driven intelligent video analyzer capable of detecting human actions in video footage with unprecedented precision and intelligence.
October 16th, 2024 — Source

Akamai releases Behavioral DDoS Engine for App & API Protection
Akamai has unveiled the availability of its Behavioral DDoS Engine for the App & API Protector solution. This new capability leverages machine learning for automatic, proactive protection against application-layer DDoS attacks.
October 16th, 2024 — Source

Akeyless unveils Unified Secrets and Machine Identity Platform
Akeyless announced its Unified Secrets and Machine Identity Platform, designed to address the leading cause of breaches—compromised identity credentials.
October 16th, 2024 — Source

Change Healthcare Attack Cost Estimate Reaches Nearly $2.9B
Most IT Restored, But UHG Is Still Catching Up and Aiming to Win Back Clients
October 16th, 2024 — Source or Source or Source or Source or Source

China's infosec leads accuse Intel of NSA backdoor, cite chip security flaws
Uncle Sam having a secret way into US tech? Say it ain't so
October 16th, 2024 — Source

CISA Flags Critical SolarWinds Web Help Desk Bug for In-the-Wild Exploitation
The US cybersecurity agency CISA on Tuesday added a recent SolarWinds Web Help Desk (WHD) bug to its Known Exploited Vulnerabilities (KEV) catalog, warning of its in-the-wild exploitation.
October 16th, 2024 — Source

Code Execution, Data Tampering Flaw in Nvidia NeMo Gen-AI Framework
Artificial intelligence tech giant Nvidia issues a warning for code execution and data tampering security problems in the NeMo platform.
October 16th, 2024 — Source

Critical hardcoded SolarWinds credential now exploited in the wild
Another blow for IT software house and its customers
October 16th, 2024 — Source

Dane Stuckey Joins OpenAI as CISO
Former Palantir CISO joins ChatGPT maker OpenAI to lead cybersecurity efforts.
October 16th, 2024 — Source

Deepfake lovers swindle victims out of $46M in Hong Kong AI scam
Scammers used AI deepfake tools to create fake online personas, tricking victims in video calls.
October 16th, 2024 — Source

Defenders must adapt to shrinking exploitation timelines
A new report from Mandiant reveals that the average time-to-exploit vulnerabilities before or after a patch is released has plunged to just five days in 2023, down from 32 days in 2021 in 2022.
October 16th, 2024 — Source

Dell Drops an Extra $700 Off Alienware's Slimmest and Lightest Gaming Laptop
The Alienware x14 gaming laptop is priced just under $1,000.
October 16th, 2024 — Source

Engaging Executives: How to Present Cybersecurity in a Way That Resonates
Getting buy-in can be difficult. Safe-U founder and CEO Jorge Litvin explains how to create a common language between the CISO and the rest of the C-suite.
October 16th, 2024 — Source

ExtraHop RevealX enhancements accelerate investigation workflows
ExtraHop unveiled new network-based file analysis capabilities in ExtraHop RevealX to detect malware, combat ransomware, and help prevent data loss.
October 16th, 2024 — Source

Google Pays Out $36,000 for Severe Chrome Vulnerability
Google has released Chrome 130 in the stable channel to resolve 17 vulnerabilities, including 13 reported by external researchers.
October 16th, 2024 — Source

Healthcare AI Moves Beyond Conventional Use Cases
Integrated, Multimodal AI Approach Focuses on Better Care Through Data Insights
October 16th, 2024 — Source

October 16th, 2024 — Source or Source or Source or Source or Source

Identity Security: How to Reduce Cyber Risk in Manufacturing
Trane's Aaron Havenar on the Balance of Automation and Efficiency
October 16th, 2024 — Source or Source

Internet Archive wobbles back online, with limited functionality
DDoS detectives deduce Mirai used to do the deed, using home entertainment boxes in Korea, China, and Brazil
October 16th, 2024 — Source

Joint cyber security advisory: Iranian cyber actors using brute force to compromise critical infrastructure organizations
The Communications Security Establishment Canada (CSE) and its Canadian Centre for Cyber Security (Cyber Centre) join the following partners to warn of Iranian cyber actors' frequent use of brute force to compromise organizations across multiple critical infrastructure sectors.
October 16th, 2024 — Source

Lookout offers protection against social engineering and executive impersonation attacks
Lookout announced new features for its Mobile Threat Defense (MTD) solution, Lookout Mobile Endpoint Security. These advancements provide comprehensive protection against two fast-growing advanced social engineering tactics: smishing (SMS phishing) and executive impersonation fraud texts.
October 16th, 2024 — Source

Malicious ads exploited Internet Explorer zero day to drop malware
The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data.
October 16th, 2024 — Source

Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site
Microsoft has patched 'critical' privilege escalation and information disclosure vulnerabilities in Power Platform, Dataverse and the Imagine Cup website.
October 16th, 2024 — Source

New tool checks to see if your data has been leaked. Try it now.
A necessary tool amid endless reports of data breaches.
October 16th, 2024 — Source

Okta helps protect business before, during and after authentication
Okta announced new Workforce Identity Cloud capabilities to address top security challenges such as unmanaged SaaS service accounts, governance risks, and identity verification. As part of a unified approach, these innovations help protect business before, during and after authentication, providing greater control, visibility, and streamlined user experience.
October 16th, 2024 — Source

Oracle Patches Over 200 Vulnerabilities With October 2024 CPU
Oracle has released 334 new security patches to address roughly 220 unique CVEs as part of its October 2024 Critical Patch Update.
October 16th, 2024 — Source

OT Risk Management Firm DeNexus Raises $17.5 Million
DeNexus offers an AI and ML-driven data analytics platform that focuses on managing the cyber risk to the underserved operational technology of critical industries.
October 16th, 2024 — Source

Over 80 percent of hackers believe the AI threat landscape is moving too fast to secure
A new report from Bugcrowd finds 82 percent of ethical hackers and researchers on the platform believe that the AI threat landscape is evolving too fast to adequately secure.
October 16th, 2024 — Source

Passkey News: FIDO Unveils New Specifications, Amazon Announces 175 Million Users
FIDO Alliance has published new specifications for securely moving passkeys across providers, as Amazon announced 175 million passkey users.
October 16th, 2024 — Source

Product showcase: Secure and scale your network with NordLayer's advanced security solutions
Cybersecurity threats have become increasingly prevalent and sophisticated in recent years, posing significant risks to businesses of all sizes. In 2023, there were 3,122 data breaches affecting approximately 349 million victims, highlighting the urgent need for robust network security solutions in our fast-paced, distributed work environments.
October 16th, 2024 — Source

Sonar Adds Code Architecture Insights With Structure101 Buy
New Features From Structure101 Simplify Code Structure, Future-Proof Development
October 16th, 2024 — Source or Source or Source or Source or Source

Swift launches AI-powered fraud detection service
Swift announced that it is rolling out new AI-enhanced fraud detection to help the global payments industry step up its defence as bad actors grow increasingly sophisticated.
October 16th, 2024 — Source

The best malware protection software to keep you safe from online threats
Don't be a hero.
October 16th, 2024 — Source

TrickMo Trojan Variants Target Device Unlock Codes
New Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility Features
October 16th, 2024 — Source or Source or Source or Source or Source

Two Sudanese brothers accused of launching a dangerous series of DDoS attacks
The pair allegedly tried to hack dozens of hospitals, digital services, government agencies and Israel's missile alert system.
October 16th, 2024 — Source

UK Reports 50% Spike in 'Nationally Significant' Incidents
New NCSC Chief Also Warns of Threefold Increase in Severe Cyberattacks
October 16th, 2024 — Source or Source or Source or Source or Source

Understand these seven password attacks and how to stop them
Hackers are always looking for new ways to crack passwords and gain access to your organization's data and systems. So how can you ensure you're taking the right steps to defend your business?
October 16th, 2024 — Source

US disrupts Anonymous Sudan DDoS operation, indicts 2 Sudanese brothers
The United States Department of Justice unsealed an indictment today against two Sudanese brothers suspected of being the operators of Anonymous Sudan, a notorious and dangerous hacktivist group known for conducting over 35,000 DDoS attacks in a year.
October 16th, 2024 — Source

US Indicts Sudanese Brothers for Anonymous Sudan Attacks
FBI Disrupted DDoS Group in March
October 16th, 2024 — Source or Source or Source or Source or Source

Varsity Brands Data Breach Impacts 65,000 People
Apparel giant Varsity Brands has disclosed some information about a data breach impacting more than 65,000 individuals.
October 16th, 2024 — Source

VMware Patches High-Severity SQL Injection Flaw in HCX Platform
VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager.
October 16th, 2024 — Source

Windows users are exposed to over 600 million cyber attacks every day
A new report from Microsoft reveals just how widespread cyber threats have become.
October 16th, 2024 — Source

Zscaler Report: Mobile, IoT, and OT Cyber Threats Surge in 2024
A new report from cloud security company Zscaler sheds light on the growing mobile threats on Android operating systems, as well as IoT and OT devices threats. The findings come as more than 60% of the global Internet traffic is now generated by mobile devices and financially-oriented mobile threats have grown by 111% over the last year.
October 16th, 2024 — Source

Internet — Security Issues — October 13th, 2024

Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emirates and the Gulf region.
October 13th, 2024 — Source

Meet the Chinese 'Typhoon' hackers preparing for war
Of the cybersecurity risks facing the United States today, few loom larger than the potential sabotage capabilities posed by China-backed hackers, which top U.S. officials have described as an "epoch-defining threat."
October 13th, 2024 — Source

Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here's an overview of some of last week's most interesting news, articles, interviews and videos:
October 13th, 2024 — Source

What We Learned from the American Water Cyber Attack: Expert Analysis
On October 3, the largest U.S. water utility, American Water — which provides services to 14 million people across 24 states — was hit by another cyber attack targeting the sector.
October 13th, 2024 — Source

Internet — Security Issues — October 12th, 2024

Qualcomm Confirms Security Vulnerability in Android Devices
Qualcomm has confirmed that hackers have exploited a zero-day vulnerability in its chipsets, affecting millions of Android smartphones worldwide. The vulnerability, unknown to Qualcomm when it was first abused, was discovered in dozens of chipsets.
October 12th, 2024 — Source

Internet — Security Issues — October 11th, 2024

Beyond Proof of Concepts: Will Gen AI Live Up to the Hype?
How Gen AI Is Evolving From Experimentation to Driving Major Business Impact
October 11th, 2024 — Source

Casio confirms customer data stolen in a ransomware attack
Casio now confirms it suffered a ransomware attack earlier this month, warning that the personal and confidential data of employees, job candidates, and some customers was also stolen.
October 11th, 2024 — Source

CISA: Hackers abuse F5 BIG-IP cookies to map internal servers
CISA is warning that threat actors have been observed abusing unencrypted persistent F5 BIG-IP cookies to identify and target other internal devices on the targeted network.
October 11th, 2024 — Source

Cybersecurity Awareness Lags as Global Workforce Engages in Risky AI Practices
The latest Annual Cybersecurity Attitudes and Behaviours Report, released by the Australian Cyber Collaboration Centre, has revealed both Australian and global workforces are exhibiting various concerning cybersecurity behaviours — including a tendency to share company data with AI tools.
October 11th, 2024 — Source

DOD Unveils Final CMMC Rule for Defense Contractors
New Cybersecurity Maturity Model Certification Rule Paves Way for Implementation
October 11th, 2024 — Source or Source or Source or Source or Source

ECOVACS robot vacuums are being hacked and taken over
It’s never fun to have to report on products that suffer from hackers looking to cause trouble. However, this is exactly what is happening with ECOVACS robot vacuum models that are being taken over by those looking to create mischief.
October 11th, 2024 — Source

EU adopts Cyber Resilience Act to secure connected products
The EU Council has adopted the Cyber Resilience Act (CRA), a new law that aims to make consumer products with digital components safe(r) to use.
October 11th, 2024 — Source

European Council Adopts Cyber Resilience Act
Act Imposes Mandatory Patching for IoT Devices
October 11th, 2024 — Source or Source or Source or Source

FBI creates fake cryptocurrency in sting operation to catch pump-and-dump market manipulators
This was a first for the bureau
October 11th, 2024 — Source

Fidelity breach exposed the personal data of 77,000 customers - what to do if you're affected
The investment giant is offering those impacted 24 months of free credit monitoring to help them check for any unusual activity.
October 11th, 2024 — Source

Hacker’s Claims About CISO Are Focus of Star Health Probe
Exclusive Interview: Hacker xenZen Details Data Theft Affecting 31 Million in India
October 11th, 2024 — Source

Hackers made robot vacuums randomly yell racial slurs
The attackers also got full control of the units.
October 11th, 2024 — Source

Hackers Prowling for Unencrypted BIG-IP Cookies, Warns CISA
Agency Says Cookies Could Help Attackers Find Network Assets, Vulnerabilities
October 11th, 2024 — Source or Source or Source or Source or Source

How Telegram Feeds The Southeast Asian Gang Crimewave: Expert Analysis
On October 7, the United Nations Office on Drugs and Crime (UNODC) released (PDF) the Transnational Organized Crime and the Convergence of Cyber-Enabled Fraud, Underground Banking, and Technological Innovation report.
October 11th, 2024 — Source

ISMG Editors: Chinese Hackers Raise Stakes in Cyberespionage
Also: AI Safety Bill Vetoed, Global Ransomware Response Guide Gets Some Revisions
October 11th, 2024 — Source

or Source or Source or Source

Microsoft says over 15,000 daily malicious QR code messages are sent to educational targets
Over the past several months, Microsoft's digital security teams have issued alerts and reports on how cybercriminals are trying to influence the upcoming 2024 US presidential election. However, that's not the only cyberattacks that Microsoft is trying to fight against.
October 11th, 2024 — Source

Network Guardians: Crafting a Spring Boot-Driven Anomaly Detection System
This article series will take you through the process of developing a network anomaly detection system using the Spring Boot framework in a robust manner.
October 11th, 2024 — Source

Operation Cronos Is Disrupting LockBit, Says UK Official
Impact Is "What We Would Have Hoped For," Says NCSC CTO Ollie Whitehouse
October 11th, 2024 — Source or Source

Public sector and infrastructure come under attack as malicious web requests rise
The number of malicious web requests rose by 53.2 percent in the first half of 2024, compared to the same period last year according to a new study.
October 11th, 2024 — Source

Rhysida Leaks Nursing Home Data, Demands $1.5M From Axis
Ransomware Gang Could Have Axis Health's Mental Health, Drug Abuse Records
October 11th, 2024 — Source or Source or Source or Source or Source

The Internet Archive is still down but will return in ‘days, not weeks’
The Wayback Machine’s site has been breached, but its founder says the data is still there.
October 11th, 2024 — Source

The problem with third-party breaches: A data protection dilemma
Time and time again, organizations face an escalating threat to their data: Third-party breaches. As businesses increasingly rely on external vendors and partners for various services, the security of sensitive information becomes more vulnerable. This poses the question: Are traditional security measures still effective or obsolete in protecting vital information?
October 11th, 2024 — Source

US lawmakers seek answers on alleged Salt Typhoon breach of telecom giants
Cyberspies abusing a backdoor? Groundbreaking
October 11th, 2024 — Source

Internet — Security Issues — October 10th, 2024

Adaptiva improves collaboration between IT and security teams with vulnerability dashboards
Adaptiva announces the latest feature release for OneSite Patch: vulnerability dashboards. These new dashboards provide real-time visibility into Common Vulnerabilities and Exposures (CVEs) in the environment and patches that can remediate them--empowering organizations to find and fix vulnerabilities efficiently.
October 10th, 2024 — Source

Akira and Fog ransomware now exploit critical Veeam RCE flaw
Ransomware gangs now exploit a critical security vulnerability that lets attackers gain remote code execution (RCE) on vulnerable Veeam Backup & Replication (VBR) servers.
October 10th, 2024 — Source

Breach Roundup: Global Signal Exchange to Curb Online Fraud
Also: A Fidelity Breach, Mamba Phishing
October 10th, 2024 — Source or Source or Source or Source

CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame
Usual three-week window to address significant risks to federal agencies applies
October 10th, 2024 — Source

Cryptohack Roundup: Australia Nabs Crypto in Ghost Takedown
Also: Taiwan AML Rules, IcomTech Sentencing
October 10th, 2024 — Source or Source or Source or Source or Source

Data breach of Fidelity leaks 77,000 customers' personal data
The leak includes customers' Social Security numbers and drivers' licenses.
October 10th, 2024 — Source

Deloitte: Why Only a Quarter of Cybersecurity Professionals are Women
Despite a huge talent shortage in the cybersecurity industry, women still feel discouraged from joining it due to concerns over their knowledge, its inclusivity, and the pay.
October 10th, 2024 — Source

Dutch Police Arrest Two Linked to "Largest Dark Web Market"
Dutch police have arrested two suspects tied to the dark web platforms Bohemia and Cannabia, seizing over €8 million ($8.75 million) in assets.
October 10th, 2024 — Source

ESET updates Vulnerability and Patch Management module
ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as macOS2 devices, covering broader parts of a business' ecosystem.
October 10th, 2024 — Source

European Council Adopts Cyber Resilience Act
Act Imposes Mandatory Patching for IoT Devices
October 10th, 2024 — Source

FBI Charges Three Crypto Firms and Multiple Individuals in Fraud Scheme
The FBI took major action on Wednesday, charging three cryptocurrency companies and 15 individuals with large-scale fraud and market manipulation.
October 10th, 2024 — Source

Fidelity Data Breach Exposed the Personal Data of 77,000 Customers
The cyberattack on Fidelity impacts a small percentage of customers. Here's what you can do if you're affected.
October 10th, 2024 — Source

Fidelity says data breach exposed personal data of 77,000 customers
Fidelity Investments, one of the world's largest asset managers, has confirmed that over 77,000 customers had personal information compromised during an August data breach, including Social Security numbers and driver's licenses.
October 10th, 2024 — Source

Fivecast Discovery drives better analytical outputs
Responding directly to an increased global threat environment, Fivecast launched a Discovery solution that empowers analysts and investigators across both the Government and Corporate sectors to uncover intelligence insights faster to help protect communities and businesses.
October 10th, 2024 — Source

Hacker shows how a cigarette lighter can grant you root access
Homebrewed hardware circumvents security through electromagnetic interference
October 10th, 2024 — Source

How AI Shields Enterprises from Advanced Email Attacks
Email continues to be the largest attack surface in organizations today and advanced email threats are on the rise, with business email compromise (BEC) growing 50% over the past year. And these attacks are costly, having generated $55 billion in exposed losses over the last ten years.
October 10th, 2024 — Source or Source or Source or Source

How CKW Is Building a Smart Energy Grid
CKW's Yann Gosteli on Optimizing Communication Networks With Future-Proof Tech
October 10th, 2024 — Source or Source or Source or Source or Source

Internet Archive Data Breach Exposes 31 Million Accounts
Nonprofit Digital Archive Also Suffers Denial-of-Service Attacks, Defacement
October 10th, 2024 — Source or Source or Source or Source or Source

Internet Archive data breach: Hacker claims to 'See 31 million of you' on Have I Been Pwned
DDoS attacks are taking down the Internet Archive's website as well.
October 10th, 2024 — Source

Internet Archive data breach, defacement, and DDoS: Users' data compromised
The Internet Archive has suffered a data breach, leading to the compromise of email addresses, screen names and bcrypt password hashes of some 31 million users.
October 10th, 2024 — Source

Internet Archive hacked and 31 million user accounts leaked — hacking group 'SN_Blackmeta' claims responsibility
User data was leaked in a 6.4 GB SQL file
October 10th, 2024 — Source

Internet Archive hacked, 31 million accounts have info leaked
A "hacktivist" group claimed responsibility for the attack, which has been confirmed.
October 10th, 2024 — Source

Internet Archive hackers sending email replies to support tickets
An Internet Archive data breach has been confirmed by the organisation, which has also been suffering Distributed Denial-of-Service (DDoS) attacks. The home of the Wayback Machine was previously attacked back in May ...
October 10th, 2024 — Source

Internet Archive Knocked Offline by Hack, User Data Stolen
Operators are moving cautiously to prioritize security as they work to restore the site.
October 10th, 2024 — Source

Internet Archive reels from 'catastrophic' cyberattack, data breach
The Internet Archive, an online repository of web pages, was offline Thursday after its founder confirmed a major cyberattack that exposed the data of millions of users and left the site defaced.
October 10th, 2024 — Source

Internet Archive user info stolen in cyberattack, succumbs to DDoS
31M folks' usernames, email addresses, salted-encrypted passwords now out there
October 10th, 2024 — Source

Is childproofing the internet constitutional? A tech law expert draws out the issues
Mounting pressure to regulate children's use of technology in the United States raises the question: Is childproofing the internet constitutional?
October 10th, 2024 — Source

Ketch Third Party Risk Intelligence provides control over trackers, tags, and cookies
Ketch launched Third Party Risk Intelligence, a new suite of diagnostics and management tools for brands to manage how third party vendors collect data across digital properties.
October 10th, 2024 — Source

Marriott reaches $52 million settlement over years of data breaches
The FTC is also requiring a security overhaul.
October 10th, 2024 — Source

New York State Enacts New Cyber Requirements for Hospitals
Includes 72-Hour Incident Reporting Mandate That Went into Effect on Oct. 2
October 10th, 2024 — Source or Source

Operation Cronos Is Disrupting LockBit, Says UK Official
Impact Is "What We Would Have Hoped For," Says NCSC CTO Ollie Whitehouse
October 10th, 2024 — Source or Source or Source

Qualys Enterprise TruRisk Management unifies asset inventory and risk factors
Qualys launched the Risk Operations Center (ROC) with Enterprise TruRisk Management (ETM). The solution enables CISOs and business leaders to manage cybersecurity risks in real time, transforming fragmented, siloed data into actionable insights that align cyber risk operations with business priorities.
October 10th, 2024 — Source

Relyance AI Raises $32M to Take on AI Governance Challenges
Thomvest Ventures Leads Series B Funding to Support Privacy and Security Compliance
October 10th, 2024 — Source or Source or Source or Source or Source

Severity of ransomware attacks increases by 68 percent
A new report from insurance provider Coalition finds that that ransomware claims severity spiked by 68 percent in the first half of 2024 to an average loss of $353,000.
October 10th, 2024 — Source

Simbian unveils AI Agents to address the top pain points for SOC analysts/span>
Simbian announced a suite of AI Agents that work alongside security teams to enhance the intelligence, speed, and coverage of their entire security program.
October 10th, 2024 — Source

SSA Struggling to Modernize Fraud Prevention Tech, GAO Warns
GAO: SSA Fails to Meet Industry and Federal Electronic Verification System Goals
October 10th, 2024 — Source or Source or Source or Source or Source

Underground ransomware claims attack on Casio, leaks stolen data
The Underground ransomware gang has claimed responsibility for an October 5 attack on Japanese tech giant Casio, which caused system disruptions and impacted some of the firm's services.
October 10th, 2024 — Source

Watch Out for These Text Scams This Election Season
That political fundraising text you just received might not be legitimate. Here's how to tell.
October 10th, 2024 — Source

watchTowr raises $19 million to accelerate global growth
watchTowr announced a $19 million Series A funding round led by Peak XV, formerly known as Sequoia India & Southeast Asia, with repeat participation from Prosus Ventures and Cercano Management.
October 10th, 2024 — Source

Internet — Security Issues — October 8th, 2024

American Water shuts down systems after cyberattack
American Water, the largest water and wastewater utility company in the US, has shut down some of its systems following a cyberattack.
October 8th, 2024 — Source

American Water, the largest water utility in US, is targeted by a cyberattack
The largest regulated water and wastewater utility company in the United States announced Monday that it was the victim of a cyberattack, prompting the firm to pause billing to customers.
October 8th, 2024 — Source

AMI Partners with Samsung to Bring Firmware Security to PCs
AMI, the global leader in Dynamic Firmware for worldwide computing, has partnered with Samsung Electronics, the global leader in consumer technology, to create an enhanced joint security solution available in Samsung's Galaxy Book PCs. Alongside Samsung's multi-layer security platform Samsung Knox, AMI's Tektagon - the industry-leading Platform Root of Trust firmware security solution - is now integrated into Samsung PCs including the Galaxy Book5 Pro 360, Galaxy Book4 Pro, Galaxy Book4 Pro 360, and Galaxy Book4 Ultra.
October 8th, 2024 — Source

AT&T And Verizon Were Allegedly Hacked By A Chinese Hacking Group, And The Breach May Have Exposed Sensitive Infrastructure Information
Technological advancements have brought great ease and convenience, but they have also led to major cybersecurity incidents involving compromised user information and vulnerable companies. A recent report claims that a Chinese hacking group has hacked multiple U.S. broadband providers, including AT&T and Verizon. The cybersecurity breach exposed the sensitive information of major companies and raised some serious concerns regarding national security.
October 8th, 2024 — Source

BreachLock Attack Surface Analytics strengthens enterprise CTEM capabilities
BreachLock strengthens continuous threat exposure management (CTEM) capabilities for enterprise customers with its new Attack Surface Analytics feature.
October 8th, 2024 — Source

Casio reports IT systems failure after weekend network breach
Japanese tech giant Casio has suffered a cyberattack after an unauthorized actor accessed its networks on October 5, causing system disruption that impacted some of its services.
October 8th, 2024 — Source

Chinese hack of US ISPs shows why Apple is right about backdoors for law enforcement
It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US.
October 8th, 2024 — Source

Cloudflare Acquires Kivera to Fuel Preventive Cloud Security
Kivera Integrates Controls Into Cloudflare One to Prevent Cloud Misconfigurations
October 8th, 2024 — Source or Source or Source or Source or Source

Data Theorem Code Secure helps security and DevOps teams secure their software
Data Theorem launched Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment. Code Secure uniquely integrates Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Supply Chain Security capabilities—including Software Bill of Materials (SBOM) management—into a comprehensive product offering.
October 8th, 2024 — Source

DHS Warns Election Security Risks May Persist Into 2025
DHS Says Adversaries May Stoke Voter Fraud Fears Long After Election Day
October 8th, 2024 — Source or Source or Source

Enterprise CISOs worry about losing their job after a breach
A new survey, which polled 200 CISOs from companies with annual revenues exceeding $500 million, highlights growing concerns across a number of areas.
October 8th, 2024 — Source

EU Strengthens Sanctions Against Russian Hackers
Russian Nationals, Agencies Engaged in Cyberattacks, Misinformation to be Targeted
October 8th, 2024 — Source or Source or Source or Source or Source

European govt air-gapped systems breached using custom malware
An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents.
October 8th, 2024 — Source

FTC Findings on Commercial Surveillance Can Lead to Better Alternatives
On September 19, the FTC published a staff report following a multi-year investigation of nine social media and video streaming companies. The report found a myriad of privacy violations to consumers stemming largely from the ad-revenue based business models of companies including Facebook, YouTube, and X (formerly Twitter) which prompted unbridled consumer surveillance practices.
October 8th, 2024 — Source

IronNet Settles Securities Fraud Class Action Suit for $6.6M
Settlement Addresses Claims of False Revenue Forecasts, Investor Misrepresentation
October 8th, 2024 — Source or Source or Source or Source or Source

Ivanti fixes three CSA zero-days exploited in the wild (CVE-2024-9379, CVE-2024-9380, CVE-2024-9381)
Ivanti has patched three additional Cloud Service Appliance (CSA) zero-day flaws, which have been exploited by attackers in conjuction with a zero-day bug the company accidentally fixed in September.
October 8th, 2024 — Source

Juniper Secure AI-Native Edge accelerates detection of potential network threats
Juniper Networks announced its new Juniper Secure AI-Native Edge solution, with a new Security Assurance product, combining Juniper Mist's AI-Native and cloud-native network operations with the efficacy security solution.
October 8th, 2024 — Source

Kaspersky says it's closing down its UK office and laying off dozens
Russian cybersecurity giant Kaspersky is shutting down its office in the United Kingdom and laying off its staff, just three months after the company started closing down its U.S. operations and laying off dozens of workers, TechCrunch has learned.
October 8th, 2024 — Source

Largest US Water Utility Hit by Cybersecurity Incident
Cyber Incident Affecting American Water Utility Company Leads to Portal Shutdown
October 8th, 2024 — Source or Source or Source or Source or Source

MI5 Chief Warns of Cyberthreats to the UK
Russia, Iran and China Investing in Cyber Ops, Warns MI5 Director Ken McCallum
October 8th, 2024 — Source or Source or Source or Source or Source

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)
For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console (MMC).
October 8th, 2024 — Source

MoneyGram confirms hack: Social Security numbers, driver's licenses, and other customer data have leaked
The money transfer company temporarily shut down its systems when it discovered the data breach.
October 8th, 2024 — Source

MoneyGram Money Transfer Firm Reports Customer Data Breach
Stolen Data Includes Social Security Numbers and Details of Criminal Investigations
October 8th, 2024 — Source or Source or Source or Source or Source or Source

New tool helps enterprises identify credential risk
Though organizations and their users have greatly benefited from hybrid environments and SaaS applications, dispersed workforces have also created unforeseen risks that are increasingly difficult to secure.
October 8th, 2024 — Source

OpenBSD 7.6 released: security improvements, new hardware support, and more!
OpenBSD is a free, multi-platform 4.4BSD-based UNIX-like operating system. The 57th release, OpenBSD 7.6, comes with new features, various improvements, bug fixes, and tweaks.
October 8th, 2024 — Source

OTAVA S.E.C.U.R.E. Score simplifies cybersecurity strategy for businesses
OTAVA introduced the OTAVA S.E.C.U.R.E. Score to help businesses further improve their security posture.
October 8th, 2024 — Source

Over 200,000 Comcast customers affected in data breach: Names, IDs, Social Security numbers exposed
Social security numbers, addresses, ID numbers, and more were taken in the data breach
October 8th, 2024 — Source

Qualcomm urges device makers to push patches after 'targeted' exploitation
Given Amnesty's involvement, it's a safe bet spyware is in play
October 8th, 2024 — Source or Source

Qualcomm zero-day under targeted exploitation (CVE-2024-43047)
An actively exploited zero-day vulnerability (CVE-2024-43047) affecting dozens of Qualcomm's chipsets has been patched by the American semiconductor giant.
October 8th, 2024 — Source

Security at the Onset: Stabilizing CSPM and DevSecOps
Proactively integrating CSPM with DevSecOps strengthens security by continuously monitoring and addressing vulnerabilities from development to deployment.
October 8th, 2024 — Source

SimSpace's OT content enhancements improve critical infrastructure security
SimSpace announced its enhanced OT (Operational Technology) content, now offering more realistic and high-fidelity training and emulation.
October 8th, 2024 — Source

Top Priorities of Today's Cybersecurity Leader
The role of a security leader requires navigating a complex web of responsibilities while protecting the organization from an increasingly dynamic threat environment. Balancing time between strategic and operational initiatives is challenging. After all, it's easy to default to tackling the "on fire" problems first for obvious reasons. More challenging, however, is allotting time for forward-looking initiatives that may ultimately save your security team time and effort — and increase your security posture — in the long run.
October 8th, 2024 — Source or Source or Source

'Toxic cloud triad' puts four in 10 organizations at risk
It might sound like a Chinese secret society, but a new report warns that a 'toxic cloud triad' of publicly exposed, critically vulnerable and highly privileged cloud workloads is putting almost four in 10 organizations at risk.
October 8th, 2024 — Source

Ukrainian Pleads Guilty for Role in Raccoon Stealer Malware
Mark Sokolovsky Admits to Felony Conspiracy Charge in US Federal Court
October 8th, 2024 — Source or Source or Source or Source or Source

UN Says Asian Cybercrime Cartels Are Rising Global Threat
Crime Syndicates Too Powerful for Regional Governments to Police, UN Report Warns
October 8th, 2024 — Source or Source or Source or Source or Source

Why Chinese Hackers Breached U.S. Federal Wiretapping Systems
Chinese hackers have allegedly once again breached U.S. government systems and maintained persistence in their cyberespionage attacks.
October 8th, 2024 — Source

Internet — Security Issues — October 7th, 2024

Action1 offers extended endpoint management capabilities for macOS devices
Action1 announced its latest product release. As part of its platform enhancements, Action1 has introduced a new agent for macOS, enabling organizations with diverse IT environments to ensure unified, cross-platform patching automation and integrated software vulnerability management.
October 7th, 2024 — Source

American Water rinsed in cyber attack, turns off app
American Water, which supplies over 14 million people in the US and numerous military bases, has stopped issuing bills and has taken its MyWater app offline while it investigates a cyber attack on its systems.
October 7th, 2024 — Source

American Water shuts down online services after cyberattack
American Water, the largest publicly traded U.S. water and wastewater utility company, was forced to shut down some of its systems after a Thursday cyberattack.
October 7th, 2024 — Source

American Water warns of billing outages after finding hackers in its systems
U.S. public utility giant American Water says it has disconnected some of its systems after discovering that hackers breached its internal networks last week.
October 7th, 2024 — Source

As Americans lose billions of dollars to digital scams, startups turn to AI for solutions
The caller claimed to be a relative in trouble — in this case, a grandson who was in a car accident in Cuba and needed $34,000 for hospital bills and to get out of jail.
October 7th, 2024 — Source

AT&T, Verizon reportedly hacked to target US govt wiretapping platform
Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports.
October 7th, 2024 — Source

Australian Cybersecurity Professionals Confess To Growing Job Stress
Stressful cyber roles make it more difficult to recruit and retain cyber skills.
October 7th, 2024 — Source

C'est La Vie: French Atos Acquisition Bid Expires
Parties Vow to Continue Negotiations
October 7th, 2024 — Source or Source or Source or Source or Source

Canada East Summit: From Ransomware to Growing CISO Liability
Canadian Cybersecurity Leaders Brace for Changing Security Landscape and Regulations
October 7th, 2024 — Source or Source or Source or Source

China hacked Verizon and AT&T, may have accessed US wiretap systems
Chinese hackers were in networks of major ISPs "for months," WSJ reports.
October 7th, 2024 — Source

Comcast says customer data stolen in ransomware attack on debt collection agency
U.S. telecom giant Comcast has warned that cybercriminals stole the personal data of more than 230,000 customers during a ransomware attack on a third-party provider of debt collection services.
October 7th, 2024 — Source or Source

Comcast Says Ransomware Attack on Debt Collector Stole Customer Data
Comcast revealed in a filing with Maine's attorney general on October 4th that data from 237,703 subscribers was compromised in a ransomware attack in February.
October 7th, 2024 — Source

Data breach leaks SSNs of over 230,000 Comcast customers
A ransomware attack at a debt collection agency used by Comcast leaked info dating from 'around 2021.'
October 7th, 2024 — Source

Defending healthcare systems against ransomware attacks [Q&A]
Ransomware attacks target industries across the board, but they're of particular concern in the healthcare sector where an attack can mean not only data is at risk but lives too.
October 7th, 2024 — Source

DHS Warns Election Security Risks May Persist Into 2025
DHS Says Adversaries May Stoke Voter Fraud Fears Long After Election Day
October 7th, 2024 — Source or Source

Elon Musk's X loses battle over federal request for Trump's DMs
Prosecutors now have a "blueprint" to seize privileged communications, X warned.
October 7th, 2024 — Source

Feds Probe Chinese 'Salt Typhoon' Hack of Major Telcos
Verizon, AT&T and Lumen's Systems for Lawful Broadband Wiretaps Reportedly Breached
October 7th, 2024 — Source or Source or Source or Source or Source

Feds Warn Health Sector of New 'Trinity' Ransomware Threats
Gang Hits Victims with 'Sophisticated' Exfiltration, Encryption Extortion Attacks
October 7th, 2024 — Source or Source or Source or Source or Source

From IT to Boardroom: NIS2 Reshapes Cybersecurity Roles
Schellman CEO Avani Desai on Preparing Executives for New Security Responsibilities
October 7th, 2024 — Source or Source or Source or Source or Source

Google removes Kaspersky apps from its store
Google has unceremoniously evicted Kaspersky's apps from the Play Store. While the Russian security firm insists that the removal is temporary, it comes after the company's software was banded from being sold in the US.
October 7th, 2024 — Source

How not to get scammed on freelance platforms
Get hired. Get paid. Trust no one.
October 7th, 2024 — Source

I got scammed on Upwork so you don't have to
My $475 lesson in gig economy exploitation
October 7th, 2024 — Source

Influential resource on international cyber law updated for 2024
An influential legal resource used by countries around the world to understand and analyze legal aspects of the use of cyber capabilities on the international plane has been updated for 2024.
October 7th, 2024 — Source

Linux systems targeted with stealthy "Perfctl" cryptomining malware
Thousands of Linux systems are likely infected with the highly elusive and persistent "perfctl" (or "perfcc") cryptomining malware and many others still could be at risk of getting compromised, Aqua Security researchers revealed last week.
October 7th, 2024 — Source

MoneyGram says hackers stole customers' personal information and transaction data
U.S. money transfer giant MoneyGram has confirmed that hackers stole its customers' personal information and transaction data during a cyberattack last month.
October 7th, 2024 — Source

Oleria's CEO Talks Boards and Security Leaders
The escalating frequency and severity of cyber attacks have thrust cybersecurity into the spotlight, demanding unprecedented levels of vigilance and expertise. In this landscape, the role of boards of directors has never been more critical.
October 7th, 2024 — Source

Smart TVs are like "a digital Trojan Horse" in people's homes
48-page report urges FTC, FCC to investigate connected TV industry data harvesting.
October 7th, 2024 — Source

Timeline: 15 Notable Cyberattacks and Data Breaches
These 15 cyber attacks or data breaches impacted large swaths of users across the United States and changed what was possible in cybersecurity.
October 7th, 2024 — Source

Ukrainian pleads guilty to operating Raccoon Stealer malware
​Ukrainian national Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware cybercrime operation.
October 7th, 2024 — Source

US Government, Microsoft Aim to Disrupt Russian Threat Actor 'Star Blizzard'
New reports from both Microsoft's Digital Crimes Unit and the U.S. Department of Justice expose a disruptive operation against more than 100 servers used by "Star Blizzard" — a Russian-based cyber threat actor specializing in compromising email boxes to exfiltrate sensitive content or interfere with the target's activities.
October 7th, 2024 — Source

US Judge Blocks California's Law Curbing Election Deepfakes
Man Who Made Viral Deepfake of Kamala Harris Wins Preliminary Injunction
October 7th, 2024 — Source or Source or Source or Source or Source

Why Small Developer Tools Get Flagged as Malware and How to Safely Use Their Software
Recently, a reader of our newsletter called me to task for recommending software that Malwarebytes tagged as suspicious or a PUP. Rightly so, I think. I should have given a warning. We have written about PUPs and False Postives detections sometime ago, but this is an excellent time to discuss how tools from small developers often face an uphill battle regarding being recognized as safe.
October 7th, 2024 — Source

Internet — Security Issues — October 6th, 2024

Comcast and Truist Bank customers caught up in FBCS data breach
Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised.
October 6th, 2024 — Source

U.S. Wiretaps May Have Been Compromised by Major Cyber-Attack from China
Hackers linked to China recently launched a large-scale cyberattack on major U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies.
October 6th, 2024 — Source

Internet — Security Issues — October 5th, 2024

Lego's website was hacked to promote a crypto scam
The company said no user accounts were compromised.
October 5th, 2024 — Source

Ryanair faces GDPR turbulence over customer ID checks
Irish data watchdog opens probe after 'numerous complaints'
October 5th, 2024 — Source

Internet — Security Issues — September 29th, 2024

Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released
Here's an overview of some of last week's most interesting news, articles, interviews and videos:
September 29th, 2024 — Source

Internet — Security Issues — September 28th, 2024

Cloud Misconfigurations Can Cause Major Data Breaches: Deliveroo at InfoQ Dev Summit Munich
During her presentation at the inaugural edition of the InfoQ Dev Summit Munich, Danielle Sudai, security operations lead at Deliveroo, explored the fundamentals of cloud security posture management (CSPM), stressing how a single misconfiguration can damage your company's security. She emphasised the importance of bridging the gap between the different layers of the organisation, from governance to technology.
September 28th, 2024 — Source

Don't be fooled: Sextortion scam uses your home photos, but has no real leverage
They are bluffing, the EFF says
September 28th, 2024 — Source

Windows includes built-in ransomware protection. Here's how to turn it on
Be sure to enable automatic backups, too.
September 28th, 2024 — Source

Internet — Security Issues — September 25th, 2024

Americans Still Falling for Romance Scams, Survey Shows
Here's how to protect yourself from malicious online Romeos and femmes fatale.
September 25th, 2024 — Source

Can humans provide a cybersecurity edge? [Q&A]
It's usually the case that cybersecurity is seen as being all about technology and that humans -- making mistakes and falling for social engineering -- are something of a liability.
September 25th, 2024 — Source

CMS Now Says 3.1 Million Affected by MOVEit Hack
New Estimate Is 3 Times Higher Than Number Agency Initially Publicly Disclosed
September 25th, 2024 — Source or Source or Source or Source or Source

Commvault to Boost AWS Data Protection With $47M Clumio Buy
Clumio Adds Advanced Cyber Resilience, AWS Data Recovery to Commvault's Platform
September 25th, 2024 — Source or Source or Source

DefectDojo Raises $7 Million for Application Security Platform
Application security and vulnerability management platform DefectDojo has raised $7 million in Series A funding.
September 25th, 2024 — Source

Enterprises suffer surge in mobile phishing attacks
Cybercriminals are increasingly adopting a 'mobile-first' attack strategy to infiltrate enterprise systems by targeting weak, unsecured, and unmanaged mobile endpoints, recognizing mobile as a major entry point to corporate networks and sensitive data.
September 25th, 2024 — Source

Exploding pagers and walkie-talkies are a reminder of how easily devices can be hacked
The recent attacks on walkie-talkies and pagers in Lebanon have highlighted the hidden vulnerabilities in everyday technology. These incidents underscore the need for individuals to understand the potential risks associated with their devices and to take proactive steps to protect themselves in an increasingly digital world where safety can be compromised.
September 25th, 2024 — Source

Hacker Conversations: Joe Grand -- Mischiefmaker, Troublemaker, Teacher
Joe Grand is the epitome of a hacker. Childhood curiosity followed by mischief-making tipping over into illegal behavior before developing into a responsible good faith hacker.
September 25th, 2024 — Source

Hackers are now using AI-generated code for malware attacks
Two separate attacks have been spotted using code that was probably written by artificial intelligence.
September 25th, 2024 — Source

India-Linked Hackers Targeting Pakistani Government, Law Enforcement
The India-linked threat actor SloppyLemming has been targeting government, law enforcement, and other entities in Pakistan.
September 25th, 2024 — Source

Iran Was Behind Thousands of Text Messages Calling for Revenge Over Quran Burnings, Sweden Says
Sweden is accusing Iran of hacking SMS service and sending out thousands of text messages calling for revenge over Quran burnings.
September 25th, 2024 — Source

Malwarebytes Personal Data Remover protects user privacy
Malwarebytes introduced its latest consumer product, Personal Data Remover, designed to protect user privacy by assisting users with the deletion of personal information from data broker databases and people search sites.
September 25th, 2024 — Source

ManageEngine Analytics Plus 6.0 identifies key inefficiencies in IT operations
ManageEngine announced a significant upgrade to its flagship IT analytics solution, Analytics Plus. Version 6.0 introduces Spotlight, a contextual recommendations engine powered by AI, designed to identify key inefficiencies in IT operations and suggest corrective strategies.
September 25th, 2024 — Source

Managing Security at the Network Layer
How to Safeguard Critical Infrastructure
September 25th, 2024 — Source

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
September 25th, 2024 — Source

NETSCOUT's nGeniusONE notification center streamlines and automates alerts
NETSCOUT announced enhancements to its nGenius Enterprise Performance Management solution, which includes a new notification center that helps streamline and automate alerts and contextual workflows to identify and resolve problems faster.
September 25th, 2024 — Source

Nudge Security introduces automated SaaS spend discovery capabilities
Nudge Security unveiled an automated SaaS spend discovery capabilities, building on the company's patented approach to SaaS discovery to include analysis and insights into previously unknown SaaS spend.
September 25th, 2024 — Source

Onapsis expands security for SAP Business Technology Platform
Onapsis announced new capabilities for its flagship solutions, Onapsis Defend and Onapsis Assess, designed to secure the SAP Business Technology Platform (SAP BTP).
September 25th, 2024 — Source

OneTrust helps organizations operationalize DORA compliance
OneTrust announced new capabilities to help organizations enhance resilience across the financial sector and operationalize compliance with the EU's Digital Operational Resilience Act (DORA).
September 25th, 2024 — Source

OpenAI Chief Technology Officer Mira Murati and 2 Other Execs Are Leaving the ChatGPT Maker
Mira Murati, who served a few days as its interim CEO during a period of turmoil last year, said she's leaving the artificial intelligence company.
September 25th, 2024 — Source

Over 100 EU Firms Commit to Implementing Key AI Act Provisions
More than 100 tech companies on Wednesday made voluntary commitments to conduct trustworthy and safe development of artificial intelligence in the European Union, with a few notable exceptions.
September 25th, 2024 — Source or Source or Source or Source

PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)
Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remotely read and modify all help desk ticket details, are now public.
September 25th, 2024 — Source

Portnox enhances passwordless risk-based access for enterprise applications
Portnox announced support for Microsoft External Authentication Methods (EAM) for its Conditional Access for Applications solution. This new integration extends Portnox's commitment to delivering phishing-resistant passwordless authentication with risk-based assessment and compliance validation for enterprise applications.
September 25th, 2024 — Source

RansomHub genius tries to put the squeeze on Delaware Libraries
Extorting underfunded public services for $1M isn't a good look
September 25th, 2024 — Source

Researcher Says Healthcare Facility's Doors Hackable for Over a Year
A researcher analyzing building access control vulnerabilities says a US healthcare facility has yet to patch security holes one year after being notified.
September 25th, 2024 — Source

Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes
ZDI offers over $1 million in cash and prizes at the next Pwn2Own Automotive hacking contest, set for January 2025 in Tokyo.
September 25th, 2024 — Source

Security Firm Shows How Threat Actors Could Abuse Google's Gemini AI Assistant
HiddenLayer has discovered that Google Gemini for Workspace is prone to indirect prompt injection attacks.
September 25th, 2024 — Source

Tamnoon Raises $12 Million for Cloud Security Remediation Service
Tamnoon has raised $12 million in Series A funding for its Managed Cloud Security Remediation service.
September 25th, 2024 — Source or Source

Third Recent Ivanti Vulnerability Exploited in the Wild
CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild.
September 25th, 2024 — Source

To Be a Cybersecurity Pro, Think Like a Puzzle Solver
How Curiosity and Gamification Drive Cybersecurity Excellence
September 25th, 2024 — Source or Source or Source or Source or Source

US CISA Releases Toolkit for Anonymous School Threats
New Guidance Aims to Improve School Responses to 'Scourge' of Anonymous Threats
September 25th, 2024 — Source or Source or Source or Source or Source

US FTC Targets AI Firms in Crackdown on Deceptive Practices
Federal Trade Commission Takes Aim at Deceptive Use of Artificial Intelligence
September 25th, 2024 — Source or Source

Internet — Security Issues — September 23rd, 2024

4 More EU Nations Join US-Led Initiative to Counter Spyware
Austria, Estonia, Lithuania and the Netherlands Join the Coalition Formed in March
September 23rd, 2024 — Source or Source or Source or Source

10 Security Best Practices for SaaS
SaaS security encompasses a range of measures and protocols designed to protect sensitive data and ensure the safety of users within a SaaS environment.
September 23rd, 2024 — Source

11 million devices infected with botnet malware hosted in Google Play
Necro infiltrated Google Play in 2019. It recently returned.
September 23rd, 2024 — Source

Apple's latest macOS update is causing headaches for security programs
Cupertino apparently knew about the issues, and released the OS update anyway
September 23rd, 2024 — Source

Attack Surface Management Summit -- All Sessions Available on Demand
Sessions from SecurityWeek's 2024 Attack Surface Management are now available to watch on demand.
September 23rd, 2024 — Source

Ban Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US Roads
In extreme situations, a foreign adversary could shut down or take simultaneous control of multiple vehicles operating in the United States, causing crashes and blocking roads.
September 23rd, 2024 — Source

CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF
Microchip Advanced Software Framework (ASF) 3 is affected by a critical vulnerability that could lead to remote code execution.
September 23rd, 2024 — Source

Cloudflare AI Audit helps websites control how their content is used by AI models
Cloudflare announced AI Audit, a set of tools to help websites of any size analyze and control how their content is used by AI models.
September 23rd, 2024 — Source

'Cybersecurity issue' takes MoneyGram offline for three days -- and counting
Still no 'R' word, but smells like ransomware from here
September 23rd, 2024 — Source

Cybersecurity Products Conking Out After macOS Sequoia Update
macOS Sequoia updates are causing cybersecurity software failures and breaking network connectivity for many.
September 23rd, 2024 — Source

Dark web exposure increases risk of attack
The presence of any data relating to an organization on the dark web demonstrably increases its risk of a cyberattack.
September 23rd, 2024 — Source

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products
ESET has released patches for two local privilege escalation vulnerabilities in security products for Windows and macOS.
September 23rd, 2024 — Source

Hackers know your social security number. Here's how to stay safe
Thanks to a multitude of data leaks, your most sensitive information is now easily accessible to the world.
September 23rd, 2024 — Source

How did they get my data? I uncovered the hidden web of networks behind telemarketers
Last year, I started getting a lot of unsolicited phone calls, mainly from people trying to sell me things. This came as a surprise because, as a data scientist, I am very careful about what personal information I let out into the world. So I set out to discover what had happened.
September 23rd, 2024 — Source

How Microsoft Is Beefing Up Security With 34,000 Engineers
After Review Board Criticism, Microsoft Targets Culture, Governance, Engineering
September 23rd, 2024 — Source or Source or Source or Source or Source

How Sonos botched its app and infuriated its customers
Sonos' app update update has become one of the most disastrous software releases by any consumer technology company in recent memory. In most every corner of the internet where customers have a space to speak their minds, the anger at Sonos is palpable.
September 23rd, 2024 — Source

Kaspersky deletes itself, installs UltraAV antivirus without warning
Starting Thursday, Russian cybersecurity company Kaspersky deleted its anti-malware software from customers' computers across the United States and automatically replaced it with UltraAV's antivirus solution.
September 23rd, 2024 — Source

Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers
Mandiant shines the spotlight on the growing infiltration of US and Western companies by North Korean fake IT workers.
September 23rd, 2024 — Source

Microsoft details 'largest cybersecurity engineering effort in history' — securing its own code
Microsoft gave new details about its security initiatives on Monday morning, less than five months after CEO Satya Nadella and security leader Charlie Bell outlined a series of reforms to address cybersecurity breaches, and said the company would be making security its top priority.
September 23rd, 2024 — Source

Microsoft has announced new efforts to improve its cybersecurity systems
It's been over a year since Microsoft revealed that Chinese hackers had accessed Outlook-based government email accounts in the US and Europe. In November 2023, Microsoft announced the launch of its Secure Future Initiative (SFI) to prevent similar incidents in the future and improve its cybersecurity efforts.
September 23rd, 2024 — Source

Microsoft's largest ever security transformation detailed in new report
A new report details Microsoft's security progress and new deputy CISOs.
September 23rd, 2024 — Source

Necro malware continues to haunt side-loaders of dodgy Android mods
11M devices exposed to trojan, Kaspersky says
September 23rd, 2024 — Source

New Mallox ransomware Linux variant based on leaked Kryptina code
An affiliate of the Mallox ransomware operation, also known as TargetCompany, was spotted using a slightly modified version of the Kryptina ransomware to attack Linux systems.
September 23rd, 2024 — Source

North Korea Targets Software Supply Chain Via PyPI
Backdoored Python Packages Likely Work of 'Gleaming Pisces,' Says Palo Alto
September 23rd, 2024 — Source or Source or Source or Source or Source

Organizations are changing cybersecurity providers in wake of Crowdstrike outage
More often than not, a cyber attack or a cyber incident that results in business disruption will spur organizations to make changes to improve their cybersecurity and cyber resilience -- and sometimes that means changing cybersecurity providers.
September 23rd, 2024 — Source

Pennsylvania Firm to Pay $65M for Cancer Patient Photo Hack
Lehigh Valley Health Network Will Pay 134,000 Victims of Ransomware Attack and Leak
September 23rd, 2024 — Source or Source or Source or Source or Source

RightCrowd SmartAccess platform enhancements boost enterprise security
RightCrowd announced significant advancements in its product portfolio with the launch of enhanced RightCrowd SmartAccess platform, the broadest set of mobile credential capabilities with expanded partnerships with Wavelynx, HID, and Sentry, and reinforced visitor management features.
September 23rd, 2024 — Source

Rockwell Automation PLC Software Contains RCE Flaw
Attackers Could Shut Down Operations Or Cause Physical Damage
September 23rd, 2024 — Source or Source or Source or Source or Source

So how's Microsoft's Secure Future Initiative going?
34,000 engineers pledged to the cause, but no word on exec pay
September 23rd, 2024 — Source

Some Kaspersky customers receive surprise forced-update to new antivirus software
Customers of Kaspersky antivirus in the United States found out in the last few days that their cybersecurity software was automatically replaced with a new one called UltraAV, according to several customers who posted on social media. And some of the customers said they had no idea this was going to happen.
September 23rd, 2024 — Source

The Necro Android Malware Loader Is Back From The Dead And Spreading
The Google App store is once again at the centre of discussions about just what Google means when they say you should trust the security of the Play Store. The original Necro malware started spreading in 2019 and a brand new version of it has been spreading through the app store, and is still there in a few game mods.
September 23rd, 2024 — Source

US Pushes Ban on Chinese, Russian Tech in Connected Vehicles
Commerce Department Moves to Regulate Foreign Vehicle Tech Amid Security Fears
September 23rd, 2024 — Source

Versa Networks Patches Vulnerability Exposing Authentication Tokens
Versa Networks has released patches for a Versa Director vulnerability for which proof-of-concept (PoC) code exists.
September 23rd, 2024 — Source

What Is Threat Hunting In Cybersecurity?
Cyber threat hunting involves taking proactive measures to detect potential threats or malicious activities. Learn about threat-hunting techniques and how they work.
September 23rd, 2024 — Source

Internet — Security Issues — September 22nd, 2024

Data resilience and protection in the ransomware age
Data is the currency of every business today, but it is under significant threat. As companies rapidly collect and store data, it is driving a need to adopt multi-cloud solutions to store and protect it. At the same time, ransomware attacks are increasing in frequency and sophistication.
September 22nd, 2024 — Source

Ukraine bans Telegram messenger app on state-issued devices because of Russian security threat
Ukraine has banned government officials, military personnel and other defense and critical infrastructure workers from installing the popular Telegram messaging app on state-issued devices, describing the move as necessary for national security during the war with Russia.
September 22nd, 2024 — Source

Vulnerability in MediaTek chips allows 'zero-click' remote takeover
A vulnerability discovered inside the MediaTek chipsets can allow attackers to take over a victim's device. The "zero-click" bug opens the door to Remote Code Execution (RCE) without user interaction.
September 22nd, 2024 — Source

Internet — Security Issues — September 21st, 2024

Global infostealer malware operation targets crypto users, gamers
A massive infostealer malware operation encompassing thirty campaigns targeting a broad spectrum of demographics and system platforms has been uncovered, attributed to a cybercriminal group named "Marko Polo."
September 21st, 2024 — Source

Videos: Attack Surface Management Summit -- All Sessions Available on Demand
Sessions from SecurityWeek's 2024 Attack Surface Management are now available to watch on demand.
September 21st, 2024 — Source

Watch a game of Minesweeper destroy Windows in real time
Minesweeper is a classic puzzle game that has been included in Windows operating systems for decades. The objective is to clear a grid of hidden mines using numerical clues to determine how many mines are adjacent to each square, requiring strategy and logical thinking to avoid detonating them.
September 21st, 2024 — Source

Internet — Security Issues — September 19th, 2024

Apple's new macOS Sequoia update is breaking some cybersecurity tools
On Monday, Apple released its latest computer operating system update called macOS 15, or Sequoia. And, somehow, the software update has broken the functionality of several security tools made by CrowdStrike, SentinelOne, Microsoft, and others, according to posts on social media, as well as messages posted in a Mac-focused Slack channel.
September 19th, 2024 — Source

Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd
Atlassian's September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products.
September 19th, 2024 — Source

Breach Roundup: Cyberwar Is Too Hot for Insurers
Also: A Phishing Network Takedown, Another Ivanti Critical Flaw and Meta Bans RT
September 19th, 2024 — Source or Source or Source or Source or Source

Canada's Leaders Must Reject Overbroad Age Verification Bill
Canadian lawmakers are considering a bill, S-210, that's meant to benefit children, but would sacrifice the security, privacy, and free speech of all internet users.
September 19th, 2024 — Source

China-Linked Attack Hits 260,000 Devices, FBI Confirms
Read more about a China-linked threat actor that has compromised more than 260 000 devices worldwide to facilitate DDoS and other targeted attacks.
September 19th, 2024 — Source

GovernmentCISA Releases Cyber Defense Alignment Plan for Federal Agencies
CISA has laid out the FOCAL plan, which aligns the collective operational defense capabilities across federal agencies.
September 19th, 2024 — Source

CISA: Oracle Vulnerabilities From 'Miracle Exploit' Targeted in Attacks
CISA is warning organizations that two Oracle vulnerabilities tracked as CVE-2022-21445 and CVE-2020-14644 are being exploited in the wild.
September 19th, 2024 — Source

Cryptohack Roundup: Delta Prime, Ethena Exploits
Also: US SEC Settles With Prager Metis, Rari Capital
September 19th, 2024 — Source or Source or Source or Source

Cyber Insurers Are Intensely Scrutinizing Healthcare Clients
Chris Henderson of Huntress on Cyber Insurance and Threat Trends in Healthcare
September 19th, 2024 — Source or Source or Source or Source or Source

Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats
Threats have become more complex as the threat surface has expanded and it is now about the evolution of protecting a business and its ecosystem.
September 19th, 2024 — Source

Digital Maturity Key to AI Success in Australian Cyber Security
ManageEngine reveals that digital maturity is essential for AI success in Australian cybersecurity. Discover how streamlined processes and automation boost AI ROI and effectiveness.
September 19th, 2024 — Source

Edera raises $5 million to improve Kubernetes security
Edera announced it has raised $5 million in a seed round led by 645 Ventures and Eniac Ventures with participation from FPV Ventures, Generationship, Precursor Ventures and Rosecliff Ventures. Angel investors include Joe Beda, Filippo Valsorda, Mandy Andress, Jeff Behl and Kleiner Perkins scout Nikitha Suryadevara, among others.
September 19th, 2024 — Source

Fake Job Lures Target Employees of Aerospace, Energy Firms
BAE Systems Among Companies in the Sights of North Korean Cyberespionage Group
September 19th, 2024 — Source or Source or Source or Source

FBI forced Flax Typhoon to abandon its botnet
A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director Chris Wray confirmed on Wednesday.
September 19th, 2024 — Source

Forescout for OT Security secures OT, IoT, and IT hybrid environments
Forescout announced its new SaaS Operational Technologies (OT) solution.
September 19th, 2024 — Source

Germany seizes 47 crypto exchanges used by ransomware gangs
German law enforcement seized 47 cryptocurrency exchange services hosted in the country that facilitated illegal money laundering activities for cybercriminals, including ransomware gangs.
September 19th, 2024 — Source

GitLab Patches Critical Authentication Bypass Vulnerability
GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances.
September 19th, 2024 — Source

Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack
The Port of Seattle, which owns and runs the airport, has decided not to pay, the official said.
September 19th, 2024 — Source

How a national lab retires—and shreds—large computing resources
Ever wonder what happens to massive supercomputing systems when they're retired? Surprisingly, when it comes to the data, it's not too different from disposing of old documents—they go straight into a shredder and sent to recycling.
September 19th, 2024 — Source

How Mastercard Benefits From the $2.65B Recorded Future Deal
EVP Johan Gerber on How Threat Intelligence Can Prevent Fraud, Protect Payments
September 19th, 2024 — Source or Source

Iranian Hackers Tried but Failed to Interest Biden's Campaign in Stolen Trump Info, FBI Says
Iranian hackers sought to interest President Joe Biden's campaign in information stolen from rival Donald Trump's campaign.
September 19th, 2024 — Source

Juniper extends AI-Native Networking Platform to maximize the full potential of Wi-Fi 7
Juniper Networks announced several key enhancements to its AI-Native Networking Platform that enable customers and partners to take full advantage of the emerging 802.11be amendment (Wi-Fi 7), which promises higher throughput, lower latency, extended range and greater reliability than previous Wi-Fi versions.
September 19th, 2024 — Source

LinkedIn scraped your data without telling you
Nowadays, there's no telling how many of the companies we trust are scraping our data under our noses to train AI models. We never find out until they're caught with their hands in the cookie jar.
September 19th, 2024 — Source

Microsoft: Russian Cyber Proxies Targeting Harris Campaign
Microsoft Says Russia-Linked Cyber Actors Are Supporting Trump by Attacking Harris
September 19th, 2024 — Source or Source or Source or Source or Source

Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate
Microsoft has observed the threat actor Vanilla Tempest targeting US healthcare organizations with INC ransomware.
September 19th, 2024 — Source

Opnova Banks Seed Capital to Tackle Security, IT Automation
Serial entrepreneur Sinan Eren is back with Opnova, a startup working on automating security workflows with limited human supervision.
September 19th, 2024 — Source

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity's Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance.
September 19th, 2024 — Source

Picus Security raises $45 million to help organizations reduce cyber risk
Picus Security announced it has closed a $45 million growth investment round led by Riverwood Capital with the participation of existing investor Earlybird Digital East Fund, bringing Picus' total funds raised to $80 million.
September 19th, 2024 — Source

Picus Security Receives $45M to Enhance Exposure Management
Riverwood Capital Leads Investment in Security Validation Firm to Grow in Americas
September 19th, 2024 — Source

Picus Security, founded by 3 Turkish mathematicians, raises $45M after simulating 1B cyberattacks
For as long as programming has existed, we have had a plethora of methods to ensure the code works as intended. These days, that entire testing process has been kicked into high gear: The growing sophistication of security breaches has turned software verification into a much more urgent task — and a far more complicated one.
September 19th, 2024 — Source

Raptor Train Botnet Infects 260,000 Devices Globally
Chinese Botnet Targets US Critical Infrastructure and Taiwan
September 19th, 2024 — Source or Source

Port of Seattle's refusal to pay bitcoin ransom highlights cybersecurity dilemma
The Port of Seattle is dealing with a common conundrum facing victims of a ransomware attack: to pay, or not to pay.
September 19th, 2024 — Source

Security Validation Firm Picus Security Raises $45 Million
Attack simulation firm has raised $45 million in growth funding, bringing the total amount raised to $80 million.
September 19th, 2024 — Source

$HACKED Twitter Scam Scheme Fails as Hackers' Honesty Scores Them Pennies
A group of crypto scammers failed to rake in a substantial sum even after infiltrating multiple high-profile accounts on the social media platform X, including computer brand Lenovo's India division, film director Oliver Stone, Yahoo News UK, and Brazilian soccer player Neymar Jr.
September 19th, 2024 — Source

Should CIOs and CISOs Wear One Hat?
Essen Health Care's Hiren Dave Makes the Case for Integration of CIO-CISO Roles
September 19th, 2024 — Source or Source or Source or Source

Sweeping FTC study finds that social media sites engage in 'vast surveillance' of its users
This includes children and teens./span>
September 19th, 2024 — Source

Tenable Enclave Security enables discovery, assessment and analysis of IT assets
Tenable launched Tenable Enclave Security, a solution that supports the needs of customers operating in highly secure environments, such as those that are classified or otherwise air-gapped.
September 19th, 2024 — Source

Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations
Better check your widgets, people
September 19th, 2024 — Source

UK activists targeted with Pegasus spyware ask police to charge NSO Group
4 file complaint with London's Met, alleging malware maker helped autocratic states violate their privacy
September 19th, 2024 — Source

UK public worried about cyberwarfare
A new survey of 2,000 people in the UK for the International Cyber Expo shows that 72 percent believe that cyberwarfare is likely to be the next step in modern combat.
September 19th, 2024 — Source

US Disrupts 'Raptor Train' Botnet of Chinese APT Flax Typhoon
The US government has announced the disruption of Raptor Train, a Flax Typhoon botnet powered by hacked consumer devices.
September 19th, 2024 — Source

US FTC Reveals Vast Surveillance by Social Media, Streaming
New Report Accuses 9 Platforms of Surveillance of Users, Points to Privacy Concerns
September 19th, 2024 — Source or Source or Source

Vendor Notebook: New cybersecurity and EHR performance upgrades
Crowdstrike has new partnerships that bolster and streamline SOC processes and spur AI-driven security innovations. Also, Oracle, Meditech and Innovaccer add tools to improve daily healthcare operations.
September 19th, 2024 — Source

Videos: Attack Surface Management Summit -- All Sessions Available on Demand
Sessions from SecurityWeek's 2024 Attack Surface Management are now available to watch on demand.
September 19th, 2024 — Source

What's Next for Secure Communication After Exploding Pagers?
No OpSec Measure Is Bulletproof to the Effects of a Corrupted Supply Chain
September 19th, 2024 — Source or Source or Source or Source or Source

Why Small Developer Tools Get Flagged as Malware and How to Safely Use Their Software
Recently, a reader of our newsletter called me to task for recommending software that Malwarebytes tagged as suspicious or a PUP. Rightly so, I think. I should have given a warning.
September 19th, 2024 — Source

Windows users targeted with fake human verification pages delivering malware
For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages.
September 19th, 2024 — Source

Zenity unveils agent-less security solution for Microsoft 365 Copilot
Zenity announced an agent-less security solution for Microsoft 365 Copilot with the Zenity AI Trust Layer. With this product launch, Zenity is continuing to empower its customers to confidently and securely unleash business enablement.
September 19th, 2024 — Source

Internet — Security Issues — September 16th, 2024

88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack
Orthopedics services provider Access Sports says the data of 88,000 people was stolen by cybercriminals.
September 16th, 2024 — Source

Apple Patches Major Security Flaws With iOS 18 Refresh
Apple warns that attackers can use Siri to access sensitive user data, control nearby devices, or view recent photos without authentication.
September 16th, 2024 — Source

Apple Releases iOS 18 and iPadOS 18 With Home Screen Customization, App Locking, Passwords App, Messages Updates and More
Apple today released iOS 18 and iPadOS 18, the new operating system updates for the iPhone and iPad. As with all of Apple's software updates, ‌iOS 18‌ and ‌iPadOS 18‌ are available for free.
September 16th, 2024 — Source

Breach-Weary Snowflake Moves to MFA, 14-Character Passwords
New Security Measures Follow High-Profile Hacks of Snowflake Customers
September 16th, 2024 — Source or Source or Source or Source or Source

China Using Powerful Hacking Firms to Run Its Espionage War
5 Cybersecurity Firms Provide Large Pool of Government-Funded Espionage Resources
September 16th, 2024 — Source or Source or Source or Source or Source

CISA warns of Windows flaw used in infostealer malware attacks
CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group.
September 16th, 2024 — Source

Clinical Considerations When Recovering From Ransomware
CyberSolutionsMD CEO Eric Liederman Outlines a '12-Step Program' for Response
September 16th, 2024 — Source or Source or Source or Source or Source

CloudImposer RCE Vulnerability Targets Google Cloud Platform
Attackers Could Exploit Flaw to Run Malicious Code on Google' s, Customers' Servers
September 16th, 2024 — Source or Source

Data Stolen in Ransomware Attack That Hit Seattle Airport
The Port of Seattle, which operates the SEA Airport, has confirmed that the August outage was the result of a ransomware attack.
September 16th, 2024 — Source

EasyDMARC Lands $20M for Email Security Authentication Tech
EasyDMARC lands venture capital funding after finding traction in the email security and authentication business.
September 16th, 2024 — Source

FBI, CISA Warn of Fake Voter Data Hacking Claims
Hackers keep making claims about voter information compromise, but the US government says they're just trying to sow distrust in the elections.
September 16th, 2024 — Source

Germany's CDU still struggling to restore data months after June cyberattack
Putting a spanner in work for plans of opposition party to launch a comeback during next year's elections
September 16th, 2024 — Source

Global coalition aims to boost cyber skills and tackle threats
Representatives from leading nations including the US and UK are meeting for three days of talks to focus on tackling global cyber threats and boosting cyber skills.
September 16th, 2024 — Source

Google Cloud Platform vulnerability discovered, prompting security update
A recent discovery of a remote code execution (RCE) vulnerability in Google Cloud Platform (GCP) has raised new concerns about cloud security. Known as "CloudImposer," the vulnerability was revealed by Tenable Research and could have allowed malicious attackers to compromise millions of servers using GCP's Cloud Composer service. Google has since patched the issue.
September 16th, 2024 — Source

Inspired by squids and octopi, a new screen stores and displays encrypted images without electronics
Inspired by squids and octopi, a new screen stores and displays encrypted images without electronics
September 16th, 2024 — Source

Ivanti CSA Vulnerability Exploited in Attacks Days After DIsclosure
The Ivanti Cloud Service Appliance vulnerability CVE-2024-8190 has been exploited in the wild, with attacks starting just days after disclosure.
September 16th, 2024 — Source

Ivanti Vulnerability Again Forces Emergency Patches
Cloud Service Appliance Admin Panels Exposed a Pathway to the Internet for Hackers
September 16th, 2024 — Source or Source or Source or Source

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML -- a software component used by various apps for rendering web pages on Windows -- "was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024," Microsoft has revealed.
September 16th, 2024 — Source

More US Sanctions Against Predator Spyware Maker Intellexa
Intellexa Poised for a Comeback, Warn Researchers
September 16th, 2024 — Source or Source or Source

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors
The RansomHub ransomware gang has published 487 gigabytes of data allegedly stolen from Kawasaki Motors Europe's systems.
September 16th, 2024 — Source

Snowflake slams 'more MFA' button again -- months after Ticketmaster, Santander breaches
Now it's the default for all new accounts
September 16th, 2024 — Source

SolarWinds Patches Critical Vulnerability in Access Rights Manager
SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.
September 16th, 2024 — Source

Sourcepoint helps companies mitigate vulnerabilities across various privacy regulations
Sourcepoint announced significant enhancements to its compliance monitoring suite. These solutions are designed to help companies navigate the increasingly complex landscape of digital privacy laws and mitigate risks associated with the growing trend of tracker-based litigation.
September 16th, 2024 — Source

US cracks down on spyware vendor Intellexa with more sanctions
Today, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware.
September 16th, 2024 — Source

US government expands sanctions against spyware maker Intellexa
The U.S. government said Monday that it has issued fresh financial sanctions against five individuals and a corporate entity associated with spyware-making consortium Intellexa, months after the government sanctioned its founder.
September 16th, 2024 — Source or Source

US Indicts Chinese National for Phishing for NASA Tech
U.S. federal prosecutors indicted a Chinese national employed by a state-owned aerospace and defense conglomerate with a years-long phishing campaign aimed at extracting software developed for NASA.
September 16th, 2024 — Source

US Sanctions Intellexa Executives as Surveillance Spyware Crackdown Expands
Sanctions target five individuals linked to Intellexa Consortium as the US government expands its crackdown on commercial spyware merchants.
September 16th, 2024 — Source

Why Thoma Bravo Is Considering Taking SailPoint Public Again
Repeat IPOs Have Been Very Rare in Security - Don't Expect SailPoint to Change That
September 16th, 2024 — Source or Source or Source

Internet — Security Issues — September 15th, 2024

Identity governance: Balancing cost reduction with effective risk management
Cost reduction is a top priority for many organizations, leading to the adoption of various technologies to automate tasks and improve efficiencies for cost savings. However, minimizing risk should also be a key objective for every business.
September 15th, 2024 — Source

These popular Play Store apps request "dangerous permissions"
On Android, newly installed apps ask for a number of permissions when you run them for the first time. Many times, the permissions requested are essential for the app to function properly. However, some of these permissions are sensitive and could potentially lead to malicious activities like malware injection.
September 15th, 2024 — Source

Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
September 15th, 2024 — Source

Internet — Security Issues — September 14th, 2024

23andMe will pay $30 million to settle 2023 data breach lawsuit
Bad actors stole 6.9 million users' information from the DNA testing company in 2023.
September 14th, 2024 — Source

Companies aren't 'owning' their data
With a rapidly developing threat landscape, an increase in high-profile data breaches, the introduction of new legislation, and customer tolerance for poor data handling at an all-time low, the stakes are high for companies to have robust cybersecurity in place. However, despite their best efforts, companies are often found to not be doing enough to protect their assets.
September 14th, 2024 — Source

Internet — Security Issues — September 13th, 2024

1.3 million Android-based TV boxes backdoored; researchers still don't know how
Infection corrals devices running AOSP-based firmware into a botnet.
September 13th, 2024 — Source

Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks
Apple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys.
September 13th, 2024 — Source

Apple Suddenly Drops NSO Group Spyware Lawsuit
Apple said there's "too significant a risk" of exposing the anti-exploit work needed to fend off the very adversaries involved in the case.
September 13th, 2024 — Source

Apple wants to revoke its three-year-old lawsuit against spyware group
Three years ago, Apple sued the prominent spyware company NSO Group. But today, despite the legal proceedings still being unsettled, the company has changed course. Apple now wants the lawsuit withdrawn immediately.
September 13th, 2024 — Source

Cyber workforce size stalls despite skills shortages
New research from ISC2 shows that growth of the global cyber workforce has stalled at 5.5 million, but an estimated 10.2 million professionals are needed to effectively secure organizations.
September 13th, 2024 — Source

Data BreachesFortinet Data Breach Impacts Customer Information
Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.
September 13th, 2024 — Source

Eliminating the Need for Stored Credentials in Healthcare
Tina Srivastava, Co-Founder of Badge, on New Authentication Paradigms
September 13th, 2024 — Source or Source or Source or Source or Source

Fortinet confirms customer data breach
On Thursday, cybersecurity giant Fortinet disclosed a breach involving customer data.
September 13th, 2024 — Source

GitLab Updates Resolve Critical Pipeline Execution Vulnerability
GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw.
September 13th, 2024 — Source

House Report Shows Chinese Cranes a Security Risk to US Ports
A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.
September 13th, 2024 — Source

Irish Data Protection Commission Probes Google's AI Model
Inquiry Launched to Determine the Company's Compliance With GDPR
September 13th, 2024 — Source or Source or Source or Source or Source

ISMG Editors: Will Microsoft Rethink Windows Security?
Also: Mastercard's Big Acquisition and US Election Security Efforts
September 13th, 2024 — Source or Source

Microsoft wants to beef up Windows security to prevent CrowdStrike-like fiascos, but there are critical concerns: "A world where only Microsoft can provide effective endpoint security is not a more secure world"
Microsoft wants to develop a new platform for security vendors, but it's unclear if it will block their access to Windows in kernel mode.
September 13th, 2024 — Source

New 'Hadooken' Linux Malware Targets WebLogic Servers
The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families.
September 13th, 2024 — Source

New Linux malware Hadooken targets Oracle WebLogic servers
Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken," which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks.
September 13th, 2024 — Source

North Korean hackers target Python devs with malware disguised as coding tests — hack has been underway for a year
Fake Python job opportunities used to attack programmers
September 13th, 2024 — Source

Nudge Security unveils SSPM capabilities to strengthen SaaS security
Nudge Security unveiled new SSPM (SaaS security posture management) capabilities for its SaaS security and governance platform. This enhancement creates the industry's most comprehensive solution of its kind, combining SaaS discovery, security posture management, spend management, third-party risk, and identity governance in a single, self-service offering that deploys in minutes.
September 13th, 2024 — Source

Post-CrowdStrike catastrophe, Microsoft figures moving antivirus out of Windows kernel mode is a good idea
Existing low-level access for security solutions will undergo a rework
September 13th, 2024 — Source

Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel
Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe.
September 13th, 2024 — Source

Rain Technology protects consumers against visual hackers and snoopers at ATM terminals
Rain Technology announced ATM Switchable Privacy, designed to protect consumers against visual hackers and snoopers at ATM terminals in financial institutions, retail stores, restaurants, airports, and other public settings.
September 13th, 2024 — Source

RansomHub claims Kawasaki cyberattack, threatens to leak stolen data
Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.
September 13th, 2024 — Source

Remote Access Tool Sprawl Increases OT Risks
Over-Deployment of Tools Raises Security and Operational Concerns
September 13th, 2024 — Source or Source or Source or Source or Source

Strider Secures $55M to Fuel AI Growth and Global Expansion
Series C Funds to Fuel AI Research, Government Sector Investment and Global Growth
September 13th, 2024 — Source or Source or Source

TfL requires in-person password resets for 30,000 employees after hack
​Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person appointments to verify their identities and reset passwords following a cybersecurity incident disclosed almost two weeks ago.
September 13th, 2024 — Source

The Critical Role of Data at Rest Encryption in Cybersecurity
Data at rest encryption is vital in cybersecurity, securing stored data from unauthorized access and breaches. It ensures that even if data is stolen, it remains unreadable.
September 13th, 2024 — Source

UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy
The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.
September 13th, 2024 — Source

UK Teen Arrested Over Transport for London Hack
A 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.
September 13th, 2024 — Source

US Sanctions Russian Media for Secretly Funding Ukraine War
Biden Administration Hits Russian Media With More Sanctions for Covert Operations
September 13th, 2024 — Source or Source or Source or Source or Source

Want a 75 percent chance of breaking your app? Install a security patch
New research released from Endor Labs finds that security patches have a 75 percent chance of breaking an application.
September 13th, 2024 — Source

Your Eye Movement on Apple Vision Pro Can Give Away Your Passwords
Researchers have uncovered a big security flaw in Apple Vision Pro. The vulnerability, called GAZEploit, lets hackers decipher users' Vision Pro password and other passwors, PINs, and messages by analyzing their eye movements during virtual keyboard use.
September 13th, 2024 — Source

Internet — Security Issues — September 10th, 2024

Adaptiva enables users to instantly control patch rollouts
Adaptiva launched Flex Controls in OneSite Patch, which give users advanced management capabilities over their patch deployment processes, including the ability to immediately pause or cancel patch rollouts as well as rollback patches to previous versions or block unwanted patches.
September 10th, 2024 — Source

China-Linked Hackers Target Drone Makers
A Chinese-speaking threat actor tracked as Tidrone has been targeting military and satellite industries in Taiwan.
September 10th, 2024 — Source

CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)
The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 -- a recently fixed improper access control vulnerability affecting SonicWall's firewalls -- to its Known Exploited Vulnerabilities catalog, thus confirming it is being actively exploited by attackers.
September 10th, 2024 — Source

Commerce Unveils 'Scale' Tool to Tackle Supply Chain Risks
New Tool Uses 40 Indicators to Provide In-Depth Diagnostic Analysis, Officials Say
September 10th, 2024 — Source or Source or Source or Source or Source

CrowdStrike Has Yet to See Any Customer Lawsuits Over Outage
'We Don't Know How It's All Going to Shake Out,' Says CFO, 6 Weeks Post-Outage
September 10th, 2024 — Source or Source or Source or Source or Source

Darkhive Raises $21 Million for Drones, Secure Code Delivery System
Drone maker Darkhive has raised $21 million in a round led by cybersecurity-focused venture capital firm Ten Eleven.
September 10th, 2024 — Source

Epic AI Fails And What We Can Learn From Them
Large language models (LLMs) are trained on vast amounts of data to learn patterns and recognize relationships in language usage. But they can't discern fact from fiction.
September 10th, 2024 — Source

Has Your Facebook or Instagram Account Been Hacked? How to Find Out and What to Do
Meta offers easy ways to tell if someone's gotten into your account without you knowing.
September 10th, 2024 — Source

How to Harness the Power of GenAI and LLM Responsibly
Customer Roundtable - (APAC): Netskope Executive Exchange
September 10th, 2024 — Source or Source

Ketch helps media brands enable privacy-safe data activation
The digital media industry faces increasing challenges. Intense FTC scrutiny on targeted advertising, growing pressure to deliver precise, permissioned targeting, and the existential threat of AI-driven content all contribute to a rapidly shifting and highly competitive landscape.
September 10th, 2024 — Source

LOKKER's consent management solution blocks all unauthorized data collection on websites
LOKKER released a new consent management solution available in its Privacy Edge Platform. This builds on LOKKER's earlier release of its Consent Verification tool, which allows businesses to check whether their existing consent management platform is configured correctly.
September 10th, 2024 — Source

Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (CVE-2024-43491) that rolled back earlier CVE fixes.
September 10th, 2024 — Source

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes
Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update.
September 10th, 2024 — Source

Netskope accelerates cloud networking and security operations
Netskope announced several new innovations in the Netskope One platform, including expanded digital experience management (DEM) features and benefits.
September 10th, 2024 — Source

NoName ransomware gang deploying RansomHub malware in recent attacks
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate.
September 10th, 2024 — Source

P0 Security Banks $15M for Security Cloud Access
San Francisco secure cloud access startup gets backing from SYN Ventures, Zscaler, and Lightspeed Venture Partners.
September 10th, 2024 — Source

Quad7 Botnet Operators Expand Targets, Aim for Stealth
VPN Endpoints, Wireless Routers and Network-Attached Storage Devices Are Targets
September 10th, 2024 — Source or Source or Source or Source or Source

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software
The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to attempt disabling endpoint detection and response (EDR) services on target systems.
September 10th, 2024 — Source

SAP Releases 16 New Security Notes on September 2024 Patch Day
SAP has released patches for multiple missing authorization check and information disclosure vulnerabilities on its September 2024 Security Patch Day./span>
September 10th, 2024 — Source

Study Finds Excessive Use of Remote Access Tools in OT Environments
The excessive use of remote access tools in OT environments can increase the attack surface, complicate identity management, and hinder visibility.
September 10th, 2024 — Source

Top Security Flaws Hiding in Your Code Right Now and How To Fix Them
This article examines the three most common injection attack types: SQL injection, Deserialization Injection, and Logging Injection — and discusses ways to prevent them.
September 10th, 2024 — Source

Tufin improves security automation on Azure, GCP, and VMware clouds
Tufin Orchestration Suite (TOS) R24-2 ensures organizations' network operations are efficient, secure, and always audit-ready by automating complex tasks, enhancing security visibility, and driving compliance.
September 10th, 2024 — Source

UK ICO and NCA to Collaborate on Cyber Incident Preparedness
The British data protection authority and national law enforcement agency signed onto a cyber risk information-swapping agreement with the aim of improving cyber defenses and increasing reporting.
September 10th, 2024 — Source or Source

Usable data hacked from air-gapped computer
A team of software and information systems engineers at Ben-Gurion University of the Negev, in Israel, has demonstrated an ability to extract useful data from an air-gapped computer.
September 10th, 2024 — Source

Internet — Security Issues — September 9th, 2024

Researchers extract data from air-gapped PC by monitoring RAM's electromagnetic radiation
Effective up to 23 feet away
September 9th, 2024 — Source

TP-Link Omada Cloud Essentials: Centralized network management and monitoring
TP-Link launched Omada Cloud Essentials, a simplified, free cloud management option designed for surveillance networks, hostels, and large homes.
September 9th, 2024 — Source

Internet — Security Issues — September 7th, 2024

Despite cyberattacks, water security standards remain a pipe dream
White House floats round two of regulations
September 7th, 2024 — Source

Internet — Security Issues — September 6th, 2024

Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution.
September 6th, 2024 — Source

Cequence Security partners with Netskope to provide protection for business-critical APIs
Cequence Security announced a new partnership with Netskope. Through the partnership, Netskope customers can now leverage unique API threat intelligence from the Cequence Unified API Protection (UAP) platform to unlock insights into real-world threats and ultimately strengthen organizational security posture.
September 6th, 2024 — Source

Exposed: Russian military Unit 29155 does digital sabotage, espionage
The US Department of Justice has named five Russian computer hackers as members of Unit 29155 -- i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) -- which they deem resposible for the 2022 WhisperGate wiper malware attacks on Ukrainian government organizations and critical infrastructure, and subsequently computer network operations against NATO member and ally countries.
September 6th, 2024 — Source

ISMG Editors: How Arrest of Telegram CEO Affects Encryption
Also: AI's Role in Cybersecurity; New Fraud Prevention Rules
September 6th, 2024 — Source or Source or Source or Source or Source

Old habits, new threats -- Why more phishing attacks are bypassing outdated perimeter detection
Perimeter solutions such as Secure Email Gateways (SEGs) have long been a cornerstone of email security, historically serving as the primary line of defence against malicious emails entering an organization. Utilizing legacy technology such as signature and reputation-based detection, SEGs have provided pre-delivery intervention by quarantining malicious attacks before they reach the end recipient.
September 6th, 2024 — Source

Veza and HashiCorp join forces to help prevent credential exposure
Veza announced a partnership with HashiCorp to deliver an integrated solution for solving modern identity security challenges. Together, the Veza Access Platform and HashiCorp Vault empower joint customers to strengthen their identity security posture by bringing least privilege to the management of secrets and keys.
September 6th, 2024 — Source

Why is the world witnessing a surge in data breaches?
While the world of cybersecurity has always been fairly unpredictable, what's certain is that data breaches are on the rise. But what's driving this trend, how long will it continue, and what can organizations do about it?
September 6th, 2024 — Source

A Vulnerability in SonicWall SonicOS Management Access and SSLVPN Could Allow for Unauthorized Resource Access
A vulnerability has been discovered in SonicWall SonicOS Management Access and SSLVPN, which could allow for unauthorized resource access and in specific conditions, causing the firewall to crash. SonicOS is SonicWall's operating system designed for their firewalls and other security devices. Successful exploitation of the most severe of these vulnerabilities could allow for unauthorized access on the system. Depending on the privileges associated with the system, an attacker could then; view, change, or delete data.
September 6th, 2024 — Source

Absolute Purchases Syxsense to Tackle Cyber Vulnerabilities
Acquisition Brings Vulnerability Management to Absolute's Cyber Resilience Platform
September 6th, 2024 — Source or Source or Source or Source

Apache Makes Another Attempt at Patching Exploited RCE in OFBiz
The latest Apache OFBiz update patches CVE-2024-45195, a bypass of a recently disclosed remote code execution bug exploited in attacks.
September 6th, 2024 — Source

CISA Breaks Silence on Controversial 'Airport Security Bypass' Vulnerability
Researchers and the TSA have different views on the impact of vulnerabilities in an airport security application that could allegedly allow the bypass of certain airport security systems.
September 6th, 2024 — Source

Critical GeoServer Flaw Enabling Global Hack Campaigns
Targets Includes Technology, Government and Telecommunications Sectors
September 6th, 2024 — Source or Source or Source

Darktrace Chief to Step Down Ahead of £4.3B Thoma Bravo Takeover
In a major leadership shift, Poppy Gustafsson, CEO and co-founder of the British cybersecurity company Darktrace will step down.
September 6th, 2024 — Source

Feds Warn Health Sector to Patch Apache Tomcat Flaws
Healthcare Sector Heavily Relies on Open-Source Web Server; Older Flaws Pose Risk
September 6th, 2024 — Source or Source or Source or Source or Source

Modernize Your Security Architecture with SASE
Hybrid and remote working are now the norm, making it critical for organizations to provide secure access to the data, tools, and resources employees need to do their job wherever they choose to work. Legacy technologies don't provide the level of security and access control organizations need to combat today's sophisticated and deliberate cyberattacks.
September 6th, 2024 — Source

Recent SonicWall Firewall Vulnerability Potentially Exploited in the Wild
SonicWall is warning customers that the recently patched critical vulnerability CVE-2024-40766 may be exploited in the wild.
September 6th, 2024 — Source

Texas AG Hopes to Upend HIPAA Rules to Investigate Abortions
State Says HHS Erred by Shielding Reproductive Health Info From Law Enforcement
September 6th, 2024 — Source or Source

Transport for London outages drag into weekend after cyberattack
Transport for London, the government body overseeing the U.K. capital's public transit system, said it is experiencing online outages due to an "ongoing cyber security incident" set to drag into the weekend.
September 6th, 2024 — Source or Source

Underground Demand for Malicious LLMs Is Robust
So-Called Mallas Are Easily Bought or Rented
September 6th, 2024 — Source

US Gov Removing Four-Year-Degree Requirements for Cyber Jobs
The US government will remove "unnecessary degree requirements" in favor of skills-based hiring to help fill 500,000 open cybersecurity jobs.
September 6th, 2024 — Source

Veeam Patches Critical Vulnerabilities in Enterprise Products
Veeam has released patches for critical-severity vulnerabilities in Backup & Replication, ONE, and Service Provider Console.
September 6th, 2024 — Source

White House Launches Cyber, Tech and AI Hiring Sprint
'Service for America' Will Aim to Attract Diverse Candidates to the Cyber Workforce
September 6th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — September 3rd, 2024

3 Men Plead Guilty to Running Service That Bypasses MFA
Automated Service Helped Subscribers Trick Victims Into Sharing One-Time Codes
September 3rd, 2024 — Source or Source or Source or Source or Source

A lack of resources and talent leaves UK SMEs dangerously exposed
In the last few years, we have witnessed some of the most seismic changes to the IT security landscape -- from global pandemics and geopolitical issues to a global energy crisis, growing cybersecurity threats, multiple country elections, and subdued economic conditions. But regardless of stretched IT and cybersecurity budgets, and a significant IT skills shortage, threat actors continue to innovate as cyber threats evolve at breakneck speed.
September 3rd, 2024 — Source

ACI Worldwide partners with Red Hat to simplify payment operations
ACI Worldwide announced a collaboration with Red Hat to make ACI's cloud-native Enterprise Payments Platform available on any cloud infrastructure.
September 3rd, 2024 — Source

Bridging the Gap: How Developers and Security Professionals Can Collaborate for Better Cybersecurity
Experts at Black Hat 2024 reveal how developers and security pros can collaborate better: from shifting left to embracing AI and prioritizing user experience.
September 3rd, 2024 — Source

Building Trust Through "Zero Trust:" Transforming Organizational Security Culture
The zero-trust security model empowers developers to build and deploy applications with security as a core component.
September 3rd, 2024 — Source

CISO Conversations: Jaya Baloo From Rapid7 and Jonathan Trull From Qualys
CSOs Jaya Baloo and Jonathan Trull discuss the route, role, and requirements in becoming and being a successful CISO.
September 3rd, 2024 — Source

City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack
The City of Columbus sued a researcher who disclosed the impact of the data breach caused by a recent ransomware attack.
September 3rd, 2024 — Source

Clearview AI Fined $33.7 Million by Dutch Data Protection Watchdog Over 'Illegal Database' of Faces
Dutch agency said a database with billions of photos of faces amounted to serious violations of GDPR.
September 3rd, 2024 — Source

Critical flaw in Zyxel's secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sending a specially crafted cookie to the vulnerable devices.
September 3rd, 2024 — Source

FBI warns crypto firms of aggressive social engineering attacks
​The FBI warned today of North Korean hacking groups aggressively targeting cryptocurrency companies and their employees in sophisticated social engineering attacks to deploy malware designed to steal their crypto assets.
September 3rd, 2024 — Source

Google releases Pixel update to get rid of surveillance vulnerability
The security vulnerability was detailed in August and stems from an inactive piece of software intended for demos at Verizon stores.
September 3rd, 2024 — Source

Halliburton confirms data stolen in recent cyberattack
Oil and gas giant Halliburton has confirmed in a filing today to the Securities and Exchange Commission (SEC) that data was stolen in the recent attack linked to the RansomHub ransomware gang.
September 3rd, 2024 — Source or Source

Intel Responds to SGX Hacking Research
Intel has shared some clarifications on claims made by a researcher regarding the hacking of its SGX security technology.
September 3rd, 2024 — Source

Joint cybersecurity advisory warns of Iran-based attacks
The FBI and CISA say a significant percentage of foreign threat actors associated with the government of Iran are targeting several U.S. sectors, including healthcare and local governments, to obtain network access and deploy ransomware.
September 3rd, 2024 — Source

Kara Sprague joins HackerOne as CEO
HackerOne announced that it has appointed Kara Sprague to succeed Marten Mickos as CEO.
September 3rd, 2024 — Source

Microsoft Security Researchers Discover Chromium Vulnerability
Microsoft last week disclosed a sophisticated cyber campaign by a North Korean threat actor exploiting a zero-day vulnerability in the Chromium browser.
September 3rd, 2024 — Source

New HackerOne CEO Kara Sprague to Expand Beyond Bug Bounties
Sprague Replaces Veteran CEO, Plans to Double Down on PTaaS and AI Red Teaming
September 3rd, 2024 — Source or Source or Source

New 'Voldemort' malware infects by disguising itself to go undetected
A new malware camouflages itself with Google applications to sneak through security systems.
September 3rd, 2024 — Source

Number of active ransomware groups increases over 50 percent
A new report from dark web intelligence specialist Searchlight Cyber shows a 56 percent increase in the number of active ransomware groups this year compared to the first half of 2023, reflecting a diversification of the ransomware landscape.
September 3rd, 2024 — Source

Ping Identity strengthens security for federal agencies and government suppliers
Ping Identity announced the addition of key identity capabilities to its FedRAMP High & DoD IL5 offerings.
September 3rd, 2024 — Source

Quantifying Risks to Make the Right Cybersecurity Investments
CRQ Can Help Organizations Optimize Investment, Improve Resilience, Manage Threats
September 3rd, 2024 — Source or Source or Source or Source or Source

Radiology IT Vendor Hack Hits 4 Practices, 411,000 People
Tennessee-Based Specialty Networks Incident Is Latest Attack on Business Associates
September 3rd, 2024 — Source or Source or Source or Source or Source

Sextortion Scammers Try to Scare People by Sending Photos of Their Homes
If you got an email containing your address and a PDF with a photo of your street, don't freak out: it's a fake sextortion scheme.
September 3rd, 2024 — Source

The Knox Journals: The Passwordless Future of Security
Being productive has never been easier, thanks to our devices. From smartphones to smart homes, our lifestyles are now incredibly connected. But as this connectivity grows, so do concerns around device and data safety.
September 3rd, 2024 — Source

Transport for London confirms cyberattack, assures us all is well
Government body claims there is no evidence of customer data being compromised
September 3rd, 2024 — Source

Transport for London is dealing with a cyber security incident
Transport for London (TfL) has sent out notifications to customers on Sunday evening saying that they "are currently dealing with an ongoing cyber security incident."
September 3rd, 2024 — Source

US NTIA Probes Data Center Security Risks
Agency Publishes Notice Soliciting Comments on Potential Federal Response
September 3rd, 2024 — Source or Source

Veeam Software expands protection for Microsoft 365
Veeam Software announced Veeam Backup for Microsoft 365 v8, which delivers comprehensive and flexible immutability for Microsoft 365 data.
September 3rd, 2024 — Source

Verkada Agrees to $2.95M Civil Penalty With US FTC
Cloud-Based Security Camera Firm Pledges Better Security in US FTC Settlement
September 3rd, 2024 — Source or Source or Source or Source or Source or Source

VIVOTEK RealSight Engine improves images clarity in various scenarios
VIVOTEK has announced an upgrade to its comprehensive AI security solution with the release of the new AI feature, RealSight Engine.
September 3rd, 2024 — Source

VMware ESXi Servers Targeted by New Ransomware Variant from Cicada3301 Group
A number of similarities between Cicada3301 and ALPHV/BlackCat indicates that it could represent a rebrand or offshoot group.
September 3rd, 2024 — Source

Workload Protection in the Cloud: Why It Matters More Than Ever
Protecting cloud workloads is crucial as threats evolve and environments become more complex. Learn about effective Cloud Workload Protection (CWP) here.
September 3rd, 2024 — Source

Internet — Security Issues — September 2nd, 2024

A Chrome zero-day was being exploited by North Korean hackers
Google Chrome recently received a patch for a vulnerability targeting cryptocurrency platforms. The security hole was classified as zero-day, meaning it existed for a while without the company’s knowledge. Now, it is known that North Korean hackers took advantage of Chrome’s zero-day to inject malware and a rootkit.
September 2nd, 2024 — Source

Brazil Suspends Access to Elon Musk's X, Including via VPNs
Supreme Court Panel Upholds Ban, After X Failed to Appoint a Legal Representative
September 2nd, 2024 — Source or Source or Source or Source or Source

Complying with PCI DSS requirements by 2025
Version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS), which came into effect back in April, incorporates a few important changes to make it fit for the modern digital world, addressing how technologies, the threat landscape and payment processes have changed.
September 2nd, 2024 — Source

Crypto Hacks Surged in August, Exceeding $313M in Losses
In August 2024 over $313 million was lost to cyber thieves in a series of high-profile cyberattacks.
September 2nd, 2024 — Source

Five notorious cyberattacks that targeted governments
Warfare is no longer confined to physical battlefields. In the digital age, a new front has emerged—cyberspace. Here, countries clash not with bullets and bombs, but with lines of code and sophisticated malware.
September 2nd, 2024 — Source

How Ransomware Groups Weaponize Stolen Data
Attackers Are Turning Up the Heat on Targets Who Won't Pay
September 2nd, 2024 — Source or Source or Source or Source or Source

Inside CISA's Unprecedented Election Security Mission
CISA 'Committing More Resources Than Ever Before' to Election Infrastructure
September 2nd, 2024 — Source or Source or Source or Source or Source

Linux version of new Cicada ransomware targets VMware ESXi servers
A new ransomware-as-a-service (RaaS) operation is impersonating the legitimate Cicada 3301 organization and has already listed 19 victims on its extortion portal, as it quickly attacked companies worldwide.
September 2nd, 2024 — Source

North Korean Hackers Tied to Exploits of Chromium Zero-Day
Cryptocurrency Users Targeted in Latest Campaign Involving FudModule Rootkit
September 2nd, 2024 — Source or Source or Source or Source

Personhood Credentials: Everything to Know About the Proposed ID for the Internet
As AI bots get better at impersonating people, a group of researchers is offering a solution to combat online deception.
September 2nd, 2024 — Source

Red Team vs. Blue Team: Cybersecurity Roles Explained
Cybersecurity teams might not carry the same glamor as Premiership football or the electrifying atmosphere of an NFL Superbowl, but scoring your own goal by overlooking a server or device misconfiguration can catapult your organization into the spotlight for all the wrong reasons.
September 2nd, 2024 — Source

Zero Trust and Its Impact on Cybersecurity
With the rise of remote work and the dissolution of the traditional security perimeter, enterprises have shifted to a Zero-Trust model to improve security.
September 2nd, 2024 — Source

Internet — Security Issues — September 1st, 2024

Guide to Securing Your Software Supply Chain: Exploring SBOM and DevSecOps Concepts for Enhanced Application Security
Through continuous improvement of SBOMs and DevSecOps practices using open-source tools, organizations can enhance their app security and mitigate risks.
September 1st, 2024 — Source

Internet — Security Issues — August 31st, 2024

Voldemort malware is targeting Google Sheets & impersonating tax agencies
A new malware, identified as Voldemort, is targeting Google Sheets. It is also impersonating tax agencies from the U.S., Europe, and Asia to open and exploit multiple attack vectors.
August 31st, 2024 — Source

Internet — Security Issues — August 27th, 2024

Beyond the Obvious: Uncovering the Hidden Challenges in Cybersecurity
Explore often-overlooked cybersecurity challenges, from the human element to AI risks, as revealed by industry experts at Black Hat 2024.
August 27th, 2024 — Source

BlackSuit ransomware stole data of 950,000 from software vendor
Young Consulting is sending data breach notifications to 954,177 people who had their information exposed in a BlackSuit ransomware attack on April 10, 2024.
August 27th, 2024 — Source

Broadcom Unveils Enhancement to VMware's vDefend and Avi Load Balancer
With the rise of sophisticated threats, particularly those driven by generative AI (GenAI) and large language models (LLMs), traditional security approaches focusing solely on critical assets are no longer sufficient. Enterprises now require a comprehensive, multi-layered lateral security strategy emphasizing zero trust and strict adherence to the principle of least privilege.
August 27th, 2024 — Source

DigitalOcean unveils enhanced role-based access control
DigitalOcean announced updates to its role-based access control (RBAC), a method for managing user access to systems and resources within an organization by assigning permissions to roles rather than to individual users.
August 27th, 2024 — Source

Check Point to Buy External Risk Management Vendor Cyberint
Acquisition Will Enhance Security Operations, Expand Managed Threat Intel Solutions
August 27th, 2024 — Source or Source or Source or Source or Source

Chinese government hackers targeted US internet providers with zero-day exploit, researchers say
A group of hackers linked to the Chinese government used a previously unknown vulnerability in software to target U.S. internet service providers, security researchers have found.
August 27th, 2024 — Source

Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs
The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks.
August 27th, 2024 — Source

Cisco to Acquire AI Security Firm Robust Intelligence
Cisco intends to acquire Robust Intelligence, a California-based company that specializes in securing AI applications.
August 27th, 2024 — Source

Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites
A critical vulnerability in the WPML WordPress plugin could allow a remote attacker to execute arbitrary code on the server.
August 27th, 2024 — Source

Cribl Gets $319M on $3.5B Valuation to Boost Data Management
Google Ventures Leads Round as Sales of Cribl's Vendor-Agnostic Data Tools Grow
August 27th, 2024 — Source or Source or Source or Source or Source

CrowdStrike integrates Falcon cybersecurity with NVIDIA NIM Agent Blueprints to support secure generative AI development
CrowdStrike has announced its integration of the Falcon cybersecurity platform with NVIDIA NIM Agent Blueprints, aimed at helping developers securely utilize open-source foundational models and accelerate generative AI innovation.
August 27th, 2024 — Source

Cybersecurity Career Paths: Bridging the Gap Between Red and Blue Team Roles
Explore Blue versus Red Team roles in cybersecurity. See why Red Team roles are favored, learn training methods, and find ways to enhance Blue Team appeal.
August 27th, 2024 — Source

French Prosecutors Detail Motives For Telegram CEO Arrest
Activists Raise Concerns Over Privacy and Hostility to End-to-End Encryption
August 27th, 2024 — Source

or Source or Source or Source

Google Warns of Exploited Chrome Vulnerability
Google flags another high-severity vulnerability patched with the latest Chrome 128 release as exploited in the wild.
August 27th, 2024 — Source

Hackers infect ISPs with malware that steals customers' credentials
Zero-day that was exploited since June to infect ISPs finally gets fixed.
August 27th, 2024 — Source

Hillstone Networks launches StoneOS 5.5R11 to enhance threat protection
Hillstone Networks has launched the latest version of its operating system, StoneOS 5.5R11. This update includes over 200 new functionalities and improvements designed to enhance threat protection and facilitate enterprise network operations in an increasingly complex and demanding environment.
August 27th, 2024 — Source

Identity of Notorious Hacker USDoD Revealed
USDoD, the hacker known for high-profile data leaks, is a man from Brazil, according to CrowdStrike and others.
August 27th, 2024 — Source

Malware infiltrates Pidgin messenger's official plugin repository
The Pidgin messaging app removed the ScreenShareOTR plugin from its official third-party plugin list after it was discovered that it was used to install keyloggers, information stealers, and malware commonly used to gain initial access to corporate networks.
August 27th, 2024 — Source

McLaren Health: IT Operations Fully Back Online Post-Attack
Restoration Completed Days Ahead of Schedule But Still a Lot of Catch-Up Work to Do
August 27th, 2024 — Source or Source or Source or Source or Source

Microsoft Convenes Endpoint Security Firms Following CrowdStrike Incident
Microsoft has called together cybersecurity firms and government representatives for its Windows Endpoint Security Ecosystem Summit.
August 27th, 2024 — Source

Microsoft security tools questioned for treating employees as threats
Cracked Labs examines how workplace surveillance turns workers into suspects
August 27th, 2024 — Source

Park'N Fly notifies 1 million customers of data breach
Park'N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network.
August 27th, 2024 — Source

Phone scammers are using faked AI voices. Here's how to protect yourself
Modern AI tools can clone almost anyone's voice — and they're being used to scam people.
August 27th, 2024 — Source

Proton Drive now has a tier for business users
Business users will also enjoy double the storage space.
August 27th, 2024 — Source

PSA: Watch out for phishing attacks with fake banking app updates
A security researcher has discovered a phishing attack intended to fool iPhone users into installing what is claimed to be an update to their banking app.
August 27th, 2024 — Source

Ransomware Hackers Steal Medical Insurance Data of 1M People
Young Consulting Says Health Data Exposed; Ransomware Group Leaked Stolen Data
August 27th, 2024 — Source or Source or Source or Source

RSA Authenticator App improves cybersecurity for federal agencies
RSA announced new passwordless, phishing-resistant capabilities that meet stringent technical standards and can help public sector agencies, contractors, and systems integrators fulfill Executive Order 14028 and National Security Memo 8 to improve the nation's cybersecurity.
August 27th, 2024 — Source

Seattle Airport Blames Outages on Possible Cyberattack
The Port of Seattle, including the SEA Airport, is experiencing system outages likely caused by a cyberattack.
August 27th, 2024 — Source

Social Security data breach: 7 steps to take if you're affected, according to the Social Security Administration
Here's what you should do if you're one of the billions affected in the Social Security breach.
August 27th, 2024 — Source

Tech Orgs: UN Cybercrime Treaty Will Worsen Global Security
Cybersecurity Tech Accord Urges Nations to Reject the Treaty
August 27th, 2024 — Source or Source or Source or Source

The Knox Journals: Safeguarding Your Online Privacy With Galaxy Security
Secure Wi-Fi and Samsung Internet assure your privacy, wherever you go online
August 27th, 2024 — Source

US Marshals Service disputes ransomware gang's breach claims
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday.
August 27th, 2024 — Source

What does cybersecurity tool sprawl look like today?
Cybersecurity has become an increasingly important concern in the business world. After all, reports have found that 41 percent of businesses fell victim to a cyberattack in 2023. As the technology cyber attackers use to conduct their nefarious activities becomes more complex, so is the technology that IT professionals use to protect organizations and their data.
August 27th, 2024 — Source

When Convenience Costs: CISOs Struggle With SaaS Security Oversight
SaaS applications are so easy to use, the decision, and the deployment, is sometimes undertaken by the business unit user with little reference to, nor oversight from, the security team.
August 27th, 2024 — Source

Internet — Security Issues — August 26th, 2024

500k Impacted by Texas Dow Employees Credit Union Data Breach
The personal information of 500,000 Texas Dow Employees Credit Union members was compromised in the MOVEit hack last year.
August 26th, 2024 — Source

American Radio Relay League Paid $1 Million to Ransomware Gang
The American Radio Relay League (ARRL) says it paid out a $1 million ransom after falling victim to ransomware in May 2024.
August 26th, 2024 — Source

Auditors Uncover Lax FBI Hard Drive Disposal Practices
Hard Drives Slated For Destruction Kept in Open Cardboard Boxes
August 26th, 2024 — Source or Source or Source or Source or Source

Boosting online safety through behavioral nudges: Delay, remind, and secure
A new study led by Prof. Eyal Pe'er from the Federmann School of Public Policy at the Hebrew University of Jerusalem reveals that offering users the option to delay these tasks, combined with commitment nudges and reminders, significantly increases the likelihood of users eventually completing these important actions.
August 26th, 2024 — Source

China's Volt Typhoon Hackers Caught Exploiting Zero-Day in Servers Used by ISPs, MSPs
Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs.
August 26th, 2024 — Source

Credit Union Issues Belated MOVEit Data Breach Notification
Fifteen months after a massive supply-chain attack hit users of MOVEit secure file-transfer software, a credit union is issuing a data breach notification to victims.
August 26th, 2024 — Source or Source or Source or Source or Source

Cyberattacks on critical infrastructure increase 30 percent
Between January 2023 and January this year, critical infrastructure worldwide saw over 420 million attacks -- equivalent to 13 attacks per second -- marking a 30 percent increase from 2022.
August 26th, 2024 — Source

Exploring the U.S. 'Report a Vulnerability' Act: Expert Analysis
In 2014 and 2015, two interconnected cyberattacks targeted and breached the U.S. Office of Personnel Management (OPM), a federal agency. Data, including social security numbers of 21.5 million people, were stolen.
August 26th, 2024 — Source

French Authorities Arrest Telegram CEO Pavel Durov at a Paris Airport, French Media Report
French media reported that the warrant for Durov was issued by France at the request of the special unit at the country's interior ministry in charge of investigating crimes against minors.
August 26th, 2024 — Source

French Police Arrest Telegram CEO and Owner
Pavel Durov Reportedly Detained For Complicity Over Criminal Use
August 26th, 2024 — Source or Source or Source or Source

French police have arrested the founder of Telegram—what happens next could change the course of big tech
When Pavel Durov arrived in France on his private jet last Saturday, he was greeted by police who promptly arrested him. As the founder of the direct messaging platform Telegram, he was accused of facilitating the widespread crimes committed on it.
August 26th, 2024 — Source

Future cybersecurity incidents are almost a certainty, asserts US policy arm of global computing society
The Association for Computing Machinery's US Technology Policy Committee (USTPC) has released a "Statement on Mass Cybersecurity Incidents Likely to Recur (PDF)." On July 18, 2024, CrowdStrike, a US-based cybersecurity technology company, released a sensor configuration update which caused a global outage affecting an estimated 8.5 million computers.
August 26th, 2024 — Source

Georgia Tech Sued Over Alleged False Cybersecurity Reports to Win DoD Contracts
Complaint alleges that defendants submitted a false and fraudulent cybersecurity assessment score.
August 26th, 2024 — Source

Hitachi Vantara and Broadcom help organizations modernize their cloud infrastructure
Hitachi Vantara and Broadcom announced a new private and hybrid cloud solution. The co-engineered solution brings together Hitachi Vantara's integrated systems solution of Unified Compute Platform (UCP) RS with VMware Cloud Foundation to assist organizations in navigating the complexities brought on by substantial data proliferation and the escalating requirements of AI.
August 26th, 2024 — Source

Microsoft mistake blows up admins' inboxes with fake malware alerts
Legitimate emails misclassified in software snafu
August 26th, 2024 — Source

Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data
Patelco Credit Union has confirmed a data breach impacting many individuals after the RansomHub ransomware group stole some databases.
August 26th, 2024 — Source

Patelco notifies 726,000 customers of ransomware data breach
Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year.
August 26th, 2024 — Source

Seattle airport 'possible cyberattack' snarls travel yet again
No word yet on if ransomware is to blame
August 26th, 2024 — Source

Seattle-Tacoma Airport IT Outages Persist Into Day 3
Disruptions Affecting Website, Terminal Information Screens, Baggage Sorting System
August 26th, 2024 — Source or Source or Source or Source or Source

Seattle-Tacoma Airport IT systems down due to a cyberattack
The Seattle-Tacoma International Airport has confirmed that a cyberattack is likely behind the ongoing IT systems outage that disrupted reservation check-in systems and delayed flights over the weekend.
August 26th, 2024 — Source

Small Rural Alabama Hospital Reports Big 2023 Hacking Breach
Why Did it Take So Long to Notify Regulators and Affected Patients?
August 26th, 2024 — Source or Source or Source or Source or Source

Social Security data breach: 7 steps to take if you're affected, according to the Social Security Administration
Here's what you should do if you're one of the billions affected in the Social Security breach.
August 26th, 2024 — Source

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)
SonicWall has patched a critical vulnerability (CVE-2024-40766) in its next-gen firewalls that could allow remote attackers unauthorized access to resources and, in specific conditions, to crash the appliances.
August 26th, 2024 — Source or Source

SonicWall Patches Critical SonicOS Vulnerability
SonicWall has patched CVE-2024-40766, a critical SonicOS vulnerability that can lead to unauthorized access or a firewall crash.
August 26th, 2024 — Source

Space militarization could pose a challenge to global security, argues researcher

August 26th, 2024 — Source

US files lawsuit against Georgia Tech over cybersecurity failures, lab admin opposed the use antivirus software
Federal lawsuit alleges non-compliance with DoD security protocols
August 26th, 2024 — Source

Using 'chaos engineering' to make cloud computing less vulnerable to cyber attacks
Cloud computing has emerged as a crucial element in today's technology, serving as the backbone for global connectivity. It empowers businesses, governments, and individuals to employ and construct cloud-based services and forms the foundation for a huge range of systems we use every day, including telecommunications, transportation, health care, banking, and even streaming services.
August 26th, 2024 — Source

Vulnerabilities rise in first half of 2024
So far this year, vulnerabilities have risen by 11 percent and the availability of publicly known exploits has increased by six percent.
August 26th, 2024 — Source

Internet — Security Issues — August 25th, 2024

5 Of The Biggest Security Breaches To Ever Hit Microsoft
Microsoft is currently one of the world's biggest tech giants, and not solely because it is the vendor behind the most popular computing system out there. It is also a leading player in the burgeoning artificial intelligence game, cloud services, enterprise software, gaming, developer services, and more.
August 25th, 2024 — Source

Security Bite: Cybercrime projected to cost $326,000 every second by 2025
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art Apple-specific security solutions for fully automated Hardening & Compliance, Next Generation EDR, AI-powered Zero Trust, and exclusive Privilege Management with the most powerful and modern Apple MDM on the market. The result is a totally automated Apple Unified Platform currently trusted by over 45,000 organizations to make millions of Apple devices work-ready with no effort and at an affordable cost.
August 25th, 2024 — Source

Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
August 25th, 2024 — Source

Internet — Security Issues — August 22nd, 2024

Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira
Atlassian has released patches for nine high-severity vulnerabilities in Bamboo, Confluence, Crowd, and Jira products.
August 22nd, 2024 — Source

Australian Digital ID: TEx System Poised to Boost Security By Sharing Less Data With Businesses
Australia is building a digital ID and information verification system called Trust Exchange, or TEx, that will see the Government verifying customer details for businesses via a smartphone app.
August 22nd, 2024 — Source

Breach Roundup: Microsoft Fixed Copilot Studio Flaw
Also: Microsoft Recall; Microchip Technology Attack; FCC Fine for Deepfake Audio
August 22nd, 2024 — Source

or Source or Source or Source

Business security: Advancements in on-premise and online tech solutions
Biometric access control, video surveillance, and intrusion alarms enhance on-site protection by promptly addressing unauthorized access -- these advanced systems monitor who enters your facilities and allow for real-time responses to incidents.
August 22nd, 2024 — Source

China-Linked 'Velvet Ant' Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
Hackers gained access to the switch using valid administrator credentials, and then 'jailbroke' from the application level into the OS level.
August 22nd, 2024 — Source

CISA Warns of Exploited Vulnerabilities Impacting Dahua Products
CISA warns that attackers are exploiting two critical-severity authentication bypass vulnerabilities impacting multiple Dahua products./span>
August 22nd, 2024 — Source

Cisco Patches High-Severity Vulnerability Reported by NSA
A high-severity vulnerability in Cisco Unified CM and Unified CM SME could allow attackers to cause a denial-of-service (DoS) condition.
August 22nd, 2024 — Source

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800)
A critical vulnerability (CVE-2024-6800) affecting all currently supported versions of GitHub Enterprise Server (GHES) may allow attackers to gain unrestricted access to the instance's contents.
August 22nd, 2024 — Source

CrowdStrike Hits Back at Action1 Following $1 Billion Acquisition Rumors
CrowdStrike has denied having any significant acquisition talks with patch management firm Action1 following rumors of a $1 billion deal.
August 22nd, 2024 — Source

CrowdStrike's Market Share Bleed Makes Wells Fargo Upgrade Rival's PT By 53%
After the historic computer outage last year with global implications and one that impacted 8.5 million computers, Crowdstrike, the firm whose software was behind the disruption, is bleeding market share to rivals, according to Wells Fargo. In an analyst note released earlier today, Wells Fargo upgraded cybersecurity firm SentinelOne to Overweight from Equal-weight and bumped up its share price target by 53% to $29 from an earlier $19.
August 22nd, 2024 — Source

Cryptohack Roundup: Investors Sue Binance
Also: Malicious Chrome Extension; Mango Markets-SEC Settlement
August 22nd, 2024 — Source

or Source or Source or Source

Cyber Security and IT Leadership: A Growing Threat to Australia's Renewable Energy Efforts
Australia is rapidly embracing renewable energy. But for the nation to successfully leverage green energy, it is imperative to establish strong IT foundations.
August 22nd, 2024 — Source

EU Directive Network and Information Security (NIS2): Modernizing security compliance
Often perceived as a necessary evil in the past, organizations are taking an increasingly proactive and committed approach to the regulation of technology and cybersecurity. Many are even going a step further by embracing independent standards to fill any gaps legislation may not address or, while waiting for laws to catch up with new developments.
August 22nd, 2024 — Source

Enzoic for Active Directory enhancements help teams identify and remediate unsafe credentials
Enzoic released the latest version of Enzoic for Active Directory. The solution provides a frictionless way to continuously monitor, identify and remediate unsafe credentials by screening username and password combinations in Active Directory against Enzoic's dynamic database.
August 22nd, 2024 — Source

Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites
A critical vulnerability in the Litespeed Cache WordPress plugin can allow attackers to hack websites by creating an admin user.
August 22nd, 2024 — Source

Feds charge alleged negotiator for Russian ransomware group
Investigators linked Deniss Zolotarjovs to a ransomware group known as Karakurt.
August 22nd, 2024 — Source

Global Cyber Agencies Unveil New Logging Standards
Logging Best Practices Guidance Aims to Enhance Global Detection and Response
August 22nd, 2024 — Source or Source or Source or Source or Source

Hacker faces 81-month prison sentence for faking his death to avoid child support payments
Deadbeat dad was also selling compromised data on the dark web and filling out bank forms using other people's identities
August 22nd, 2024 — Source

Halliburton probes 'an issue' disrupting business ops
What could the problem be? Reportedly, a cyberattack
August 22nd, 2024 — Source

ISMG Editors: Social Engineering, Election Defense in AI Era
Also: Dangers of Malicious Code Embedded in ML Models; Is Ransomware in Decline?
August 22nd, 2024 — Source or Source or Source or Source or Source

Low Media Literacy: A Risk to Australia's Cybersecurity Landscape
Explore how low media literacy can have lingering repercussions on Australia's tech industry.
August 22nd, 2024 — Source

Manufacturing and industrial sectors most targeted by attackers
Manufacturing and industrial products remain the most targeted sectors by cyber threat actors in the first half of 2024, with 377 confirmed reports of ransomware and database leak hits in the first half of the year.
August 22nd, 2024 — Source

McAfee's AI deepfake detector will tell you if that video's a fake
Unfortunately, you must own a Lenovo PC with an NPU to take advantage of McAfee's new AI tool.
August 22nd, 2024 — Source

McDonald's Instagram Hack Leads to $700,000 Solana Crypto Scam
On August 21, cryptocurrency scammers successfully hacked the official McDonald's Instagram account.
August 22nd, 2024 — Source

New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google.
August 22nd, 2024 — Source

North Korean Hackers Pivot Away From Public Cloud
Kimsuky, or a Related Group, Deploys XenoRAT Variant
August 22nd, 2024 — Source or Source or Source or Source

Oil Giant Halliburton Confirms Cyber Incident, Details Scarce
US oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices.
August 22nd, 2024 — Source

Oil Services Giant Halliburton Disrupted by Hack Attack
Company Reportedly Instructs Staff to Not Connect to Internal IT Systems
August 22nd, 2024 — Source or Source or Source or Source or Source

Qilin ransomware now steals credentials from Chrome browsers
The Qilin ransomware group has been using a new tactic and deploys a custom stealer to steal account credentials stored in Google Chrome browser.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

Prism Infosec PULSE bridges the gap between penetration testing and red teaming
Prism Infosec launched its innovative PULSE testing service to enable organizations which may not have the bandwidth or resource to dedicate to a full-scale red team exercise to assess their defence capabilities against real-world threats.
August 22nd, 2024 — Source

Protect Your Alerts: The Importance of Independent Incident Alert Management
Hosting your incident alert management system separately from your primary cloud services is crucial for ensuring operational resilience.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

Ransomware batters critical industries, but takedowns hint at relief
Whether attack slowdown continues downward trend is the million dollar question that security researchers can't answer
August 22nd, 2024 — Source

" target="new" class="RM1">Source

Social Security data breach: 7 steps to take if you're affected, according to the Social Security Administration
Here's what you should do if you're one of the billions affected in the Social Security breach.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

This uni thought it would be a good idea to do a phishing test with a fake Ebola scare
Needless to say, it backfired in a big way
August 22nd, 2024 — Source

Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware
More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

U.S. charges Karakurt extortion gang's "cold case" negotiator
A member of the Russian Karakurt ransomware group has been charged in the U.S. for money laundering, wire fraud, and extortion crimes.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

Understanding the 'Morphology' of Ransomware: A Deeper Dive
Ransomware isn't just about malware. It's about brands, trust, and the shifting allegiances of cybercriminals.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

US Authorities Warn Health Sector of Everest Gang Threats
Group Claims a NY Surgical Center and a Nevada Medical Center Among Recent Victims
August 22nd, 2024 — Source or Source or Source or Source or Source

Wallarm API Attack Surface Management mitigates API leaks
Wallarm announced its latest innovation: API Attack Surface Management (AASM). This agentless technology transforms how organizations identify, analyze, and secure their entire API attack surface.
August 22nd, 2024 — Source

Whether attack slowdown continues downward trend is the million dollar question that security researchers can't answer
According to a new report, ransomware productivity has shown signs of leveling off in 2024, however, the frequency of attacks and ransom payments collected remains higher in the first half of 2024 compared to the same periods in 2022 and 2023.
August 22nd, 2024 — Source

" target="new" class="RM1">Source

YouTube has a new tool to help restore hacked channels: an AI chatbot
Access is limited to 'certain creators' but YouTube plans to eventually make the feature available to all users.
August 22nd, 2024 — Source

Internet — Security Issues — August 21st, 2024

$2.25M Settlement Reached in Atlantic General Hack Lawsuit
Nearly 137,000 People Affected in 2023 Ransomware Attack on Maryland-Based Hospital
August 21st, 2024 — Source or Source or Source or Source or Source

Arden Claims Service Reports Data Breach, 139,000 Affected
Personal information for about 139,000 individuals was stolen in October 2023 from class action settlement administrator Arden Claims Service.
August 21st, 2024 — Source

Critical Authentication Flaw Haunts GitHub Enterprise Server
GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.
August 21st, 2024 — Source

CrowdStrike unhappy with "shady commentary" from competitors after outage
Botched update leads to claims that competitors are "ambulance chasing."
August 21st, 2024 — Source

Cyberattack Disrupts Microchip Technology Manufacturing Facilities
Microchip Technology has disclosed a cyberattack impacting operations at some of its manufacturing facilities.
August 21st, 2024 — Source

Entrust KeyControl as a Service provides organizations with control of their cryptographic keys
Entrust unveiled KeyControl as a Service (KCaaS), providing organizations with control of their cryptographic keys while leveraging the benefits of the cloud.
August 21st, 2024 — Source

GenAI adoption surges amid concerns about security
Although enterprises are adopting GenAI in a big way, only five percent of the 1,000 cybersecurity experts responding to a new survey have confidence in the security measures protecting their GenAI applications even as 90 percent are actively using or exploring its use.
August 21st, 2024 — Source

Geofence Warrants Are 'Categorically' Unconstitutional | EFFector 36.11
School is back in session, so prepare for your first lesson from EFF! Today you'll learn about the latest court ruling on the dangers of geofence warrants, our letter urging Bumble to require opt-in consent to sell user data, and the continued fight against the UN Cybercrime Treaty.
August 21st, 2024 — Source

Google Cloud Unveils New Security Services and Capabilities
Several security-related enhancements have been announced at the 2024 Google Cloud Security Summit.
August 21st, 2024 — Source

Google Play Bug Bounty Program Shutting Down
Google is shutting down its Google Play Security Reward Program (GPSRP) after determining that it has achieved its goal.
August 21st, 2024 — Source

GitHub Enterprise Server vulnerable to critical auth bypass flaw
A critical vulnerability affecting multiple versions of GitHub Enterprise Server could be exploited to bypass authentication and enable an attacker to gain administrator privileges on the machine.
August 21st, 2024 — Source

Hackers steal banking creds from iOS, Android users via PWA apps
Threat actors started to use progressive web applications to impersonate banking apps and steal credentials from Android and iOS users.
August 21st, 2024 — Source

How to Account for Disinformation Risks in Election Security
CISO Lester Godsey on Building Custom Frameworks to Combat Election-Related Threats
August 21st, 2024 — Source or Source or Source or Source or Source

How to freeze your credit after a data breach
There are several ways you can protect yourself if you suspect your personal info has been compromised.
August 21st, 2024 — Source

In-Depth Look at AI and the Evolving Cyberthreat Landscape
The Strategies You Need to Tackle Modern Cyberthreats
August 21st, 2024 — Source or Source or Source or Source or Source

McAfee Deepfake Detector combats AI scams and misinformation
McAfee launched McAfee Deepfake Detector, the latest addition to the company's suite of AI-powered products.
August 21st, 2024 — Source

Microchip Technology manufacturing facilities impacted by cyberattack
American semiconductor manufacturer Microchip Technology Incorporated has had some of its business operations disrupted by a cyberattack.
August 21st, 2024 — Source

Microchip Technology suffers cyberattack — operations impacted while extent of attack is investigated
Output reductions is never good news for the semiconductor industry.
August 21st, 2024 — Source

Microsoft Copilot Studio Vulnerability Led to Information Disclosure
A vulnerability in Microsoft Copilot Studio exposed information on internal services shared among tenants, potentially impacting multiple customers.
August 21st, 2024 — Source

Microsoft's revised Recall AI feature will roll out to beta testers in October
Windows Insiders using Copilot+ PCs will be able to try a more secure version of the AI timeline.
August 21st, 2024 — Source

More than 3 in 4 Tech Leaders Worry About SaaS Security Threats, New Survey Reveals
The average enterprise uses 130 different SaaS applications today, up from 80 in 2020, according to Onymos.
August 21st, 2024 — Source

National Public Data breach: Do this to find out if your Social Security number has been leaked
Find out if your sensitive data is out in the open.
August 21st, 2024 — Source

National Public Data Cyber Attack: Massive Data Breach Exposed Countless Social Security Numbers and Personal Info
You can't prevent data breaches, but there are steps you can take to keep your identity safe.
August 21st, 2024 — Source

Perspectives and Trends on Transforming in the World of SASEHear network security leaders share their firsthand experiences of successful SASE adoption. Get practical insights, tips, and lessons learned to ease your own implementation process.

August 21st, 2024 — Source or Source or Source or Source or Source

Protecting connected, self-driving vehicles from hackers
Emerging self-driving vehicle networks that collaborate and communicate with each other or infrastructure to make decisions are vulnerable to data fabrication attacks, according to a University of Michigan-led study that also outlines preventive measures for fleet operators.
August 21st, 2024 — Source

QNAP adds NAS ransomware protection to latest QTS version
​Taiwanese hardware vendor QNAP has added a Security Center with ransomware protection capabilities to the latest version of its QTS operating system for network-attached storage (NAS) devices.
August 21st, 2024 — Source

Ransomware Again on Track to Achieve Record-Breaking Profits
Does That Mean Improved Defenses and Law Enforcement Disruptions Are Failing?
August 21st, 2024 — Source or Source or Source or Source or Source

Ransomware Gangs Are in Decline But Still Make Lots of Noise
RedSense's Bohuslavskiy and Smith on How Attacks on Healthcare Show Desperation
August 21st, 2024 — Source or Source or Source or Source or Source

Researchers Thrust a Virtual Stick Into the Bike Spokes
Wireless Gear Shifting System Is Vulnerable to Replay Attacks
August 21st, 2024 — Source or Source or Source or Source

RightCrowd introduces Mobile Credential Management feature
RightCrowd introduced Mobile Credential Management feature for RightCrowd SmartAccess. This solution transforms how organizations manage and control access, replacing traditional methods with a more secure, efficient, and cost-effective approach.
August 21st, 2024 — Source

Thousands of Apps Using AWS ALB Exposed to Attacks Due to Configuration Issue
As many as 15,000 applications using AWS Application Load Balancer (ALB) could be exposed to ALBeast attacks.
August 21st, 2024 — Source

Unlocking the Power of AI in Cybersecurity
As adversaries increasingly exploit AI, security practitioners must not fall behind. What does it take to unlock the full potential of AI in cybersecurity?
August 21st, 2024 — Source

Windows Recall crawls back for round two in October
Will the controversial Recall feature be the same as how it was initially presented?
August 21st, 2024 — Source

Internet — Security Issues — August 16th, 2024

After nearly 3B personal records leak online, Florida data broker confirms it was ransacked by cyber-thieves
Names, addresses, Social Security numbers, more all out there
August 16th, 2024 — Source

Are you blocking "keyboard walk" passwords in your Active Directory?
IT admins usually know what to watch out for when end users are creating weak, easy-to-guess passwords. However, a common yet overlooked type of weak password are keyboard walk patterns. A keyboard walk password typically refers to a password created by moving sequentially over the keyboard keys in a pattern that resembles walking.
August 16th, 2024 — Source

Cardiology Practice: Hack Affected 281,000 Patients, Docs
Breach Spotlights the Cyber Woes Faced by Other Medical Specialty Entities
August 16th, 2024 — Source or Source or Source or Source or Source

CISA warns critical SolarWinds RCE bug is exploited in attacks
CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support.
August 16th, 2024 — Source

Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign
Security researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables.
August 16th, 2024 — Source

Consolidation vs. Optimization: Which Is More Cost-Effective for Improved Security?
Security leaders are facing big decisions about how they use their monetary and people resources to better secure their environments.
August 16th, 2024 — Source

Copy2Pwn Zero-Day Exploited to Bypass Windows Protections
ZDI details a zero-day named Copy2Pwn and tracked as CVE-2024-38213, which cybercriminals exploited to bypass MotW protections in Windows.
August 16th, 2024 — Source

Critical Start helps organizations reduce cyber risk from vulnerabilities
Critical Start announced Critical Start Vulnerability Management Service (VMS) and Vulnerability Prioritization. These new offerings are a foundational pillar of Managed Cyber Risk Reduction, allowing organizations to assess, manage, prioritize, and reduce cyber risk exposure posed by vulnerabilities across their environments.
August 16th, 2024 — Source

Digital License Plates and the Deal That Never Had a Chance
Location and surveillance technology permeates the driving experience. Setting aside external technology like license plate readers, there is some form of internet-connected service or surveillance capability built into or on many cars, from GPS tracking to oil-change notices. This is already a dangerous situation for many drivers and passengers, and a bill in California requiring GPS-tracking in digital license plates would put us further down this troubling path.
August 16th, 2024 — Source

Enterprises need to update application security practices
Organizations urgently need to modernize their application security practices so that they can support growth and mitigate risks according to a new report.
August 16th, 2024 — Source

FBI says Iranian hackers are targeting both presidential campaigns
Feds say at least one person in Trump's camp fell victim to their phishing scheme.
August 16th, 2024 — Source

Fixing Unpatched Vulnerabilities Without Traditional Patches
Cato Networks Leader Etay Maor Explains Why Old Vulnerabilities Still Pose a Threat
August 16th, 2024 — Source

How to significantly improve your email security
More than 94% of all organizations reported email security incidents, and there’s a report claiming that roughly 35% of all malware was delivered through email. In other words, regardless if you’re a professional trying to run a business or a private person just operating in an online environment, you need to learn how to protect your email.
August 16th, 2024 — Source

In Other News: 400 CNAs, Crash Reports, Schlatter Cyberattack
Noteworthy stories that might have slipped under the radar: there are 400 CVE Numbering Authorities, crash reports can be a valuable source of information, and Schlatter was hit by a cyberattack.
August 16th, 2024 — Source

ISMG Editors: Who Isn't Hacking the US Election?
Also: The AI Voice Tech Debate; Highlights From the Black Hat 2024 Conference
August 16th, 2024 — Source or Source

National Public Data confirms breach exposing Social Security numbers
Background check service National Public Data confirms that hackers breached its systems after threat actors leaked a stolen database with millions of social security numbers and other sensitive personal information.
August 16th, 2024 — Source

National Public Data Cyber Attack: Massive Data Breach Exposed Countless Social Security Numbers and Personal Info
You can't prevent data breaches, but there are steps you can take to keep your identity safe.
August 16th, 2024 — Source

New Banshee Stealer macOS Malware Priced at $3,000 Per Month
Russian cybercriminals are advertising a new macOS malware, Banshee Stealer, capable of stealing passwords, browser data, and crypto wallets.
August 16th, 2024 — Source

Numerous manufacturers use insecure Android kernels, analysis shows
In an analysis of smartphones from 10 manufacturers, researchers at TU Graz have found that the Android kernels used are vulnerable to known attacks—so-called one-day exploits—despite existing protection mechanisms.
August 16th, 2024 — Source

Observations from Black Hat USA 2024, BSidesLV, and DEF CON 32
I recently spent six days in Las Vegas attending DEF CON, BsidesLV, and Black Hat USA 2024, where I had the opportunity to engage with and learn from some of the top security experts in the world.
August 16th, 2024 — Source

Pindrop Pulse Inspect analyzes and verifies whether media files contain synthetic speech
Pindrop launched Pindrop Pulse Inspect in Preview. This innovative tool, the latest addition to Pindrop’s deepfake detection Pindrop Pulse product family, can detect AI-generated speech in any digital audio file with 99% accuracy.
August 16th, 2024 — Source

Ransomware threats are on the rise, with LockBit 3.0 leading global attacks
That's despite the group's takedown earlier this year
August 16th, 2024 — Source

Russian Sentenced to 3 Years for Selling Stolen Identities
FBI Sting Identified Georgy Kavzharadze as Vendor on Illicit Slilpp Marketplace
August 16th, 2024 — Source or Source or Source

Security Experts Welcome NIST’s New Encryption Standards For Quantum Computers
Although quantum computing is not yet widespread, current encryption methods pose a significant risk of cyberattacks, the agency said.
August 16th, 2024 — Source

Tech support scammers impersonate Google via malicious search ads
Google Search ads that target users looking for Google’s own services lead them to spoofed sites and Microsoft and Apple tech support scams.
August 16th, 2024 — Source

The best security keys you can buy: Expert tested
Security keys provide a physical element of security for your online accounts. These affordable options combine safety and convenience to protect you from hackers and phishing attacks.
August 16th, 2024 — Source

Threat Actors Increasingly Target macOS, Report Finds
A new report from cyber threat intelligence company Intel471 reveals that threat actors are infiltrating macOS.
August 16th, 2024 — Source

UK Software Security Code of Practice Earns Mixed Reviews
Voluntary Code Could Be First Step to Regulation
August 16th, 2024 — Source or Source or Source or Source or Source

Unpatched Vulnerabilities Cause 60% of Cyber Compromises
Gutsy's John Morello on Ensuring Vulnerability Management Using Process Mining
August 16th, 2024 — Source or Source or Source or Source

Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks
Multiple Russian, Belarusian, and Western entities perceived as Russia’s enemies have been targeted in two recent spear-phishing campaigns.
August 16th, 2024 — Source

Why MDR Stalwart eSentire Is Looking to Sell Itself for $1B
Aging Technology and Rising Competition Have Created a Need for Greater Investment
August 16th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — August 14th, 2024

3 State AGs Fine Biotech Firm $4.5M for 2023 Hack
Investigators Highlight Enzo Biochem's Failure to Fix Known Security Risks
August 14th, 2024 — Source or Source or Source or Source or Source

8 big gotchas to watch out for in tech privacy policies
Get informed.
August 14th, 2024 — Source

460k Impacted by Kootenai Health Ransomware Attack
Kootenai Health says the personal and health information of over 460,000 individuals was stolen in a ransomware attack.
August 14th, 2024 — Source

AI/ML's Role in Cybersecurity: Balancing Innovation, Safety
Trail of Bits' Michael Brown on the Intersection of AI/ML and Cybersecurity Threats
August 14th, 2024 — Source or Source

Azure Health Bot Service Vulnerabilities Possibly Exposed Sensitive Data
Azure Health Bot Service vulnerabilities found by Tenable could have been exploited for lateral movement and may have allowed customer data exposure.
August 14th, 2024 — Source

Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities
Intel and AMD have each informed customers about dozens of vulnerabilities found and patched in their products.
August 14th, 2024 — Source

ClearSale introduces three solutions to protect businesses from fraud
ClearSale has announced a new portfolio of fraud prevention tools designed to meet the evolving needs of today's digital retail landscape.
August 14th, 2024 — Source

Cybersecurity Consulting: Is It the Right Career for You?
Explore the Wide Range of Categories and Services and What It Takes to Do the Job
August 14th, 2024 — Source or Source or Source or Source or Source

Cybersecurity flaws could derail high-profile cycling races
High-end bicycles used for high-profile road races such as the Tour de France are vulnerable to cybersecurity attacks targeting the bike's wireless gear shifting system.
August 14th, 2024 — Source

Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster
Three state attorneys general probed the company and found plenty to chastise
August 14th, 2024 — Source

Fortinet, Zoom Patch Multiple Vulnerabilities
Fortinet and Zoom have released patches for multiple vulnerabilities in their products, including high-severity bugs.
August 14th, 2024 — Source

France reports over 140 cyberattacks linked to Olympics
French authorities said on Tuesday that more than 140 cyberattacks were reported during the Paris Olympics, but none of them disrupted the competitions.
August 14th, 2024 — Source

Hacker Conversations: Tom Anthony and Scratching an Itch Without Doing Harm
Many hackers trace their origin to an interest in, and early exposure to, computers. Tom Anthony is no different.
August 14th, 2024 — Source

High-end racing bikes are now vulnerable to hacking
Researchers found security vulnerabilities that could let hackers mess with riders' gear shifters even from a short distance away.
August 14th, 2024 — Source

How to Tell the Difference Between a Virus and a False Positive
Hey there, Geeks! Have you ever downloaded a program only to have your antivirus scream "MALWARE!" at you? Yeah, we all have. As a website that offers tested, safe downloads, it's not uncommon for us to run into -- given how many new files we look at.
August 14th, 2024 — Source

ICS Patch Tuesday: Advisories Released by Siemens, Schneider, Rockwell, Aveva
ICS Patch Tuesday advisories have been published by Siemens, Schneider Electric, Rockwell Automation, Aveva and CISA.
August 14th, 2024 — Source

Intel Sells Its Arm Shares, Reduces Stakes in Other Companies
Intel has divested its entire stake in Arm Holdings during the second quarter, raising approximately $147 million. Alongside this, Intel sold its stake in cybersecurity firm ZeroFox and reduced its holdings in Astera Labs, all as part of a broader effort to manage costs and recover cash amid significant financial challenges.
August 14th, 2024 — Source

Iran Still Attempting to Hack US Elections: Google
Computing Giant Says APT42 Behind 'Small But Steady Cadence' of Phishing Emails
August 14th, 2024 — Source or Source or Source or Source or Source

Is China's Threat to US Critical Infrastructure Overblown?
Scythe CEO Bryson Bort on Why US Concerns About Chinese Attacks May Be Misplaced
August 14th, 2024 — Source or Source or Source or Source or Source

Is Lenovo a blind spot in US anti-China security measures?
Questions raised as one of the world's largest PC makers joins America's critical defense team
August 14th, 2024 — Source

Ivanti Neurons for Patch Management enhancements automate patching process
Ivanti announced new features for Ivanti Neurons for Patch Management to help expand patch settings configuration to allow for multiple parallel deployment tasks such as regular maintenance, priority updates and zero-day response.
August 14th, 2024 — Source

Ivanti Patches Critical Vulnerabilities in Neurons for ITSM, Virtual Traffic Manager
Ivanti has released patches for multiple vulnerabilities in Neurons for ITSM, Avalanche, and Virtual Traffic Manager, including critical bugs.
August 14th, 2024 — Source

Mayor of Columbus, Ohio, says ransomware attackers stole corrupted, unusable data
Hackers recently stole data from Ohio's largest city, but what they got was not usable and no personal information about city workers was made available online, the mayor said.
August 14th, 2024 — Source

Mimecast Acquires Aware to Advance Collaboration Security
Insights Bolster Human Risk Strategy, Target Insider Threat and Compliance Issues
August 14th, 2024 — Source or Source or Source or Source or Source

Navigating AI-Based Data Security Risks in Microsoft Copilot
Zenity's Michael Bargury on AI Prompt Injection and Copilot Security Flaws
August 14th, 2024 — Source or Source or Source

New study reveals loophole in digital wallet security—even if rightful cardholder doesn't use a digital wallet
Digital wallets—like Apple Pay, Google Pay and PayPal—are projected to be used by more than 5.3 billion people by 2026. While these wallets promote increased security over traditional payment methods, reliance on outdated authentication methods and prioritizing convenience over security leaves digital wallets vulnerable, according to new research led by computer engineers at the University of Massachusetts Amherst.
August 14th, 2024 — Source

NIST releases first encryption tools to resist quantum computing
The U.S. National Institute of Standards and Technology (NIST) has released the first three encryption standards designed to resist future cyberattacks based on quantum computing technology.
August 14th, 2024 — Source

Palo Alto Networks CEO apologizes for happy hour display featuring women with lampshades on their heads
Cybersecurity giant Palo Alto Networks is getting a lot of grief for a recent trade show event in which two women posed with lampshades on their heads. The debacle — which unflatteringly recalls the CES booth babes of the early '90s and 2000s — reportedly happened at a happy hour hosted by CyberRisk Collaborative and sponsored by Palo Alto.
August 14th, 2024 — Source

Proton has a plan to boost your online privacy. And your friend can benefit, too
The tech company's new plan looks to protect you and a friend or loved one online. Proton has also announced a Proton VPN browser extension.
August 14th, 2024 — Source

Safeguarding Democracy in the Digital Age: Insights from Day 1 at Black Hat 2024 and Las Vegas Officials
Explore global, national, and local cybersecurity challenges and their impact on democracy, with insights from Black Hat 2024 and Las Vegas officials.
August 14th, 2024 — Source

Secure Data Sharing Company Kiteworks Raises $456 Million
Secure data sharing solutions provider Kiteworks has raised $456 million in growth equity investment from Insight Partners and Sixth Street Growth.
August 14th, 2024 — Source

Surfshark releases first transparency report in bid to enhance user trust
More transparency means more trust in a VPN service.
August 14th, 2024 — Source

The Upside-Down, Topsy-Turvy World of Ransomware
Crowded Leak Site May Be a Weakness and Fewer New Players a Sign of Higher Quality
August 14th, 2024 — Source or Source or Source or Source or Source

The weirdest '3 billion people' data breach ever
A background check company allegedly leaked billions of rows of data, complete with Social Security numbers, but the data's accuracy is 'highly questionable.'
August 14th, 2024 — Source

There's a sneaky way to make your passwords more secure: emojis
Here's a creative tip that can instantly boost the complexity of your passwords without making them harder to memorize.
August 14th, 2024 — Source

Unconfirmed Hack of 2.9 Billion Records at National Public Data Sparks Media Frenzy Amid Lawsuits
National Public Data (NPD) is at the center of controversy with allegations of a massive data breach involving 2.9 billion records. Despite media coverage and a class action lawsuit, verifiable proof remains scarce
August 14th, 2024 — Source

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA
SecurityWeek spoke with Mike Britton, CISO at Abnormal Security, to understand what the company has learned about current social engineering and phishing attacks.
August 14th, 2024 — Source

Internet — Security Issues — August 8th, 2024

ADT confirms data breach after customer info leaked on hacking forum
American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum.
August 8th, 2024 — Source

AI Remediation by ArmorCode reduces DevSecOps friction and accelerates security fixes
ArmorCode has launched AI Remediation in its ArmorCode ASPM Platform to help resolve security issues faster, put security expertise in the hands of developers, and reduce DevSecOps friction.
August 8th, 2024 — Source

After the Dust Settles: Post-Incident Actions
After a cybersecurity incident, what should organizations do to learn from it and improve their security posture for the future?
August 8th, 2024 — Source

AppViewX and Utimaco team up to enhance cloud security with new lifecycle management solutions
AppViewX and Utimaco have partnered to offer cloud-delivered secure certificate and key lifecycle management solutions. Together, the companies will provide comprehensive, robust, and scalable platforms for certificate lifecycle management automation and secure code signing.
August 8th, 2024 — Source

AWS Patches Vulnerabilities Potentially Allowing Account Takeovers
AWS has patched vulnerabilities in several products, including flaws that could have been exploited to take over accounts.
August 8th, 2024 — Source

Black Hat and DEF CON Roundup 2024: CrowdStrike Accepts 'Epic Fail' Award
Black Hat and DEF CON are two of the major security conferences in the U.S., drawing large crowds of cyber and AI decision-makers to Las Vegas. Black Hat USA 2024 ran from Aug. 3-8, with most of the briefings occurring on Aug. 7 and 8; DEF CON 32 ran from Aug. 8-11. We're rounding up the enterprise business tech news from Black Hat and DEF CON that is most relevant for IT and tech decision-makers.
August 8th, 2024 — Source

Breach Roundup: Royal Ransomware Group On An Extortion Tear
Also: French Museum Ransomware Attack, Cisco Smart Install and SharpRhino Malware
August 8th, 2024 — Source or Source or Source

CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz.
August 8th, 2024 — Source

CISA warns of hackers abusing Cisco Smart Install feature
​On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommended disabling the legacy Cisco Smart Install (SMI) feature after seeing it abused in recent attacks.
August 8th, 2024 — Source

CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug
CrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution.
August 8th, 2024 — Source

Cryptohack Roundup: White Hats Hack Ronin Bridge
Also: Cryptonator, Crypto.com, Do Kwon Case Updates
August 8th, 2024 — Source or Source or Source or Source

Cyber Supply Chain Security and Third-Party Risk Management
Sujit Christy on Why Their Intersection Requires a Paradigm Shift
August 8th, 2024 — Source or Source or Source or Source or Source

Endor Labs launches Upgrade Impact Analysis and Magic Patches for SCA market
Endor Labs unveiled two capabilities, Upgrade Impact Analysis and Endor Magic Patches, that fix an expensive and time-consuming problem in the Software Composition Analysis (SCA) market.
August 8th, 2024 — Source

Encrypted Traffic: Highly Secure or a Bastian of Hidden Threats?
In the 2002 blockbuster Minority Report, pre-cognition allowed for the prediction of crimes before they occur, preventing them from happening in the first place.
August 8th, 2024 — Source or Source or Source or Source or Source

Entrust faces years of groveling to regain browsers' trust, say rival chiefs
Sectigo bosses claim it's only a matter of time before Microsoft and Apple drop Big E from their root stores too
August 8th, 2024 — Source

Home security giant ADT says it was hacked
ADT confirmed this week that it was recently hacked, compromising some customer data.
August 8th, 2024 — Source

Home security specialist ADT discloses data breach in SEC filing
Customer data including physical addresses and phone numbers was compromised
August 8th, 2024 — Source

How to Offer Secure IVR Banking and Authenticate Callers
Discover how to safeguard IVR banking from hackers and implement secure authentication methods for customer protection. Find out how these digital alternatives benefit both customers and agents.
August 8th, 2024 — Source

Immutability in Cybersecurity: A Layer of Security Amidst Complexity and Misconceptions
In modern security parlance, 'immutable' has three primary associations: immutable servers, immutable backup, and immutable data.
August 8th, 2024 — Source

Lessons unlearned -- the cybersecurity industry is stuck in the past
People can make mistakes, well-intentioned or otherwise, in any walk of life or industry. It happens all the time.
August 8th, 2024 — Source

McLaren Health Hit With Ransomware for Second Time in a Year
Clinicians Say Current Hack More Disruptive Than 2023 Attack
August 8th, 2024 — Source or Source or Source or Source or Source

Menlo Zero Trust Access enhancements boost enterprise browsing security
Menlo Security has unveiled enhancements to Menlo Zero Trust Access, the company's zero trust solution, which keeps enterprises steps ahead of adversaries. Simultaneously, the Menlo team released new findings as a follow up to the team's recently released Global Cyber Gangs Threat Report, revealing new, evasive threat tactics targeting the browser.
August 8th, 2024 — Source

Microsoft 365 anti-phishing alert "erased" with one simple trick
Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails "disappear".
August 8th, 2024 — Source

Moonly app exposed location of 6M users; potential Russian ties
The data of millions of users of Moonly, an astrology app, has been leaked. The list includes sensitive data such as GPS locations, birth dates, and email addresses, among others. Furthermore, it seems that the team in charge of the app hid close ties with Russia.
August 8th, 2024 — Source

MSP market turns to providing security solutions
New research suggests that managed service providers (MSPs), which have historically expected to manage IT infrastructure for their customers, are increasingly expected to protect this infrastructure too.
August 8th, 2024 — Source

"Perfect" Windows downgrade attack turns fixed vulnerabilities into zero-days
A researcher has developed a downgrade attack that can make Windows machines covertly, persistently and irreversibly vulnerable, even if they were fully patched before that.
August 8th, 2024 — Source

Proton Pass password manager adds identity data, biometric authentication
Proton's new features aim to save you time, reduce errors, and enhance security. The biometric authentication for Windows and MacOS is only supported in some plans.
August 8th, 2024 — Source

Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms
A security researcher says six companies were saved from having to pay potentially hefty ransom demands, in part thanks to rookie security flaws found in the web infrastructure used by the ransomware gangs themselves.
August 8th, 2024 — Source

Securonix and Cribl partner to enhance threat detection with advanced data integration
Securonix and Cribl announced a strategic partnership focused on providing customers with enhanced threat detection, based on a broader range of enterprise data being analyzed for AI-powered attacks.
August 8th, 2024 — Source

Stolen Credentials Have Turned SaaS Apps Into Attackers' Playgrounds
SaaS app log analysis highlights the rapid smash and grab raid: in, steal, and leave in 30 minutes.
August 8th, 2024 — Source

Thousands of industrial control devices exposed online
Recent attacks have highlighted the vulnerability of industrial control systems to attack and a new report has found 18,000 exposed devices that are likely used to control industrial systems.
August 8th, 2024 — Source

US elections have never been more secure, says CISA chief
Election tech is fine -- it's all those idiots buying into the propaganda that's worrying Jen Easterly
August 8th, 2024 — Source

US Offering $10 Million Reward for Iranian ICS Hackers
The US is offering up to $10 million for Iranian individuals accused of hacking water utility industrial control systems last year.
August 8th, 2024 — Source

US Water Cybersecurity Improvement Efforts at Loggerheads
Legal and Voluntary Methods Fall Short
August 8th, 2024 — Source or Source or Source or Source or Source

Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption
Vulnerabilities found in solar power systems could have been exploited by hackers to cause disruption and possibly blackouts.
August 8th, 2024 — Source

Internet — Security Issues — August 6th, 2024

5 devious ways malware can sneak past your PC's antivirus
Protect yourself against the trickery of a well-forged e-mail.
August 6th, 2024 — Source

62 percent of phishing emails pass DMARC checks
Phishing remains a significant threat to organizations. A new report from Darktrace shows 17.8 million phishing emails detected across its customer fleet between December 21, 2023, and July 5, 2024. Alarmingly, 62 percent of these emails successfully bypassed DMARC checks.
August 6th, 2024 — Source

Abnormal Security Raises $250 Million at $5.1 Billion Valuation
Email security firm Abnormal Security has raised $250 million in a Series D funding round at a $5.1 billion valuation.
August 6th, 2024 — Source

Bad apps bypass Windows security alerts for six years using newly unveiled trick
Windows SmartScreen and Smart App Control both have weaknesses of which to be wary
August 6th, 2024 — Source

Beware of this new phishing scam that could arrive in your mailbox
Phishing scams don't just happen on the internet anymore.
August 6th, 2024 — Source

Chinese APT Group Using DNS Poisoning for Espionage
StormBamboo Targeting Automatic Software Update Systems to Deploy Malware
August 6th, 2024 — Source or Source or Source or Source or Source

CrowdStrike and Delta fight over who's to blame for the airline canceling thousands of flights
Cybersecurity software company CrowdStrike is disputing Delta Air Lines over who is to blame for damage that the airline suffered after a global technology outage.
August 6th, 2024 — Source or Source

CrowdStrike Releases Root Cause Analysis of Falcon Sensor BSOD Crash
CrowdStrike says the Falcon sensor crash that blue-screened Windows machines was caused by a "confluence" of vulnerabilities and testing gaps.
August 6th, 2024 — Source

Cyberattack knocks Mobile Guardian MDM offline and wipes thousands of student devices
A cyberattack on Mobile Guardian, a U.K.-based provider of educational device management software, has sparked outages at schools across the world and has left thousands of students unable to access their files.
August 6th, 2024 — Source

EFF at the Las Vegas Hacker Conferences
Las Vegas is blazing hot and that means it's time for EFF to return to the hacker summer camp conferences—BSidesLV, Black Hat USA and DEF CON—to rally behind computer security researchers and tinkerers. EFF is glad to support members of this community all year long.
August 6th, 2024 — Source

Fall Guys is now in Fortnite's battle royale mode for a limited time
Blaze through an obstacle course in the sky to earn useful loot.
August 6th, 2024 — Source

Fighting Back Against Multi-Staged Ransomware Attacks Crippling Businesses
Modern ransomware attacks are multi-staged and highly targeted. First, attackers research the target organization and its employees.
August 6th, 2024 — Source

France's Grand Palais discloses cyberattack during Olympic games
The Grand Palais Reunion des musees nationaux (Rmn) in France is warning that it suffered a cyberattack on Saturday night, August 3, 2024.
August 6th, 2024 — Source

French Museum Network Hit by Ransomware Attack, but No Disruptions Are Reported at Olympic Events
A ransomware attack targeted the central data systems of Paris' Grand Palais and other museums in the Reunion des Musees Nationaux network.
August 6th, 2024 — Source

Hack on Arkansas Mental Health Provider Affects 375,000
Data Theft at Arisa Health Among Latest Attacks on Behavioral Health Clinics
August 6th, 2024 — Source or Source or Source or Source or Source

Hacker wipes 13,000 devices after breaching classroom management platform
A hacker has breached Mobile Guardian, a digital classroom management platform used worldwide, and remotely wiped data from at least 13,000 student's iPads and Chromebooks.
August 6th, 2024 — Source

How Akamai's Acquisition of Noname Enhances API Protection
Noname Security CEO Oz Golan on Strengthening API, Web Security Post-Acquisition
August 6th, 2024 — Source or Source or Source or Source or Source

Kimsuky and Andariel Target Seoul's Construction Industry
Espionage Groups Exploited Software Supply Chain Vulnerabilities to Widen Reach
August 6th, 2024 — Source or Source or Source or Source or Source

macOS Sequoia Makes It Harder to Override Gatekeeper Security
With macOS Sequoia, Apple is making it more difficult for users to override the built-in Gatekeeper security function to install Mac software.
August 6th, 2024 — Source

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year
Microsoft paid out $16.6 million to over 340 security researchers through its bug bounty programs over the past year.
August 6th, 2024 — Source

Microsoft CEO Satya Nadella says "Security is our No. 1 priority" but will need teamwork to make the dream work
Microsoft will now require every employee to chime in and help bolster security across its tech stack.
August 6th, 2024 — Source

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
August 6th, 2024 — Source

Not All MFA Is Equal: Lessons From MFA Bypass Attacks
Simply having MFA isn't enough if it can be bypassed. Here are some tips to move to phishing-resistant MFA without adding undue user friction.
August 6th, 2024 — Source

Olympic venue among 40 museums hit by ransomware attack: French police source
The Grand Palais, which is hosting Olympic events in Paris, and around 40 other museums in France were victims of a ransomware attack at the weekend, police sources told AFP Monday.
August 6th, 2024 — Source

Point of entry: Why hackers target stolen credentials for initial access
It's a common story: weak or reused passwords find their way online, with damaging consequences for organization. Criminals increasingly deploy stolen credentials to gain initial access to user accounts, bringing new demands for security.
August 6th, 2024 — Source

Ransomware gang targets IT workers with new RAT masquerading as IP scanner
Ransomware-as-a-service outfit Hunters International is wielding a new remote access trojan (RAT). "The malware, named SharpRhino due to its use of the C# programming language, is delivered through a typosquatting domain impersonating the legitimate tool Angry IP Scanner," Quorum Cyber researchers discovered.
August 6th, 2024 — Source

Ransomware groups develop more sophisticated business models
Ransomware groups continue to refine their craft, building and scaling business models that resemble legitimate corporate enterprises according to a new report.
August 6th, 2024 — Source

Ransomware Leads to $30M in Lost Income at Sonic Automotive
Numerous Dealers Disrupted by Attack Against Software Provider CDK Global
August 6th, 2024 — Source or Source or Source or Source or Source

Researchers unearth MotW bypass technique used by threat actors for years
Threat actors have been abusing a bug in how Windows handles LNK files with non-standard target paths and internal structures to prevent in-built protections from stopping malicious payloads and trick users into running them.
August 6th, 2024 — Source

Rockwell Controller Flaw Exposes Industrial Control Systems
Claroty Says Attackers Could Use Security Flaw to Bypass Trusted Slot Feature
August 6th, 2024 — Source or Source or Source

Samsung Bug Bounty Program Payouts Reach $5M, Top Reward Increased to $1M
Samsung has paid out nearly $5 million through its bug bounty program since 2017 and the tech giant announced that the top reward has increased to $1 million.
August 6th, 2024 — Source

Security firm warns that 'design weaknesses' in Windows Smart App Control mean it can be easily bypassed
Smart App Control is just one of various security features Microsoft has built into Windows 11. But while many users place faith in the tool to block malicious apps, Elastic Security Labs warns that it is fundamentally flawed.
August 6th, 2024 — Source

Sonic Automotive says ransomware-linked CDK software outage cost it $30M
Misery loves company -- all of its competitors were also negatively impacted
August 6th, 2024 — Source

Stellar Cyber launches Multi-Layer AI platform to enhance threat detection
Stellar Cyber is introducing Multi-Layer AI, incorporating four distinct technologies — machine learning (ML), graph ML, generative AI, and hyper automation — into a single unified platform that reduces threat detection and response time.
August 6th, 2024 — Source

Stock Sell-Off: CISO Global, Trend Micro, Okta Hardest Hit
12 Security Stocks Fared Worse Than the Nasdaq Monday, While Just 10 Did Better
August 6th, 2024 — Source or Source or Source or Source or Source

This $500 laser hacking device zaps chips to expose firmware secrets
Laser fault injection made open source and affordable
August 6th, 2024 — Source

Thousands of Devices Wiped Remotely Following Mobile Guardian Hack
Hackers targeted MDM firm Mobile Guardian and remotely wiped thousands of devices, but there is no evidence of data compromise.
August 6th, 2024 — Source

Zero-Day Vulnerability in Apache OFBiz Enables RCE
Flaws in Apache OFBiz Putting Critical Business Functions at Risk
August 6th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — August 3rd, 2024

CISA Names Lisa Einstein as First Chief AI Officer
Einstein has led CISA’s AI efforts since 2023 as CISA’s Senior Advisor for AI.
August 3rd, 2024 — Source

Ransomware in the global healthcare industry
The World Health Organization (The WHO) hosted a webinar on the 18 July to discuss the critical importance of cybersecurity in the healthcare sector, highlighting the severity of the situation the industry is currently facing. Healthcare organizations are increasingly relying on digital systems to facilitate their daily workflow, but the prevalence of outdated legacy technology in the sector is rendering it vulnerable to cyber-attacks with severe consequences.
August 3rd, 2024 — Source

Internet — Security Issues — August 2nd, 2024

Breaking the economy of trust: How busts affect malware gangs
It's hard to track down individuals, so why not disrupt the underground market itself?
August 2nd, 2024 — Source

CISA Warns of Avtech Camera Vulnerability Exploited in Wild
An Avtech camera vulnerability that likely remains unfixed has been exploited in the wild, according to CISA.
August 2nd, 2024 — Source

Cloudflare Tunnels Abused for Malware Delivery
Threat actors are abusing Cloudflare's TryCloudflare feature to create one-time tunnels for the distribution of remote access trojans.
August 2nd, 2024 — Source

CrowdStrike Faces Class Action Lawsuit Over Global IT Outage
Investors Say Cybersecurity Company Made False and Misleading Statements About Tech
August 2nd, 2024 — Source or Source or Source or Source or Source

Cybersecurity M&A Roundup: 25 Deals Announced in July 2024
Roundup of the more than two dozen cybersecurity-related merger and acquisition (M&A) deals announced in July 2024.
August 2nd, 2024 — Source

Cryptonator seized for laundering ransom payments, stolen crypto
U.S. and German law enforcement seized the domain of the crypto wallet platform Cryptonator, used by ransomware gangs, darknet marketplaces, and other illicit services, and indicted its operator.
August 2nd, 2024 — Source

EFF to Ninth Circuit: Don't Shield Foreign Spyware Company from Human Rights Accountability in U.S. Court
EFF filed an amicus brief in the U.S. Court of Appeals for the Ninth Circuit supporting a group of journalists in their lawsuit against Israeli spyware company NSO Group. In our amicus brief backing the plaintiffs' appeal, we argued that victims of human rights abuses enabled by powerful surveillance technologies must be able to seek redress through U.S. courts against both foreign and domestic corporations.
August 2nd, 2024 — Source

Feds Hit Ambulance Company With Big 'Right of Access' Fine
HHS OCR: The Firm Took More Than a Year to Provide a Patient With Requested Records
August 2nd, 2024 — Source or Source or Source or Source or Source

Google Breaks Promise to Block Third-Party Cookies
Last week, Google backtracked on its long-standing promise to block third-party cookies in Chrome. This is bad for your privacy and good for Google's business. Third-party cookies are a pervasive tracking technology that allow companies to snoop on your online activity for surveillance and ad-targeting purposes.
August 2nd, 2024 — Source

How AI Helps Strengthen Zero Trust Segmentation, Labeling
Illumio CEO Andrew Rubin Discusses the Role of Labeling in Effective Segmentation
August 2nd, 2024 — Source or Source or Source

How the Netherlands became a target for cyber espionage — and why Europe should be worried
From government secrets to stolen IP
August 2nd, 2024 — Source

In Other News: European Banks Put to Test, Voting DDoS Attacks, Tenable Exploring Sale
Noteworthy stories that might have slipped under the radar: over 100 European banks undergo cyber resilience test, DDoS attacks don't impact voting, and Tenable exploring a potential sale.
August 2nd, 2024 — Source

ISMG Editors: IBM Report Says Data Breach Costs Are Rising
Also: Check Point's New CEO; How the US Election Will Affect Federal Cyber Policy
August 2nd, 2024 — Source or Source or Source or Source or Source

Optus and Medibank Data Breach Cases Allege Cyber Security Failures
Australian regulators allege that cyber security failures at Optus and Medibank contributed to data breaches in 2022, leading to theft of sensitive customer data.
August 2nd, 2024 — Source

Over 35k Domains Hijacked in 'Sitting Ducks' Attacks
Threat actors have hijacked over 35,000 domains in five years because DNS providers fail to properly verify domain ownership.
August 2nd, 2024 — Source

Porn site BangBros apparently leaked millions of records, including user data
Security site Cybernews discovered the leak.
August 2nd, 2024 — Source

Preparing for the New EU AI Act: Key Compliance Steps
Attorney Jonathan Armstrong Discusses the AI Act's Impact on Global Organizations
August 2nd, 2024 — Source or Source or Source or Source or Source

Protect AI Raises $60 Million in Series B Funding
AI and ML security provider Protect AI has raised $60 million in a Series B funding round led by Evolution Equity Partners.
August 2nd, 2024 — Source

Reimbursement Strategies Drive Down APP Scam Losses in UK
Customer Reimbursement Guidelines Are Convincing Banks to Scrutinize Transactions
August 2nd, 2024 — Source or Source or Source or Source or Source

Russian Cybercriminals to Be Released in Major Prisoner Swap
US Agrees to Release Them in Exchange for Wrongfully Detained Americans, Others
August 2nd, 2024 — Source or Source or Source

Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers
A high-severity security bypass vulnerability tracked as CVE-2024-6242 has been found and fixed in Rockwell Automation Logix controllers.
August 2nd, 2024 — Source

Securonix unveils Cyber Data Fabric and Noise Canceling SIEM in EON suite
Securonix unveiled two new capabilities within the Securonix EON suite of AI-Reinforced capabilities: Cyber Data Fabric and Noise Canceling SIEM. These innovations bolster the Unified Defense SIEM solution empowering CyberOps teams to better respond to and counter the rise in sophisticated cyberattacks.
August 2nd, 2024 — Source

UK plans to revamp national cyber defense tools are already in motion
Work aims to build on the success of NCSC's 2016 initiative -- and private sector will play a part
August 2nd, 2024 — Source

US AI Safety Body to Get Early Access to OpenAI's Next Model
OpenAI Has Previously Been Criticized for Prioritizing Profits Over Safety
August 2nd, 2024 — Source or Source or Source or Source

Yes, Your Wi-Fi Can Get Hacked. Here's How to Secure Your Network
No network is ever fully secure, but you can certainly make it harder for hackers and Wi-Fi freeloaders to gain access. Here's how to secure your Wi-Fi.
August 2nd, 2024 — Source

Zeroing in on Zero Trust
How far along is your organization on its Zero Trust journey? If you're a CISO or other security leader, recent and forthcoming government mandates have added to the urgency of modernizing security posture in the face of today's complex threat landscape.
August 2nd, 2024 — Source or Source

Internet — Security Issues — July 31st, 2024

40 percent of BEC attacks are AI generated
Almost half (49 percent) of all detected spam emails are attributed to business email compromise (BEC) scams, with the CEO, followed by HR and IT, being the most common targets according to a new report.
July 31st, 2024 — Source

Android users, beware! Text message stealing malware is targeting smartphones to gain access to users' dataA sprawling SMS stealer campaign is utilizing Telegram bots and fake app ads to gain access to Android devices.

July 31st, 2024 — Source

Can you manage your passwords? Survey shows many feel overwhelmed yet overconfident about it
Sharing and reusing passwords remain common practices, unfortunately
July 31st, 2024 — Source

Certbot Is Now on 4 Million Servers, Maintaining Over 31 Million Websites
EFF's Certbot is now installed on over 4 million web servers, where it's used to maintain HTTPS certificates for more than 31 million websites. The recent achievement of these milestones helps show the success of the project and the important role it plays in the infrastructure of a secure and encrypted internet.
July 31st, 2024 — Source

Chrome adopts app-bound encryption to stymie cookie-stealing malware
Windows users now get macOS-grade secret security
July 31st, 2024 — Source

CISA and FBI: DDoS attacks won't impact US election integrity
​CISA and the FBI said today that Distributed Denial of Service (DDoS) attacks targeting election infrastructure will, at most, hinder public access to information but will have no impact on the integrity or security of the 2024 U.S. general election processes.
July 31st, 2024 — Source

CISA: AI Tools Give Feds 'Negligible' Security Improvements
Federal AI Security Tools Require Substantial Training, Offer Minimal Improvements
July 31st, 2024 — Source

City of Columbus Says Data Compromised in Ransomware Attack
The City of Columbus is investigating the scope of a data breach resulting from a thwarted ransomware attack.
July 31st, 2024 — Source

Clutch Security launches to transform management of NHIs
Clutch Security emerged from stealth and unveiled its Universal Non-Human Identity (NHI) Security Platform. The company also announced a $8.5 million funding round led by Lightspeed Venture Partners, with participation from Merlin Ventures, and notable angel investors.
July 31st, 2024 — Source

Company Paid Record-Breaking $75 Million to Ransomware Group: Report
Zscaler is aware of a company that paid a record-breaking $75 million ransom to the Dark Angels ransomware group.
July 31st, 2024 — Source

Contributing to Your Cybersecurity Team as an Informal Leader
How to Guide, Inspire and Support Your Team Without Having a Formal Leadership Role
July 31st, 2024 — Source or Source or Source or Source or Source

Cost of Data Breach in 2024: $4.88 Million, Says Latest IBM Study
The average cost of a data breach jumped to $4.88 million from $4.45 million in 2023, a 10% spike.
July 31st, 2024 — Source

CrowdStrike Faces Lawsuits From Customers, Investors
CrowdStrike is facing lawsuits from investors and customers following the incident that caused massive global outages.
July 31st, 2024 — Source

Cyber breach costs approach $10M, on average, but can be mitigated by defensive AI
Several factors combined to hit healthcare hardest again this year, but new research by the Ponemon Institute and IBM Security also found that using artificial intelligence in security reduced attacks' severity in terms of cost and recovery time.
July 31st, 2024 — Source

Cycode unveils Cycode AI to enhance ASPM platform with advanced security features
Cycode has unveiled Cycode AI, a suite of AI-powered features that are now embedded in the company's Complete ASPM platform. This integration empowers security teams and developers to increase productivity, accelerate velocity, and gain visibility into risk-prone gaps across the entire organization, effectively mitigating the growing threat of sophisticated code-driven attacks.
July 31st, 2024 — Source

Devo Technology launches data orchestration and SOC enhancements
Devo Technology is launching data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements, offering security teams data control, cost optimizations, and efficient automation.
July 31st, 2024 — Source

Differentiating Rate Limits in Apache APISIX
Learn how to implement rate limiting with Apache APISIX: set the rate limit on a route, and move it to individual consumers and consumer groups.
July 31st, 2024 — Source

DigiCert Revoking Many Certificates Due to Verification Issue
DigiCert is immediately revoking many certificates due to a domain validation issue, which could cause disruption to sites, apps and services.
July 31st, 2024 — Source

Ensuring quality in DORA compliance
In cyber security, the interplay between compliance and quality is crucial
July 31st, 2024 — Source

Epic's CEO Says "Find My" Is Apple's Surveillance Tool
Epic Games CEO Tim Sweeney is back at it again, this time by labeling Apple's Find My service as "super creepy surveillance tech." The executive shared a personal anecdote about tracking down a stolen Mac laptop to the thief's home using the service.
July 31st, 2024 — Source

Five months after takedown, LockBit is a shadow of its former self
An unprecedented period for an unparalleled force in cybercrime
July 31st, 2024 — Source

Fortanix expands Key Insight to enhance cryptographic security across hybrid environments
Fortanix announced a major expansion to the Key Insight solution, allowing organizations to discover, assess, and remediate their fragmented cryptographic security risks proactively. Key Insight can now scan on-premises services such as databases, storage, etc., making it the solution to discover encryption keys and data services across hybrid environments, including on-premises.
July 31st, 2024 — Source

Fraud ring pushes 600+ fake web shops via Facebook ads
A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information.
July 31st, 2024 — Source

Google ads push fake Google Authenticator site installing malware
Google has fallen victim to its own ad platform, allowing threat actors to create fake Google Authenticator ads that push the DeerStealer information-stealing malware.
July 31st, 2024 — Source

How Cribl Lake Transformed IT and Security Data Management
CEO Clint Sharp on Launching a Turnkey Data Lake Offering, AI Copilot Integration
July 31st, 2024 — Source or Source or Source or Source or Source

Human Risk and Email Security: New Mimecast CEO's Vision
Marc Van Zadelhoff Highlights Email Security Enhancements and International Growth
July 31st, 2024 — Source or Source or Source or Source or Source or Source

Innovative approach promises faster bug fixes
Modern software applications usually consist of numerous files and several million lines of code. Due to the sheer quantity, finding and correcting faults, known as debugging, is difficult. In many software companies, developers still search for faults manually, which takes up a large proportion of their working time. Studies indicate that this accounts for between 30 and 90 percent of the total development time.
July 31st, 2024 — Source

Lineaje secures $20 million in funding to address software supply chain issues
Lineaje has unveiled a landmark $20 million Series A funding round led by Prosperity7 Ventures, Neotribe, and Hitachi Ventures, alongside existing investor Tenable Ventures. This significant investment underscores the escalating global demand for robust software supply chain security solutions, recognizing Lineaje's innovative approach to addressing the critical challenges faced by enterprises across diverse industries.
July 31st, 2024 — Source

Massive OTP-Stealing Android Malware Campaign Discovered
Android malware can intercept and steal OTPs and login credentials, leading to complete account takeovers.
July 31st, 2024 — Source

Microsoft Azure Cloud Service Fails to Withstand DDoS Attack
Tech Giant Blames DDoS Defense Implementation Error for Failing to Mitigate Attack
July 31st, 2024 — Source or Source or Source or Source or Source

Microsoft Says Azure Outage Caused by DDoS Attack Response
Microsoft's response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages.
July 31st, 2024 — Source

Microsoft says massive Azure outage was caused by DDoS attack
Microsoft confirmed today that a nine-hour outage on Tuesday, which took down and disrupted multiple Microsoft 365 and Azure services worldwide, was triggered by a distributed denial-of-service (DDoS) attack.
July 31st, 2024 — Source

Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw
The CVE-2024-37085 vulnerability is present in ESXi hypervisors and can be used to deploy data-extortion malware.
July 31st, 2024 — Source

Microsoft says that a cyberattack triggered the hours-long outage impacting Azure customers
A global Microsoft Azure outage that impacted a range of services for consumers Tuesday—from reports of stalling Outlook emails to trouble ordering on Starbucks' mobile app—was triggered by a distributed denial of service cyberattack, according to the tech giant.
July 31st, 2024 — Source

Microsoft: DDoS defense error amplified attack on Azure, leading to outage
A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed.
July 31st, 2024 — Source

Nation-state actors exploit political tension to launch phishing campaigns
A new report from phishing protection specialist Bolster identifies 24 separate nation-state threat actor groups attempting to exploit rising political tensions across the US to interfere with the 2024 presidential elections.
July 31st, 2024 — Source

New Android malware wipes your device after draining bank accounts
A new Android malware that researchers call 'BingoMod' can wipe devices after successfully stealing money from the victims' bank accounts using the on-device fraud technique.
July 31st, 2024 — Source

New integrated risk analysis framework enhances cybersecurity for small- and medium-sized enterprises
A recent study introduces MARISMA, a new framework developed to address limitations in existing risk analysis models for cybersecurity. The study conducted by Prof. Antonio Santos-Olmo and his team identifies 10 major weaknesses in current models, leading to the development of MARISMA.
July 31st, 2024 — Source

New Securonix CEO Calls for Product Expansion, Global Growth
Kash Shaikh Seeks International Expansion, Opportunistic M&A Amid Tectonic Shifts
July 31st, 2024 — Source or Source or Source or Source or Source

NTIA Gives Nod to Unrestricted Open AI Model Access
Government Must to Prioritize Risk Evaluation of Dual-Use AI Models
July 31st, 2024 — Source or Source

OneBlood's virtual machines encrypted in ransomware attack
OneBlood, a large not-for-profit blood center that serves hospitals and patients in the United States, is dealing with an IT systems outage caused by a ransomware attack.
July 31st, 2024 — Source

Our Last Chance to Stop KOSA | EFFector 36.10
EFF is chugging along, continuing to push for your rights online! We're sending out a last call for supporters to tell Congress to vote NO on the Kids Online Safety Act, exposing the flaws of the UN Cybercrime Treaty, and continuing to update Privacy Badger to protect your privacy online.
July 31st, 2024 — Source

Ransomware attack disables computers at blood center serving 250 hospitals in southeast US
A not-for-profit blood center serving much of the southeastern United States is facing a ransomware attack, officials said Wednesday.
July 31st, 2024 — Source

Ransomware Attack Hits OneBlood Blood Bank, Disrupts Medical Operations
OneBlood, a non-profit blood bank serving more than 300 U.S. hospitals, has been hit by a disruptive ransomware attack.
July 31st, 2024 — Source

Ransomware Hit on Florida Blood Center Affects Supplies
OneBlood Is Urging Hundreds of Hospitals to Activate Shortage Protocols
July 31st, 2024 — Source or Source or Source or Source

Report highlights cyber risks to the aviation industry
It's fair to say that no industry is truly safe from cyber attacks these days, the aviation sector is at particular risk due to the volume of customer data it handles and the potential to cause widespread disruption.
July 31st, 2024 — Source

Security Researchers and Journalists at Risk: Why You Should Hate the Proposed UN Cybercrime Treaty
The proposed UN Cybercrime Treaty puts security researchers and journalists at risk of being criminally prosecuted for their work identifying and reporting computer system vulnerabilities, work that keeps the digital ecosystem safer for everyone.
July 31st, 2024 — Source

Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content
The US Senate has passed a bill to protect kids online and make tech companies accountable for harmful content.
July 31st, 2024 — Source

SideWinder Launches New Espionage Campaign on Ports
Cyberespionage Campaign Exploits a 7-Year-Old Microsoft Office Vulnerability
July 31st, 2024 — Source or Source

SMS Stealer malware targeting Android users: Over 105,000 samples identified
Zimperium's zLabs team has uncovered a new and widespread threat dubbed SMS Stealer. Detected during routine malware analysis, this malicious software has been found in over 105,000 samples, affecting more than 600 global brands. SMS Stealer's extensive reach poses significant risks, including account takeovers and identity theft.
July 31st, 2024 — Source

Sneaky Mandrake Malware Infiltrates Google Play Again To Spy On Android Devices
Android spyware dubbed Mandrake is back after being caught in 2020, managing to sneak back into the Google Play Store in 2022 and remaining available until spotted by Kaspersky in April of 2024. During those two years, Mandrake managed to accumulate 32,000 victims with the distribution of several apps, with the most popular being a Wi-Fi file sharing app called AirFS.
July 31st, 2024 — Source

Undersea internet cables connecting Australia to the world threatened by boats, spies, natural disasters
The Australian government this week announced it would spend A$18 million over four years on a new center aimed at keeping safe the undersea cables that power the nation's internet.
July 31st, 2024 — Source

UK Electoral Commission slapped for basic cybersecurity fails
It took 13 months to notice 40 million voters' data was compromised
July 31st, 2024 — Source

UK ICO Reprimands Electoral Commission for 2021 Hack Attack
Hackers Exploited ProxyShell Vulnerability to Compromise Commission Systems
July 31st, 2024 — Source or Source or Source or Source or Source

US Senate passes online child safety bills
KOSA and COPPA 2.0 could impact games platforms significantly
July 31st, 2024 — Source

Vulnerabilities Enable Attackers to Spoof Emails From 20 Million Domains
Vulnerabilities in hosted email services allow attackers to spoof the identity of senders, bypassing security measures.
July 31st, 2024 — Source

Western Sydney University Reveals Major Data Breach
Hackers Accessed the University's Storage Platform for Over 9 Months
July 31st, 2024 — Source or Source or Source

Why we need to change how we understand cyber risk [Q&A]
Cybersecurity is a high priority for organizations, yet often they're unsure if they're focusing their effort in the right places, and spending too much or too little on protecting themselves.
July 31st, 2024 — Source

World leading silver producer Fresnillo discloses cyberattack
​Fresnillo PLC, the world's largest silver producer and a top global producer of gold, copper, and zinc, said attackers gained access to data stored on its systems during a recent cyberattack.
July 31st, 2024 — Source

Internet — Security Issues — July 29th, 2024

10 simple security actions that keep you much safer online
These everyday online security tips are simple, fast, easy, and free.
July 29th, 2024 — Source

4.3 Million Impacted by HealthEquity Data Breach
HealthEquity says the personal and health information of 4.3 million individuals was compromised in a data
July 29th, 2024 — Source

Acronis Product Vulnerability Exploited in the Wild
Acronis warns of a critical-severity Acronis Cyber Infrastructure (ACI) vulnerability being exploited in attacks.
July 29th, 2024 — Source

Change Healthcare Begins to Notify Millions Affected by Hack
IT Services Vendor Is Sending Individual Letters to Victims on a Rolling Basis
July 29th, 2024 — Source or Source or Source or Source

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)
CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers.
July 29th, 2024 — Source

CrowdStrike caused Windows outage chaos for airports, banks, and more. Here's what happened
A massive IT outage is causing BSODs for millions of Microsoft users around the world. If you're affected, there is a workaround.
July 29th, 2024 — Source

CrowdStrike's cyber blunder could be warning of worse to come, say experts
Our laptops, desktops and phones, our businesses, data, emails, our access to internet information and services—really, anything digital that traverses cyberspace and passes through a computer server—are all dependent on support and protection from security companies whose staffing and software are sometimes imperfect.
July 29th, 2024 — Source

EFF's Concerns About the UN Draft Cybercrime Convention
The proposed UN Cybercrime Convention is an extensive surveillance pact that imposes intrusive domestic surveillance measures and mandates states' cooperation in surveillance and data sharing. It requires states to aid each other in cybercrime investigations and prosecutions, allowing the collection, preservation, and sharing of electronic evidence for any crime deemed serious by a country's domestic law, with minimal human rights safeguards.
July 29th, 2024 — Source

From sci-fi to state law: California's plan to prevent AI catastrophe
Critics say SB-1047, proposed by "AI doomers," could slow innovation and stifle open source AI.
July 29th, 2024 — Source

GitHub Network Fuels Malware Distribution Operation
Threat Actors Profit From GitHub's Inauthentic Accounts Network
July 29th, 2024 — Source or Source or Source or Source

Health Benefits Administrator Hack Affects 4.3 Million
Breach Was the Result of a Vendor's Compromised Credentials to Access SharePoint
July 29th, 2024 — Source

HealthEquity says data breach impacts 4.3 million people
HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people.
July 29th, 2024 — Source

Learning From CrowdStrike's Outage: Insights From Snyk's CEO
Peter McKay on Improving Developer Practices, Integrating Security and Cutting Risk
July 29th, 2024 — Source or Source or Source or Source or Source

Microsoft 365 users targeted by phishers abusing Microsoft Forms
There has been an uptick in phishing campaigns leveraging Microsoft Forms this month, aiming to trick targets into sharing their Microsoft 365 login credentials.
July 29th, 2024 — Source

Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw
VMware did not mention in-the-wild exploitation for CVE-2024-37085 but Microsoft says ransomware gangs are abusing the just-patched flaw.
July 29th, 2024 — Source or Source or Source

Multi-platform spyware provider Spytech gets hacked, revealing global scale of operations and swaths of unencrypted victim data
A somewhat karmic yet surprising turn of events.
July 29th, 2024 — Source

New Specula tool uses Outlook for remote code execution in Windows
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec.
July 29th, 2024 — Source

Phishing Campaign Exploited Proofpoint Email Protections for Spoofing
Threat actors have exploited Proofpoint's email protection service to deliver millions of spoofed phishing emails.
July 29th, 2024 — Source

Proofpoint settings exploited to send millions of phishing emails daily
A massive phishing campaign dubbed "EchoSpoofing" exploited now-fixed, weak permissions in Proofpoint's email protection service to dispatch millions of spoofed emails impersonating big entities like Disney, Nike, IBM, and Coca-Cola, to target Fortune 100 companies.
July 29th, 2024 — Source

Roll20's New Discord Integration Means One Less App Open On Game Nights
Roll for initiative.
July 29th, 2024 — Source

SecurityWeek Analysis: 178 Cybersecurity M&A Deals Announced in First Half of 2024
178 cybersecurity M&A deals were announced in the first half of 2024, the smallest half year number since SecurityWeek started tracking them.
July 29th, 2024 — Source

Selenium Grid Instances Exploited for Cryptomining
Wiz has detailed SeleniumGreed, a campaign in which threat actors target exposed Selenium Grid instances for cryptomining.
July 29th, 2024 — Source

Some good may come out of the CrowdStrike outage
Estimated financial losses due to the recent massive IT outage triggered by the faulty CrowdStrike update are counted in billions, but the unfortunate incident is having several positive effects, as well.
July 29th, 2024 — Source

Tech Orgs Feel 'Abandoned' as UN Finalizes Cybercrime Treaty
Leading Cybersecurity, Technology Companies 'Gravely Concerned' Over Cyber Treaty
July 29th, 2024 — Source or Source or Source or Source

UN cybercrime text faces new scrutiny from tech firms, rights groups
UN member states opened a two-week meeting Monday seeking to finalize an international treaty on the fight against cybercrime, a text strongly opposed by an unlikely alliance of human rights groups and big technology companies.
July 29th, 2024 — Source

WazirX to 'socialize' $230M security breach loss among customers
Indian cryptocurrency exchange WazirX announced on Saturday a controversial plan to "socialize" the $230 million loss from its recent security breach among all its customers, a move that has sent shock waves through the local crypto community.
July 29th, 2024 — Source

Why You Should Hate the Proposed UN Cybercrime Treaty
International UN treaties aren't usually on users' radar. They are debated, often over the course of many years, by diplomats and government functionaries in Vienna or New York, and their significance is often overlooked or lost in the flood of information and news we process every day, even when they expand police powers and threaten the fundamental rights of people all over the world.
July 29th, 2024 — Source

Internet — Security Issues — July 28th, 2024

AI can snoop on your computer screen using signals leaking from HDMI cables — researchers develop new AI model that enables using antennas for long-range attacks
Signal interception can be a problem, but not for most home computer users
July 28th, 2024 — Source

Four ways relentless hybrid attackers are targeting their prey
One way to understand the mind of hybrid attackers is to compare their behavior to the animal kingdom. They are predators using a relentless arsenal of tactics to hunt their prey across a large domain. Threat actors are the honey badger. A snake bite or a few bee stings might delay their attack for a moment, but they'll find a way to take down the entire hive and satisfy their appetite.
July 28th, 2024 — Source

Google email verification bypassed to breach Workspace accounts
Google has confirmed that its email verification system was bypassed. In other words, the malicious actors were able to circumvent security protocols.
July 28th, 2024 — Source

Secretive network exploits GitHub to spread malware and phishing links — nefarious actors attack from 3,000 shadow accounts
Dubbed Stargazer Goblin, the operation has at least 3,000 ghost accounts helping spread malware.
July 28th, 2024 — Source

Secure Boot rendered useless, over 200 PC models from different makers are affected
Making matters worse, many vendors have been recycling keys across product lines
July 28th, 2024 — Source

Technology's grip on modern life is pushing us down a dimly lit path of digital land mines
"Move fast and break things," a high-tech mantra popularized 20 years ago by Facebook founder Mark Zuckerberg, was supposed to be a rallying cry for game-changing innovation. It now seems more like an elegy for a society perched on a digital foundation too fragile to withstand a defective software program that was supposed to help protect computers—not crash them.
July 28th, 2024 — Source

Internet — Security Issues — July 27th, 2024

French Government Investigates Suspected Chinese Espionage
National Police Probe Botnet Campaign That Infected 3,000 Machines
July 27th, 2024 — Source or Source

Kaspersky Banned in the USA: What You Need to Know
Fresh on the heels of a TiKtok ban, the US Government has banned Kapsery Software in the US due to its ties to the Russian Government.
July 27th, 2024 — Source

National Vulnerability Backlog Could Surge to 30,000 by 2025
New Analysis Reveals Growing Crisis for the National Vulnerability Database
July 27th, 2024 — Source or Source

PKfail Is a Newly Discovered Pathway for Firmware Malware
UEFI Developer Leaked a Secure Boot Asymmetric Key
July 27th, 2024 — Source or Source

Securing the unknown: Future-proof cyber security
A recent article from Harvard Business Review explores the mindset of today's cyber hackers and explains why effective cybersecurity has become so challenging by outlining the three traits shared by every successful hacker: creativity, speed, and resourcefulness.
July 27th, 2024 — Source

WazirX to 'socialize' $230M security breach loss among customers
Indian cryptocurrency exchange WazirX announced on Saturday a controversial plan to "socialize" the $230 million loss from its recent security breach among all its customers, a move that has sent shock waves through the local crypto community.
July 27th, 2024 — Source

Internet — Security Issues — July 26th, 2024

5 Innovative Cybersecurity Measures App Developers Should Incorporate in the Digital Transformation Race
Digital transformation is key for organizations adapting to modern threats. In this article, I'll cover 5 measures app developers should incorporate.
July 26th, 2024 — Source

Acronis warns of Cyber Infrastructure default password abused in attacks
Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials.
July 26th, 2024 — Source

Ascension Files Placeholder Breach Report for May Hack
Meanwhile, Wait Continues for Change Healthcare's Breach Report in Massive Attack
July 26th, 2024 — Source or Source or Source or Source or Source

CrowdStrike Falcon Outage Exploited for Social Engineering
A widespread IT outage stemming from a defect found in a single CrowdStrike content update began at around 1:00 a.m. ET on July 19, 2024. The outage affected a significant number of Windows hosts globally, including direct impacts to U.S. State, Local, Tribal, and Territorial government entities. In an official statement, CrowdStrike advised they had isolated the issue and deployed a fix.
July 26th, 2024 — Source

CrowdStrike meets Murphy's Law: Anything that can go wrong will
And boy, did last Friday's Windows fiasco ever prove that yet again
July 26th, 2024 — Source

CrowdStrike Outage: 97% of Disrupted Endpoints Restored250,000 of the 8.5 Million Affected Windows Hosts Still Need to Be Recovered

July 26th, 2024 — Source or Source or Source or Source or Source

Crypto exchange Gemini discloses third-party data breach
Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed.
July 26th, 2024 — Source

Estimate Your Current or Expected Social Security Benefits With This Free Online Tool
This free online tool will help you estimate your Social Security benefits and so much more.
July 26th, 2024 — Source

French Government Investigates Suspected Chinese Espionage
National Police Probe Botnet Campaign That Infected 3,000 Machines
July 26th, 2024 — Source or Source or Source

HHS announces major new AI, cybersecurity and IT reorganization
Oversight for healthcare technology, data and AI policy and strategy will be grouped under the renamed ASTP/ONC, while the 405(d) cybersecurity program will move to the Administration for Strategic Preparedness and Response.
July 26th, 2024 — Source

How To Secure Your Angular Apps: End-To-End Encryption of API Calls
Explore an example of implementing end-to-end encryption of API calls in your secure web app built with Angular.
July 26th, 2024 — Source

IAM for MSPs Provider Evo Security Raises $6 Million
TechOperators leads a $6 million Series A funding round for Evo Security, a provider of IAM solutions for MSPs.
July 26th, 2024 — Source

In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison
Noteworthy stories that might have slipped under the radar: FBI article on agency's Cyber Action Team, data of Pentagon IT provider Leidos leaked, Nigerian cybercriminal sentenced to 12 years in prison.
July 26th, 2024 — Source

ISMG Editors: The CrowdStrike Outage - One Week Later
The Recovery Progress, Impact on Commercial and Public Sectors, and Lessons Learned
July 26th, 2024 — Source or Source

Ledger Flex: Secure self-custody with E Ink touchscreen display
Ledger today launched Ledger Flex, featuring secure E Ink touchscreen displays powered by Ledger's Secure OS. It's available to purchase for $249, shipping immediately.
July 26th, 2024 — Source

Master Cybersecurity With The Complete CompTIA Security+ SY0-701 Certification Kit by IDUNOVA
Prepare for your cybersecurity certification with comprehensive study materials (including 30 hours of videos and hands-on labs) and expert guidance.
July 26th, 2024 — Source

National Vulnerability Backlog Could Surge to 30,000 by 2025
New Analysis Reveals Growing Crisis for the National Vulnerability Database
July 26th, 2024 — Source or Source or Source

New microgrids model takes into account a fair design of decentralized energy systems
Local decentralized energy systems, known as microgrids, can make urban infrastructures more resilient and reduce risks for the population, for example, in large-scale power outages due to natural hazards or cyberattacks.
July 26th, 2024 — Source

PKfail Is a Newly Discovered Pathway for Firmware Malware
UEFI Developer Leaked a Secure Boot Asymmetric Key
July 26th, 2024 — Source or Source or Source

PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models
A vulnerability dubbed PKfail can allow attackers to run malicious code during the boot process, which can be used to deliver UEFI bootkits.
July 26th, 2024 — Source

Progress Patches Critical Telerik Report Server Vulnerability
Progress Software calls attention to a critical remote code execution flaw in the Telerik Report Server product.
July 26th, 2024 — Source

Russian ransomware gangs account for 69% of all ransom proceeds
Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000.
July 26th, 2024 — Source

Shane Buckley on How Gigamon Responded to CrowdStrike Outage
Observability and Defense-in-Depth Strategies in Focus After Faulty Software Update
July 26th, 2024 — Source or Source

Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks
Threat actors have started exploiting critical-severity vulnerabilities in ServiceNow shortly after public disclosure.
July 26th, 2024 — Source

US Offers $10 Million Reward for Information on North Korean Hacker
The US is offering a reward of up to $10 million for information on Rim Jong Hyok, a member of the North Korean hacking group APT45.
July 26th, 2024 — Source

Internet — Security Issues — July 24th, 2024

7 password rules to live by in 2024, according to security experts
The US Government has invested heavily in cybersecurity. Here's what the experts recommend you do when you need to create a new password - and one rule likely goes against what you've been told.
July 24th, 2024 — Source

57,000 Patients Impacted by Michigan Medicine Data Breach
Michigan Medicine is notifying roughly 57,000 individuals of a data breach impacting their personal and health information.
July 24th, 2024 — Source

A former Microsoft Software Engineer explains CrowdStrike's digital pandemic that left over 8.5 million Windows devices with annoying BSoD errors
"As a former CrowdStrike employee this is the best explanation I have heard and is 100% accurate," stated one of Dave's Garage viewers.
July 24th, 2024 — Source or Source

Almost three-quarters of US companies have a deepfake response plan
Given the level of worry around the influence of deepfakes -- as we reported yesterday -- it's perhaps not surprising to learn that companies are developing their own deepfake response plans.
July 24th, 2024 — Source

Check Point Snags Team8's Nadav Zafrir to Replace Gil Shwed
Check Point's 2nd CEO Since 1993 Arrives With Deep CISO Relationships, Sales Acumen
July 24th, 2024 — Source

CISA issues new PACs security advisory
The Homeland Security agency points to 13 vulnerabilities with the networked medical imaging and archiving systems that should be patched now. One dark web research firm says the U.S. and Brazil have the most internet-exposed PACs.
July 24th, 2024 — Source

Coalfire announces Cyber Security On-Demand portfolio
Coalfire announced its Cyber Security On-Demand portfolio to provide a flexible set of services that reduce cyber risks and remediate security vulnerabilities in customer environments.
July 24th, 2024 — Source

Craxel Black Forest Reaper boosts cyber defense for organizations
Craxel launched integrated cyber defense platform, Black Forest Reaper. Designed to revolutionize cyber defense capabilities for the world's largest cyber threat hunting enterprises, including U.S. government federal civilian agencies, the Department of Defense, Homeland Security, and the intelligence community, Black Forest Reaper offers speed, visibility, and price performance in combating cyber threats at scale.
July 24th, 2024 — Source

CrowdStrike blames bug for letting bad data slip through, leading to global tech outage
CrowdStrike is blaming a bug in an update that allowed its cybersecurity systems to push bad data out to millions of customer computers, setting off last week's global tech outage that grounded flights, took TV broadcasts off air and disrupted banks, hospitals and retailers.
July 24th, 2024 — Source

CrowdStrike blames bug that caused worldwide outage on faulty testing software
The faulty update caused an out-of-bounds memory read that triggered an 'unrecoverable exception.'
July 24th, 2024 — Source

CrowdStrike blames buggy testing software for disastrous update
A bug in the Content Validator -- a software element CrowdStrike relies on for testing and validating Rapid Response Content updates for its Falcon Sensors -- is (partly) why the faulty update wasn't caught in time, the company said./span>
July 24th, 2024 — Source

CrowdStrike Explains Why Bad Update Was Not Properly Tested
CrowdStrike has shared a preliminary incident review, explaining why the update that caused global chaos was not caught by testing.
July 24th, 2024 — Source

CrowdStrike finally explains in brief what caused the global Windows blue screen outage
Last week, an estimated 8.5 million Windows PCs got hit by a buggy CrowdStrike Falcon sensor software update which lead to BSODs (blue screen of deaths) on such affected systems with an error message "csagent.sys (PAGE_FAULT_IN_NONEPAGED_AREA)."
July 24th, 2024 — Source

CrowdStrike offered a $10 Uber Eats card to teammates and partners, but it got flagged for fraud
The cybersecurity firm tried to help out people who were stuck dealing with its outage.
July 24th, 2024 — Source

CrowdStrike: 'Content Validator' bug let faulty update pass checks
CrowdStrike released a Preliminary Post Incident Review (PIR) on the faulty Falcon update explaining that a bug allowed bad data to pass its Content Validator and cause millions of Windows systems to crash on July 19, 2024.
July 24th, 2024 — Source

Cybersecurity company Wiz walks away from Google's $23 billion buyout offer
What will it do instead?
July 24th, 2024 — Source

Daixin Gang Threatening to Leak 10 Million Ambulance Records
Data Theft Is Latest Cyberattack on an Emergency Medical Services Provider
July 24th, 2024 — Source or Source or Source

Dazz Scores Hefty $50M Investment for AI-Powered Risk Remediation Tech
The new financing brings the total raised by Dazz to $110 million as investors double down on bets in the cloud security remediation space.
July 24th, 2024 — Source

Email Gateway Security Gaps Enable New Malware Tactics
Static Scanning Limitations Usher Malware Onto Corporate Network
July 24th, 2024 — Source or Source or Source or Source

Event-driven optical encryption advances information security through neuromorphic imaging
In an era where the internet connects virtually every aspect of our lives, the security of information systems has become paramount. Safeguarding critical databases containing private and commercial information presents a formidable challenge, driving researchers to explore advanced encryption techniques for enhanced protection.
July 24th, 2024 — Source

Facing the security challenge of quantum computing [Q&A]
Now that we're beginning to overcome the obstacles to creating a commercially viable quantum computer it's important to consider the security threat that these vastly more powerful machines will pose.
July 24th, 2024 — Source

FBI Encountered Encryption Hurdles in Trump Shooting Probe
FBI Director: Phone Data Shows Shooter 'Became Very Focused on President Trump'
July 24th, 2024 — Source or Source

How Russia-linked malware cut heat to 600 Ukrainian buildings in deep winter
The code was used to sabotage a heating utility in Lviv at the coldest point in the year.
July 24th, 2024 — Source

How to Lead When a Crisis Occurs
Tips on Managing Public Relations in the Face of a Cyber Incident
July 24th, 2024 — Source or Source or Source or Source or Source

Is GhostEmperor Back? Sygnia Finds Clues in Recent Cyber Incident
Sygnia discovered what it believes to be a variant of the GhostEmperor infection chain leading to the Demodex rootkit -- which was first seen and described in 2021.
July 24th, 2024 — Source

KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack
American cybersecurity company KnowBe4 says a person it recently hired as a Principal Software Engineer turned out to be a North Korean state actor who attempted to install information-stealing on its devices.
July 24th, 2024 — Source

North Korean hacker got hired by US security vendor, immediately loaded malware
KnowBe4, which provides security awareness training, was fooled by stolen ID.
July 24th, 2024 — Source

Over 3,000 GitHub accounts used by malware distribution service
Threat actors known as 'Stargazer Goblin' have created a malware Distribution-as-a-Service (DaaS) from over 3,000 fake accounts on GitHub that push information-stealing malware.
July 24th, 2024 — Source

Patched Microsoft Defender flaw still being used to deliver information-stealing malware to vulnerable machines
It was patched in February, but out-of-date servers are at risk.
July 24th, 2024 — Source

Permit Share-If enables developers to implement secure collaboration features into their apps
Secure collaboration through access-sharing is a must-have feature in almost any modern application, from requesting to edit a document or viewing a widget in a dashboard to submitting wire transfers for approval.
July 24th, 2024 — Source

Reason Behind AT&T's Massive Network Outage Revealed That Blocked 25,000 Emergency Calls And Impacted 125 Million Devices
AT&T has been getting a lot of heat lately for network issues and the massive data breach that not only alarmed the company loyalists but raised some serious questions on data privacy and security. The cyber attack compromised almost all consumer call and text records.
July 24th, 2024 — Source

Senator: Top Banks Only Reimburse 38% of Unauthorized Claims
Bank Execs at Senate Hearing Defend Zelle Reimbursements, Payment Fraud Programs
July 24th, 2024 — Source or Source

Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
Siemens has released out-of-band updates to patch two potentially serious vulnerabilities in products used in energy supply.
July 24th, 2024 — Source

Time to Rethink Identity: What Security Leaders Need to Know
Why Focus on Identity Security Now?
July 24th, 2024 — Source or Source or Source

US CISA Urges BIND 9 Users to Address New DNS Exploits
Newly Discovered Security Flaws Can Trigger DNS Performance Issues, CISA Says
July 24th, 2024 — Source or Source or Source

Vanta Raises $150 Million at $2.45 Billion Valuation
Vanta has raised $150 million in a Series C funding round and it plans on using the money to fuel expansion and AI innovation.
July 24th, 2024 — Source

Verizon Subsidiary Settles With FCC for $16M Over Three Data Breaches
Verizon subsidiary TracFone Wireless settles for $16 million with the FCC over three old data breaches.
July 24th, 2024 — Source

Vulnerabilities in LangChain Gen AI Could Prompt Data Leak
Open-Source Company Issues Patches After Being Alerted by Palo Alto
July 24th, 2024 — Source or Source

Zest Security Aims to Resolve, Not Just Mitigate Cloud Risks
Zest Security emerged from stealth with $5 million funding and an AI-powered platform that resolves the root source of risk in the cloud.
July 24th, 2024 — Source

Internet — Security Issues — July 22nd, 2024

2024 Paris Olympics -- cybersecurity risks and top tips to keep data safe [Q&A]
In recent years, mobile devices have taken center stage and we've become mobile-first users, where mobile devices are our first choice for how we communicate, navigate, work, bank, take photos, shop and stay informed about the world around us. Our increased reliance on mobile phones is not without its risks.
July 22nd, 2024 — Source

A Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code Execution
A vulnerability has been discovered in Cisco Secure Email Gateway that could allow for remote code execution. Cisco Secure Email Gateway is an email security product that uses signature analysis and machine learning to identify and block malicious emails before they reach recipients inboxes. Successful exploitation could allow the attacker to replace any file on the underlying file system.
July 22nd, 2024 — Source

Application Security Startup Heeler Raises $8.5 Million in Seed Funding
Heeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology.
July 22nd, 2024 — Source

California Officials Say Largest Trial Court in US Victim of Ransomware Attack
The Superior Court of Los Angeles County, the largest trial court in the US, has been the victim of a ransomware attack.
July 22nd, 2024 — Source

Course 622: Cyber Security Risks for Travelling University Employees
This course will provide a cybersecurity training for universities across Canada for them to learn some strategies for staying cyber safe while travelling abroad.
July 22nd, 2024 — Source

CrowdStrike Disruption Restoration Is Taking Time
Microsoft's Tool Requires Physical Access, a 'Time-Consuming and Laborious Task'
July 22nd, 2024 — Source or Source or Source or Source or Source

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams
The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery.
July 22nd, 2024 — Source

CrowdStrike says more machines fixed as customers, regulators await details on what caused meltdownCybersecurity firm CrowdStrike says a "significant number" of the millions of computers that crashed on Friday, causing global disruptions, are back in operation as its customers and regulators await a more detailed explanation of what went wrong.

July 22nd, 2024 — Source

CrowdStrike's Response to Outage Will Minimize Lost Business
Technical Analysts Emphasize Need for Enhanced Security Testing, Quality Assurance
July 22nd, 2024 — Source or Source

Cybercrooks crafting solo careers in wake of ransomware takedowns
More baddies go it alone as trust in big gangs withers, claims Europol
July 22nd, 2024 — Source

E-Prescription Vendor Breach Affects 12.9 Million Aussies
MediSecure Data Theft Has an Impact on Nearly Half of Australia's Population
July 22nd, 2024 — Source or Source or Source or Source or Source

End-user cybersecurity errors that can cost you millions
In today's fast-paced organizations, end-users will sometimes try to take a shortcut. We've all been there — rushing to meet a deadline, juggling multiple tasks, or just trying to be helpful. But the reality is that letting even well-intentioned actions can come back to bite you.
July 22nd, 2024 — Source

Fake Websites, Phishing Appear in Wake of CrowdStrike Outage
Authorities Warn About Domains Targeting Victims Seeking to Restore Windows Devices
July 22nd, 2024 — Source or Source or Source or Source or Source

From ATMs to flights, epic IT crash leaves trail of destruction
In what will go down as the most spectacular IT failure the world has ever seen, a botched software update from cybersecurity firm CrowdStrike Holdings Inc. crashed countless Microsoft Windows computer systems around the world on July 19.
July 22nd, 2024 — Source

Global cops power down world's 'most prolific' DDoS dealership
One arrest was made weeks ago but no word on the suspect's identity yet
July 22nd, 2024 — Source

Heeler Security raises $8.5 million to boost application security
Heeler Security announced the successful closing of an $8.5 million Seed Series funding round, led by Norwest Venture Partners with significant participation from Storm Ventures.
July 22nd, 2024 — Source

LA County Superior Court closes doors to reboot justice after ransomware attack
Some rest for the wicked?
July 22nd, 2024 — Source

Linx emerges from stealth with $33M to lock down the new security perimeter: Identity
Identity management is one of the most common fulcrums around which security breaches have pivoted in the last several years. One of the main reasons it has become the gift that keeps on giving to malicious hackers is that it's a nightmare for organizations to track.
July 22nd, 2024 — Source

Linx Security Raises $33M to Tackle Digital Identity Threats
New York startup with roots in Israel banks a hefty $33 million early stage funding round.
July 22nd, 2024 — Source

Los Angeles Superior Court shuts down after ransomware attack
The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack.
July 22nd, 2024 — Source

Massive IT outage spotlights major vulnerabilities in the global information ecosystem
The global information technology outage on July 19, 2024, that paralyzed organizations ranging from airlines to hospitals and even the delivery of uniforms for the Olympic Games represents a growing concern for cybersecurity professionals, businesses and governments.
July 22nd, 2024 — Source

Microsoft releases easier CrowdStrike fix
Computers and services around the world are still impacted by the faulty CrowdStrike update.
July 22nd, 2024 — Source

Microsoft releases USB boot tool to fix CrowdStrike disaster
The CrowdStrike outage made international headlines on Friday as it disrupted the world. Fortunately, Microsoft has a tool that can get affected PCs working again.
July 22nd, 2024 — Source

Microsoft Sees 8.5M Systems Hit by Faulty CrowdStrike Update
Cybersecurity Vendor Reports 'A Significant Number Are Back Online and Operational'
July 22nd, 2024 — Source or Source or Source or Source or Source

Microsoft-CrowdStrike outage: How a single software update was able to cause IT chaos across the globe
The world as we know it increasingly relies on digital connectivity that, for the most part, works quietly and invisibly in the background. So how did a single software update bring down half the internet?
July 22nd, 2024 — Source

Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update
By now, most people are aware of -- or have been personally affected by -- the largest IT outage the world have ever witnessed, courtesy of a defective update for Crowdstrike Falcon Sensors that threw Windows hosts into a blue-screen-of-death (BSOD) loop.
July 22nd, 2024 — Source

New Play ransomware Linux version targets VMware ESXi VMs
Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines.
July 22nd, 2024 — Source

One small update brought down millions of IT systems around the world—it's a timely warning
This weekend's global IT outage caused by a software update gone wrong highlights the interconnected and often fragile nature of modern IT infrastructure. It demonstrates how a single point of failure can have far-reaching consequences.
July 22nd, 2024 — Source

Online child sex abuse material, boosted by AI, is outpacing Big Tech's regulation
Watchdogs say its a "stark vision of the future."
July 22nd, 2024 — Source

Police infiltrates, takes down DigitalStress DDoS-for-hire service
DDoS-for-hire service DigitalStress was taken down on July 2 in a joint law enforcement operation led by the United Kingdom's National Crime Agency (NCA).
July 22nd, 2024 — Source

Response and Remediation: How CIOs Reacted to IT Outage
CIOs Recommend Resilience Strategies in the Wake of Global CrowdStrike Outage
July 22nd, 2024 — Source or Source or Source or Source or Source or Source

Safety Equipment Giant Cadre Holdings Hit by Cyberattack
Safety equipment product maker Cadre Holdings was hit by a cyberattack that has impacted some of the company's operations.
July 22nd, 2024 — Source

Seattle health provider appeals to blood donors after CrowdStrike outage impacts collections
In the latest sign of the fallout from the CrowdStrike outage, Seattle-based Bloodworks Northwest says the incident delayed shipments of critical supplies and resulted in the cancellation of appointments for nearly 250 blood donors.
July 22nd, 2024 — Source

Small businesses grapple with global tech outages created by CrowdStrike
An owner of a consumer insights research firm couldn't pay her employees, make Friday's deadline to sign a contract for a new business or send key research to a key client. A psychiatrist, who runs a virtual mental health practice in Maryland, saw his business hobbled as some of his virtual assistants and therapists couldn't either make phone calls or log on to their computers.
July 22nd, 2024 — Source

Spain arrests three for using DDoSia hacktivist platform
The Spanish authorities have arrested three individuals for using DDoSia, a distributed denial of service platform operated by pro-Russian hacktivists, to conduct DDoS attacks against governments and organizations in NATO countries.
July 22nd, 2024 — Source or Watch Video

Suspected Scattered Spider Member Arrested in UK
UK authorities have arrested a 17-year-old suspected of being a member of the Scattered Spider cybercrime gang.
July 22nd, 2024 — Source

Two Members of LockBit Ransomware Group Plead Guilty in US Court
A Russian national and a dual Canadian and Russian national pleaded guilty in the US for roles in LockBit ransomware attacks.
July 22nd, 2024 — Source

Two Russians sanctioned over cyberattacks on US critical infrastructure
Supposed hacktivist efforts previously linked to the Kremlin's GRU
July 22nd, 2024 — Source or Source or Source

Who needs ransomware when a faulty software update can shut down critical infrastructure?
This should be the last security wake-up call for organizations.
July 22nd, 2024 — Source

Internet — Security Issues — July 20th, 2024

Conspiracy theories take off after global IT crash
From fearmongering about a looming "World War III" to false narratives linking a cabal of global elite to a cyberattack, a torrent of online conspiracy theories took off Friday after a major IT crash.
July 20th, 2024 — Source

CrowdStrike outage hits 8.5M Windows devices; Microsoft collaborates with Amazon and Google
The flawed update from cybersecurity software company CrowdStrike has affected 8.5 million Windows devices, Microsoft said in a post Saturday detailing its ongoing response to the extraordinary global IT outage.
July 20th, 2024 — Source

CrowdStrike Provides Remediation Guidance After Software Update Causes Worldwide IT Chaos
CrowdStrike on Saturday provided technical information and remediation guidance to help organizations impacted by the faulty software update that trigged massive IT outages across the globe on Friday.
July 20th, 2024 — Source or Source or Source

CrowdStrike/Microsoft Outage Latest Blow to Healthcare
Some EHRs Affected; Hospitals Cancel Patient Care in Latest Vendor Mega Incident
July 20th, 2024 — Source or Source

Elon Musk blames diversity efforts for the widespread CrowdStrike digital pandemic that stunted Microsoft services
Elon Musk holds diversity policies responsible for CrowdStrike's global tech meltdown.
July 20th, 2024 — Source

Fake Websites, Phishing Appear in Wake of CrowdStrike Outage
Authorities Warn About Domains Targeting Victims Seeking to Restore Windows Devices
July 20th, 2024 — Source or Source or Source or Source

Fix Released For Global IT Outage, But Many Systems Worldwide Still Offline
Microsoft Windows computers were faced with a grave situation yesterday. A faulty cybersecurity update caused a global outage, impacting thousands of PCs and servers, with the screens experiencing a Blue Screen of Death issue (BSOD). The outage has affected various sectors worldwide, including banks, airlines, businesses, and supermarkets, and IT admins worldwide are trying to find a fix. Although Crowdstrike and Microsoft have provided a standard fix, it could take a while for the issue to be fully resolved.
July 20th, 2024 — Source

ISMG Editors: What the CrowdStrike Outage Taught Us So Far
Panelists Discuss Immediate and Long-Term Impact of Global Outage
July 20th, 2024 — Source

Outage caused by CrowdStrike's disastrous update affected 8.5 million devices
The update left airlines, banks and major companies facing the blue screen of death.
July 20th, 2024 — Source

UK arrests suspected Scattered Spider hacker linked to MGM attack
UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective.
July 20th, 2024 — Source or Source

Unpacking how Alphabet's rumored Wiz acquisition could affect VC
Alphabet, the parent company of Google, is in advanced talks to acquire cybersecurity startup Wiz for $23 billion, the Wall Street Journal reported on Sunday. TechCrunch's sources heard similar and added that deal discussions could last into next week.
July 20th, 2024 — Source

Internet — Security Issues — July 19th, 2024

5 Best Endpoint Detection & Response (EDR) Solutions for 2024
Endpoint detection and response (EDR) software is the best way to detect, investigate, and respond to advanced attacks. Endpoint detection and response software is a security solution that protects against malware and other threats.
July 19th, 2024 — Source

Bad CrowdStrike update causes major outages of Microsoft systems worldwide
You'll doubtless be aware already of the major outages of Microsoft systems today causing problems for airports, rail operators, banks, retailers, broadcasters and more.
July 19th, 2024 — Source

Bad CrowdStrike Update Linked to Major IT Outages Worldwide
Organizations worldwide are reporting major outages due to Windows system crashes caused by a bad CrowdStrike update.
July 19th, 2024 — Source

Banks and Airlines Disrupted as Mass Outage Hits Windows PCs
CrowdStrike Confirms Faulty Software Update for Falcon Sensor, Is Deploying Fix
July 19th, 2024 — Source or Source or Source or Source or Source

CrowdStrike, Microsoft Outage Uncovers Big Resiliency Issues
In the Spotlight: Quality Assurance, Business Resilience, Single Points of Failure
July 19th, 2024 — Source or Source or Source or Source or Source

CrowdStrike/Microsoft Outage Latest Blow to Healthcare
Some EHRs Affected; Hospitals Cancel Patient Care in Latest Vendor Mega Incident
July 19th, 2024 — Source or Source or Source

Despite claims, Pinterest did not suffer a Major Data Leak
Pinterest has reached out to deny these claims that the social media giant suffered a Majo data breach affecting user data. Pinterest says there were no compromises and user data was never accessed.
July 19th, 2024 — Source

Faulty CrowdStrike update causes major global IT outage, taking out banks, airlines and businesses globally
CrowdStrike says a fix is on the way and global outage is ‘not a cyberattack’
July 19th, 2024 — Source

Faulty Windows cybersecurity update takes out banks, airlines and other major companies worldwide
An update from security giant CrowdStrike is to blame.
July 19th, 2024 — Source

Federal Agencies Scramble to Fix Massive Software Outage
CrowdStrike Outage Rekindles Concerns Over Federal Cybersecurity Contingency Plans
July 19th, 2024 — Source or Source or Source

From the Sphere to false cyberattack claims, misinformation runs rampant amid CrowdStrike outage
But according to a representative for the Sphere, this photo was digitally altered. The Sphere escaped unscathed from the CrowdStrike outage, which has affected computers running Windows across the global economy.
July 19th, 2024 — Source

How did one CrowdStrike mistake stop the world? We asked 3 experts.
Companies tried to do the right thing. Did it backfire?
July 19th, 2024 — Source

How to Tell the Difference Between a Virus and a False Positive
Hey there, Geeks! Have you ever downloaded a program only to have your antivirus scream "MALWARE!" at you? Yeah, we all have. As a website that offers tested, safe downloads, it's not uncommon for us to run into -- given how many new files we look at.
July 19th, 2024 — Source

ISMG Editors: AT&T's Ransom Payment in Snowflake Breach
Also: AI Bots in the Workplace; AI Regulations in the US and EU
July 19th, 2024 — Source or Source or Source or Source or Source

ISMG Editors: What the CrowdStrike Outage Taught Us So Far
Panelists Discuss Immediate and Long-Term Impact of Global Outage
July 19th, 2024 — Source or Source or Source or Source

Judge Dismisses Major SEC Charges Against SolarWinds and CISO
Judge dismissed SEC lawsuit charging SolarWinds and CISO Timothy Brown with hiding security problems before and after the SUNBURST supply chain compromise.
July 19th, 2024 — Source

Measuring Your Data’s Risk
Humans don’t deal with uncertainty well. When faced with the possibility of something happening, we like to think either: “Yes, this most definitely will happen,” or “No, this definitely won’t happen.” In reality, things are a bit more squishy.
July 19th, 2024 — Source

MediSecure Data Breach Impacts 12.9 Million Individuals
The personal and health information of 12.9 million was stolen in a ransomware attack at Australian digital prescription services provider MediSecure.
July 19th, 2024 — Source

MediSecure: Ransomware gang stole data of 12.9 million people
MediSecure, an Australian prescription delivery service provider, revealed that roughly 12.9 million people had their personal and health information stolen in an April ransomware attack.
July 19th, 2024 — Source

Microsoft CEO Satya Nadella drops statement about CrowdStrike outage
But it doesn't provide any answers yet.
July 19th, 2024 — Source

Microsoft outage updates: Crowdstrike issue still wreaking havoc despite fix
A fitting end to the week.
July 19th, 2024 — Source

Microsoft-CrowdStrike Outage Causes Chaos for Flights, Hospitals and Businesses Globally
A faulty cybersecurity update from CrowdStrike wreaked havoc across the medical and travel industries, with flights and medical procedures canceled and delayed.
July 19th, 2024 — Source

Millions of users affected by massive Pinterest data leak
Pinterest may have suffered a major data breach affecting millions of users. While the company has denied any breach of its system, a hacker has leaked a database allegedly containing 60 million rows of Pinterest user data.
July 19th, 2024 — Source

Ransomware Remains a Major Threat to Energy
Median Ransomware Attack Recovery Cost for Critical Infrastructure Is 4X Higher
July 19th, 2024 — Source or Source or Source or Source or Source

Recent Splunk Enterprise Vulnerability Easy to Exploit: Security Firm
SonicWall warns that a simple GET request is enough to exploit a recent Splunk Enterprise vulnerability.
July 19th, 2024 — Source

Russians plead guilty to involvement in LockBit ransomware attacksTwo Russian individuals admitted to participating in many LockBit ransomware attacks, which targeted victims worldwide and across the United States.

July 19th, 2024 — Source

Securing Healthcare: Minimizing Risk in an Ever-Changing Threat Landscape
Securing Healthcare: Minimizing Risk in an Ever-Changing Threat Landscape
July 19th, 2024 — Source or Source

SolarWinds Patches Critical Vulnerabilities in Access Rights Manager
SolarWinds has released patches for 13 vulnerabilities in Access Rights Manager, including eight critical bugs.
July 19th, 2024 — Source

The Cost of Underpreparedness to Your Business
When it rains, it pours. Few organizations are prepared for the data deluge caused by ransomware, but the organizations able to understand and limit data theft and have recoverable backups are the most resilient in the face of ransomware attacks.
July 19th, 2024 — Source or Source

Traffic light vulnerability could let hackers cause massive gridlocks, study finds
Bad actors can exploit old hardware to gain complete control over traffic lights
July 19th, 2024 — Source

UK cops arrest teen suspect in MGM Resorts cyberattack probe
17-year-old cuffed as FBI says it will 'relentlessly pursue' miscreants around the globe
July 19th, 2024 — Source or Source

Why Small Developer Tools Get Flagged as Malware and How to Safely Use Their Software
Understanding why false positives happen from the perspectives of both the author and the antivirus company can help you make better, more informed decisions.
July 19th, 2024 — Source or Watch Video

Workplaces plagued by risky security behavior
Research released by KnowBe4 shows that 75 percent of security professionals have witnessed employees displaying risky security behaviors at work and 62 percent admit to risky behavior themselves.
July 19th, 2024 — Source

Internet — Security Issues — July 18th, 2024

AI roundup: New applications for clinical documentation, patient access, cybersecurity
Rural providers are using use voice AI to manage administrative burden and the government funding NLP research into improving the cultural sensitivity of mental healthcare. Other companies, meanwhile, have announced new secure-by-design certifications.
July 18th, 2024 — Source

Atlantic Health System CIDO offers lessons on AI in cybersecurity
At the upcoming HIMSS AI in Healthcare Forum, Chief Information and Digital Officer Sunil Dadlani will speak to other C-suite leaders about bridging the gap between artificial intelligence-enabled security and cyber defense.
July 18th, 2024 — Source

Breach Roundup: North Korean Hackers Target macOS Users
Interpol Arrests 300, Seizes $3 Million From West African Financial Crime Gang
July 18th, 2024 — Source

Chinese Hacking Group APT41 Infiltrates Global Shipping and Tech Sectors, Mandiant Warns
Chinese government-backed hacking team caught breaking into organizations in shipping, logistics and automotive sectors in Europe and Asia.
July 18th, 2024 — Source

CIS Controls Ambassador Spotlight: Chirag Arora
CIS Controls Ambassador Spotlight: Chirag Arora
July 18th, 2024 — Source

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the password of any user on its Smart Software Manager On-Prem license servers (CVE-2024-20419).
July 18th, 2024 — Source

Cisco Patches Critical Vulnerabilities in Secure Email Gateway, SSM
Cisco has released patches for critical vulnerabilities in Secure Email Gateway and Smart Software Manager On-Prem.
July 18th, 2024 — Source

Costs associated with ransomware attacks are skyrocketing
Ransomware attacks cost both time and money
July 18th, 2024 — Source

Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments.
July 18th, 2024 — Source

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)
A recently fixed vulnerability (CVE-2024-36991) affecting Splunk Enterprise on Windows "is more severe than it initially appeared," according to SonicWall's threat researchers.
July 18th, 2024 — Source

Cryptohack Roundup: $230M WazirX Exploit in India
Also: Craig Wright, Be Seated. Will the Real Satoshi Nakamoto Please Stand Up?
July 18th, 2024 — Source or Source or Source

Ctera Raises $80 Million From PSG Equity
Ctera has received $80 million in primary and secondary funding from private equity firm PSG Equity.
July 18th, 2024 — Source

Cyber Fail: Attack of the Zombie APIs!
Also: Election Security Dysfunction; the Legacy of Government-Backed Spyware
July 18th, 2024 — Source or Source or Source or Source or Source

FIN7 sells improved EDR killer tool
The cybercrime-focused enterprise known as FIN7 (aka the Carbanak group) has come up with yet another trick to assure the effectiveness of its "EDR killer" tool, dubbed AvNeutralizer (i.e., AuKill) by researchers.
July 18th, 2024 — Source

Firms skip security reviews of major app updates about half the time
Complicated, costly, time-consuming -- pick three
July 18th, 2024 — Source

From Email to Human Behavior: Abnormal Security's Evolution
Co-Founder, CEO Evan Reiser Discusses New SaaS and Account Takeover Protections
July 18th, 2024 — Source or Source or Source or Source

Gen AI Spending Slows as Businesses Exercise Caution
High Implementation Costs and Hallucination Risks Curb AI Investments in 2024
July 18th, 2024 — Source or Source or Source or Source

Hackers could create traffic jams thanks to flaw in traffic light controller, researcher says
A security researcher says he found a flaw in a traffic light controller that would potentially allow malicious hackers to change the lights and create traffic jams.
July 18th, 2024 — Source

How Scalpers Are Hacking One Of Ticketmaster's Highly-Touted Features
Over the years, what was once pretty taboo has become incredibly common: Reselling tickets to concerts and sporting events, often above face value. Not only do the most prominent ticketing companies, Ticketmaster and AXS, have their own resale arms, but there's an entire ecosystem of third-party ticket resale platforms like StubHub, SeatGeek, and VividSeats.
July 18th, 2024 — Source

Ivanti Issues Hotfix for High-Severity Endpoint Manager Vulnerability
Ivanti has released a hotfix to address an SQL injection vulnerability in Endpoint Manager (EPM) 2024 flat.
July 18th, 2024 — Source

Judge Dismisses Most SEC Fraud Claims Against SolarWinds
Feds Can Proceed With Claims About Falsehoods in SolarWinds Security Statement
July 18th, 2024 — Source or Source or Source or Source or Source

Okta Announces SaaS Startup Competition
The Okta SaaS Startup Competition will allow early-stage startups a chance to receive a cash investment and support from Okta.
July 18th, 2024 — Source

OpenAI Rolls Out Compliance API and Integrations for ChatGPT Enterprise
The tools are being positioned as crucial to help business customers meet requirements for regulations like FINRA, HIPAA, and GDPR.
July 18th, 2024 — Source

Operation Spincaster Targets Crypto Pig-Butchering Scams
Public-Private Effort Based on Intelligence Tied to $162 Million in Crypto Losses
July 18th, 2024 — Source or Source or Source or Source

Oracle Quarterly Critical Patches Issued July 16, 2024
Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.
July 18th, 2024 — Source

Pindrop secures $100 million to further develop its audio, voice, and AI technologies
Pindrop announced it has secured $100 million in debt financing from Hercules Capital. This significant funding will enable Pindrop to further develop its audio, voice, and AI technologies, enhancing its offerings for customers in the banking, finance, contact center, insurance, utilities, healthcare, retail, and other industries.
July 18th, 2024 — Source

Recent Adobe Commerce Vulnerability Exploited in Wild
Adobe and CISA warn that a recent Adobe Commerce vulnerability has been exploited in the wild.
July 18th, 2024 — Source

Revolver Rabbit gang registers 500,000 domains for malware campaigns
A cybercriminal gang that researchers track as Revolver Rabbit has registered more than 500,000 domain names for infostealer campaigns that target Windows and macOS systems.
July 18th, 2024 — Source

Rising Tides: Alyssa Miller on 'Do Better, be Better' and 'See Past the Technology' to Advance Cybersecurity
Miller has been in cybersecurity for roughly 20 years and is now the CISO of Epiq Global.
July 18th, 2024 — Source

Russia's FIN7 is peddling its EDR-nerfing malware to ransomware gangs
Major vendors' products scuppered by novel techniques
July 18th, 2024 — Source

SAP AI Core Vulnerabilities Allowed Service Takeover, Customer Data Access
SAP patches AI Core vulnerabilities allowing attackers to access customer data and take over the service.
July 18th, 2024 — Source

SonicWall launches Cloud Secure Edge, suitable for any stage of cloud migration
SonicWall launched Cloud Secure Edge (CSE), offering an innovative suite of Zero Trust Access offerings designed specifically for MSPs who are meeting customers with increasingly remote work forces on their cloud migration journeys. With flexible, cost-effective solutions for remote access and internet access, CSE empowers organizations to securely connect employees and third-party users to resources from any device and location with simplicity and security.
July 18th, 2024 — Source

Using Threat Intelligence to Predict Potential Ransomware Attacks
The risk of suffering a ransomware attack is high and organizations must take proactive steps to protect themselves and minimize the impact of a potential breach.
July 18th, 2024 — Source

Watch on Demand: Cloud & Data Security Summit
Join us as we explore the latest trends in the world of SaaS security, cyberattacks against cloud infrastructure, data security posture management (DSPM), and the hype and promise of AI and LLM technologies.
July 18th, 2024 — Source

Waterfall Security HERA secures OT environments
Waterfall Security launched HERA -- Hardware Enforced Remote Access, a new technology designed to enable safe and secure remote access into cyber-physical systems and OT networks.
July 18th, 2024 — Source

Why AI and Human Behavior Drive New Urgency for Zero Trust
How CISOs Can Leverage Zero Trust and AI to Protect Against the Human Element
July 18th, 2024 — Source or Source or Source or Source

Internet — Security Issues — July 9th, 2024

4 benefits of security testing in agile environments
Learn why agile environments require modern pen testing techniques
July 9th, 2024 — Source

4 Million People Affected by Debt Collector Data Theft Hack
Stolen Data Includes Patient Medical Information, According to Breach Notification
July 9th, 2024 — Source or Source or Source or Source or Source

A Vulnerability in OpenSSH Could Allow for Remote Code Execution
A vulnerability has been discovered in OpenSSH that could allow for remote code execution. OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It is widely used in enterprise environments for remote server management, secure file transfers, and various DevOps practices.
July 9th, 2024 — Source

Adobe Issues Critical Patches for Multiple Products, Warns of Code Execution Risks
Adobe documents at least seven code execution bugs affecting Adobe Premiere Pro, Adobe InDesign and Adobe Bridge on Windows and macOS.
July 9th, 2024 — Source

AI can support humanitarian organizations in armed conflict or crisis, but they should understand potential risks
AI can help humanitarians gain crucial insights to better monitor and anticipate risks, such as a conflict outbreak or escalation. But deploying systems in this context is not without risks for those affected, a new study warns.
July 9th, 2024 — Source

AI chatbots can pass certified ethical hacking exams, study finds
Chatbots powered by artificial intelligence (AI) can pass a cybersecurity exam, but don't rely on them for complete protection.
July 9th, 2024 — Source

Align strengthens defense against double-extortion ransomware tactics
Align adds a new exfiltration prevention feature to its Align Guardian Managed Detection and Response offering, powered by Adlumin. This innovation is designed to detect and stop attackers from exfiltrating data, providing a defense against modern ransomware tactics that employ double-extortion techniques.
July 9th, 2024 — Source

Anticipating tomorrow's threats: AI, evolving vulnerabilities, and the 'new normal'
Modern cybersecurity leaders are expected to balance an almost comical number of responsibilities. Threat intelligence, vulnerability management, asset tracking, identity management, budgeting, third-party risk -- and that's just what the company is willing to put in the job description.
July 9th, 2024 — Source

AttackIQ Mission Control simplifies security testing for distributed teams
AttackIQ has introduced a new functionality for enterprise customers -- AttackIQ Mission Control. AttackIQ Mission Control enhances AttackIQ Enterprise BAS deployments within large organizations, streamlining security testing for distributed teams.
July 9th, 2024 — Source

Australia sounds warning over state-backed Chinese hackers
Australia's cyber intelligence agency sounded a rare warning Tuesday about the rising threat of state-backed Chinese hackers, saying they were "actively" looking for targets to compromise.
July 9th, 2024 — Source

BlastRADIUS Attack Exposes Critical Flaw in 30-Year-Old RADIUS Protocol
Security vendor InkBridge Networks calls urgent attention to the discovery of a decades-old design flaw (CVE-2024-3596) in the popular RADIUS protocol.
July 9th, 2024 — Source

Chinese APT40 group swifly leverages public PoC exploits
Chinese state-sponsored cyber group APT40 is amazingly fast at adapting public proof-of-concept (PoC) exploits for vulnerabilities in widely used software, an advisory released by intelligence and cybersecurity agencies from eight countries warns.
July 9th, 2024 — Source

Chinese APT40 hackers hijack SOHO routers to launch attacks
A joint advisory from international cybersecurity agencies and law enforcement warns of the tactics used by the Chinese state-sponsored APT 40 hacking group and their hijacking of SOHO routers to launch cyberespionage attacks.
July 9th, 2024 — Source

CIS Benchmarks Community Volunteer Spotlight: Doug Hunley
The cybersecurity landscape is constantly morphing, making the need for rigorous security measures and standards paramount. An instrumental role in shaping these protective mechanisms is played by volunteers who contribute to the CIS Benchmarks Community. Our volunteers hail from diverse backgrounds. Some are experienced cybersecurity professionals, while others are enthusiastic novices eager to learn and share knowledge. They harness their expertise to review current Benchmarks' efficiency or develop new ones that address emerging threats.
July 9th, 2024 — Source

Command Zero Emerges From Stealth Mode to Speed Up Cyber Investigations
Command Zero has emerged from stealth mode with $21 million in a seed funding round led by Andreessen Horowitz.
July 9th, 2024 — Source

Critical Patches Issued for Microsoft Products, July 09, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
July 9th, 2024 — Source

Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack
A new critical security vulnerability in the RADIUS protocol, dubbed BlastRADIUS (CVE-2024-3596), leaves most networking equipment open to Man-in-the-Middle (MitM) attacks. While the vulnerability can be difficult to exploit, the possible impact of an exploit is substantial.
July 9th, 2024 — Source

Cryptocurrency Theft Haul Surges Alongside Crypto Value
Private Key and Seed Phrase Compromise Remains Top Attack Vector, TRM Labs Reports
July 9th, 2024 — Source or Source or Source or Source or Source

Egnyte Copilot accelerates enterprise content collaboration
Egnyte launched Egnyte Copilot, its AI-driven assistant designed to accelerate and transform enterprise content collaboration.
July 9th, 2024 — Source

Eldorado ransomware-as-a-service gang targets Linux, Windows systems
US orgs bear the brunt of attacks by probably-Russian crew
July 9th, 2024 — Source

Evolve Bank & Trust confirms LockBit stole 7.6 million people's data
Making cyberattack among the largest ever recorded in finance industry
July 9th, 2024 — Source

Evolve Bank Data Breach Impacts 7.6 Million People
Evolve Bank says personal information of more than 7.6 million individuals was compromised in a ransomware attack.
July 9th, 2024 — Source

Evolve Bank says data breach impacts 7.6 million Americans

July 9th, 2024 — Source

Evolve Bank says ransomware gang stole personal data on millions of customers
U.S.-based banking-as-a-service giant Evolve Bank & Trust said that cybercriminals accessed the personal data of millions of customers during a recent cyberattack.
July 9th, 2024 — Source

Evolve Discloses That Hackers Stole Data of 7.6M Individuals
Stolen Data Includes Names, Social Security and Bank Account Numbers, Contact Info
July 9th, 2024 — Source or Source or Source

Fujitsu confirms customer data exposed in March cyberattack
Fujitsu confirms that information related to some individuals and customers' business has been compromised during the data breach detected earlier this year.
July 9th, 2024 — Source

Global Coalition Blames China's APT40 for Hacking Government Networks
Seven nations are backing Australia in calling out a China-linked hacking group for compromising government networks.
July 9th, 2024 — Source

GuardZoo spyware used by Houthis to target military personnel
Lookout discovered GuardZoo, Android spyware targeting Middle Eastern military personnel. This campaign leverages malicious apps with military and religious themes to lure victims via social engineering on mobile devices.
July 9th, 2024 — Source

Hackers target WordPress calendar plugin used by 150,000 sites
Hackers are trying to exploit a vulnerability in the Modern Events Calendar WordPress plugin that is present on more than 150,000 websites to upload arbitrary files to a vulnerable site and execute code remotely.
July 9th, 2024 — Source

Houthi rebels are operating their own GuardZoo spyware
Fairly 'low budget', unsophisticated malware, say researchers, but it can collect the same data as Pegasus
July 9th, 2024 — Source

How to Fix a Dysfunctional Security Culture
Moving from a state of indifference about security to a place where users actively champion it can be transformed through a focused effort.
July 9th, 2024 — Source

'I always sleep with one eye open:' Q&A with American Airlines IT chief talking security and change
There's one major challenge that makes Ganesh Jayaram, chief digital and information officer at American Airlines sleep with one eye open at night: cybersecurity.
July 9th, 2024 — Source

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)
For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in Windows Hyper-V and Windows MSHTML Platform (respectively).
July 9th, 2024 — Source

Microsoft Warns of Windows Hyper-V Zero-Day Being Exploited
Patch Tuesday: Microsoft patches more than 140 security vulnerabilities in the Windows ecosystem, including a pair of exploited zero-days.
July 9th, 2024 — Source

Mitigate the Security Challenges of Telecom 5G IoT Microservice Pods Architecture Using Istio
Discover the essential features of Istio Service Mesh Architecture and master the configuration of Istio for cellular IoT Microservices pods.
July 9th, 2024 — Source

Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.
July 9th, 2024 — Source

New method could yield fast, cross-country quantum network
Quantum computers offer powerful ways to improve cybersecurity, communications, and data processing, among other fields. To realize these full benefits, however, multiple quantum computers must be connected to build quantum networks or a quantum internet. Scientists have struggled to come up with practical methods of building such networks, which must transmit quantum information over long distances.
July 9th, 2024 — Source

Optiv MDR accelerates threat detection and response
Optiv has launched its managed detection and response service, Optiv MDR, on the Google Security Operations (SecOps) platform, enabling organizations to detect and respond to emerging threats with managed threat detection and response capabilities.
July 9th, 2024 — Source

Outpost24 appoints Ido Erlichman as CEO
Outpost24 announced the appointment of Ido Erlichman as its new CEO, effective immediately.
July 9th, 2024 — Source

Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health
The Ransomhub ransomware gang has claimed the theft of 100GB of data from the Florida Department of Health.
July 9th, 2024 — Source

SAP Patches High-Severity Vulnerabilities in PDCE, Commerce
Patch Tuesday: Enterprise software vendor SAP releases patches for high-severity vulnerabilities in multiple products and tools.
July 9th, 2024 — Source

Securing Your Machine Identities Means Better Secrets Management
Machine identities make up the majority of the over 12.7 million secrets discovered in public on GitHub in 2023. Let's look at how we got here and how we fix this.
July 9th, 2024 — Source

Senate NDAA 2025 Boosts Military Cyber and AI Initiatives
Military Omnibus Bill Includes Focus on Cybersecurity, Countering Drone Technology
July 9th, 2024 — Source

Skillsoft partners with Microsoft to develop GenAI skilling program
Skillsoft announced a comprehensive generative AI (GenAI) skilling program developed in collaboration with Microsoft.
July 9th, 2024 — Source

Stellar Cyber Open XDR platform now supports BYODL
Stellar Cyber announced that the Stellar Cyber Open XDR platform now supports "Bring Your Own Data Lake" (BYODL).
July 9th, 2024 — Source

This Is How SSL Certificates Work: HTTPS Explained in 15 Minutes
The world of online security may seem complex. In this post, gain an understanding of the basics of how SSL certificates work and why HTTPS is essential.
July 9th, 2024 — Source or Watch Video

UN Cybercrime Draft Convention Dangerously Expands State Surveillance Powers Without Robust Privacy, Data Protection Safeguards
As we near the final negotiating session for the proposed UN Cybercrime Treaty, countries are running out of time to make much-needed improvements to the text. From July 29 to August 9, delegates in New York aim to finalize a convention that could drastically reshape global surveillance laws.
July 9th, 2024 — Source

US Busts Russian AI-Driven Disinformation Operation
Meliorator Software Generates Social Media Bots
July 9th, 2024 — Source or Source or Source or Source or Source

What is split tunneling and do you need it in a VPN?
This oft-highlighted feature of VPNs lets you pick and choose when you want anonymity.
July 9th, 2024 — Source

What Kind of People Do Cybersecurity for a Living?
CISO Sam Curry, CMO Red Curry on Out-of-the-Box Thinkers, Alliance Builders, Rebels
July 9th, 2024 — Source or Source or Source or Source or Source

What Will Drive the Use of Faster Payments in the US?
Faster Payments Council's Reed Luhtanen on the Importance of Well-Defined Practices
July 9th, 2024 — Source or Source

What Will UK Labour Government Mean for AI, Data Protection?Legal Expert Jonathan Armstrong on New Government's Impact on Regulations

July 9th, 2024 — Source or Source or Source or Source

Internet — Security Issues — July 6th, 2024

Cybercrime groups restructuring after major takedowns: Experts
Cybercrime gangs are looking to rebuild with new tactics after global police operations this year made a huge dent in their activities, experts have told AFP.
July 6th, 2024 — Source

Internet — Security Issues — July 5th, 2024

Breach Roundup: FBI Warns of US Renewable Energy Sector Threats
Google Offers $250,000 Reward for KVM Vulns; CocoaPods Flaws Expose Apple Apps
July 5th, 2024 — Source or Source

ChatGPT's much-heralded Mac app was storing conversations as plain text
The app was updated to address the issue after it gained public attention.
July 5th, 2024 — Source

Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion
Hackers have leaked what they claim is Ticketmaster barcode data for 166,000 Taylor Swift Eras Tour tickets, warning that more events would be leaked if a $2 million extortion demand is not paid.
July 5th, 2024 — Source

ISMG Editors: A Tribute to Steve King
Steve King's Legacy in Cybersecurity: Insights and Reflections
July 5th, 2024 — Source or Source or Source or Source or Source

New Zealand Fitness Retailer Hit by DragonForce Ransomware
Ransomware Group Apparently Uses Leaked LockBit Builder Code to Mount Attacks
July 5th, 2024 — Source or Source or Source or Source or Source

OpenAI breach is a reminder that AI companies are treasure troves for hackers
There's no need to worry that your secret ChatGPT conversations were obtained in a recently reported breach of OpenAI's systems. The hack itself, while troubling, appears to have been superficial — but it's a reminder that AI companies have in short order made themselves into one of the juiciest targets out there for hackers.
July 5th, 2024 — Source

OpenAI's internal discussion board about AI development was compromised by hackers
The company didn't care to inform any outside authority about the incident last year
July 5th, 2024 — Source

Some Data Is 'Breached' During a Hacking Attack on the Alabama Education Department
Alabama's education superintendent said some data was breached during a hacking attempt at the State Department of Education.
July 5th, 2024 — Source

Strengthening Web Application Security With Predictive Threat Analysis in Node.js
Enhance your Node.js web application security by implementing predictive threat analysis using tools like Express.js, TensorFlow.js, JWT, and MongoDB.
July 5th, 2024 — Source

This is likely the biggest password leak ever: nearly 10 billion credentials exposed
The 'RockYou2024' leak could give hackers a huge upper hand.
July 5th, 2024 — Source

Why Small Developer Tools Get Flagged as Malware and How to Safely Use Their Software
Recently, a reader of our newsletter called me to task for recommending software that Malwarebytes tagged as suspicious or a PUP. Rightly so, I think.
July 5th, 2024 — Source

Internet — Security Issues — July 4th, 2024

Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Private sector helped out with week-long operation -- but didn't touch China
July 4th, 2024 — Source

Internet — Security Issues — July 2nd, 2024

Affirm fears customer info pilfered during ransomware raid at Evolve Bank
Number of partners acknowledging data theft continues to rise
July 2nd, 2024 — Source

Cisco Patches an Exploited Zero-Day Vulnerability
China-Nexus Hackers Velvet Ant Exploited the Bug in April, Cisco and Sygnia Say
July 2nd, 2024 — Source or Source

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies
Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant.
July 2nd, 2024 — Source

Critical Flaw in PTC License Server Can Allow Lateral Movement in Industrial Organizations
PTC has patched a critical vulnerability in the Creo Elements/Direct License Server that can be exploited for unauthenticated command execution.
July 2nd, 2024 — Source

Cyberinsurance Premiums are Going Down: Here's Why and What to Expect
The change in premium rates is more likely to be the insurers' correction than the insureds' improvement in security.
July 2nd, 2024 — Source

Cybersecurity training needs a human touch
A new study from CybSafe finds that only 42 percent of office workers are satisfied with their current cybersecurity training.
July 2nd, 2024 — Source

Deepwatch appoints John DiLullo as CEO
Deepwatch announced that John DiLullo has been appointed as CEO, succeeding Charlie Thomas who is retiring and will serve as chairman of the Board of Directors, effective immediately.
July 2nd, 2024 — Source

Evolve Bank Shares Data Breach Details as Fintech Firms Report Being Hit
Fintech companies Wise and Affirm are impacted by the data breach at Evolve Bank, which has shared additional details on the recent ransomware attack.
July 2nd, 2024 — Source

Evolve Ransomware Hack Affects Affirm and Fintech Companies
Startups and Evolve Client Are Monitoring the Situation for Potential Fallout
July 2nd, 2024 — Source or Source or Source

Experts Warn of Cyber Regulatory Chaos Post-Chevron Overturn
The Supreme Court's Chevron Ruling Brings Uncertainty for Cyber and AI Policy
July 2nd, 2024 — Source

Feds Hit Health Entity With $950K Fine in NotPetya Attack
Settlement Is Another Signal of HHS OCR's Latest Enforcement Priority
July 2nd, 2024 — Source or Source or Source

From the SOC to Everyday Success: Data-Driven Life Lessons from a Security Analyst
By taking a data-driven approach to life, grounded in truth and facts, we can improve our chances of making better decisions and achieving better results.
July 2nd, 2024 — Source

How evolving AI regulations impact cybersecurity
Getting in front of AI risks includes understanding evolving regulations. Here's what that means for cybersecurity leaders.
July 2nd, 2024 — Source

IBM Consulting partners with Microsoft to help clients modernize security operations
IBM Consulting and Microsoft announce strengthened cybersecurity collaboration to help clients simplify and modernize their security operations, and manage and protect their hybrid cloud identities.
July 2nd, 2024 — Source

Indonesia just realized it has no backups after data centers are hit with ransomware
"That's stupidity" says the chair of the commission overseeing the incident
July 2nd, 2024 — Source

Kaspersky Banned in the USA: What You Need to Know
Fresh on the heels of a TiKtok ban, the US Government has banned Kapsery Software in the US due to its ties to the Russian Government.
July 2nd, 2024 — Source

LogRhythm's enhancements boost analyst efficiency
LogRhythm announced its 9th consecutive quarterly release. In the AI-ready world, LogRhythm empowers security teams with the highest integrity data in the security industry to enhance the output of the AI tools used to defend organizations from cyberthreats. Coupled with this quarter's simplified data retention, LogRhythm's enhancements boost analyst efficiency and simplify compliance with industry standards and regulations.
July 2nd, 2024 — Source

Meta and YouTube Update Their AI Content Policies
Meta Changes AI Content Labeling; YouTube Updates Privacy Guidelines
July 2nd, 2024 — Source or Source or Source or Source or Source

Microsoft and IBM announce improved cybersecurity partnership
Microsoft and IBM Consulting announced the improved cybersecurity partnership to help enterprises with their security operations. As part of the partnership, both companies will be making use of each other's strengths to help the clients. In this case, IBM Consulting's industry-leading cybersecurity services and Microsoft's comprehensive security technology portfolio, including Sentinel and Entra Suite, will help enterprises improve their end-to-end security operations.
July 2nd, 2024 — Source

Millions Affected by Prudential Ransomware Hack in February
Insurance Giant Says Hackers Stole Data of 2.5 Million Individuals
July 2nd, 2024 — Source

New report advises how ransomware victims can be better supported
A new report, produced jointly by Kent and the Royal United Services Institute (RUSI), aims to shed light on the experience of victims of ransomware and identify several key factors that typically shape these experiences.
July 2nd, 2024 — Source

NordVPN File Checker protects users from infected files
NordVPN launches its third experimental product from the NordLabs platform. File Checker is an online tool that scans different types of files for malware and viruses. It helps to prevent malicious codes invading user's devices through infected or corrupted files downloaded online.
July 2nd, 2024 — Source

No rest for the wiry as Cisco Nexus switches flip out over latest zero-day
Command injection bug being abused by suspected Chinese spies -- patch up
July 2nd, 2024 — Source

Outsmarting Cyber Threats: How Large Language Models Can Revolutionize Email Security
Learn more about how AI-powered detection uses LLMs to analyze email content, detects threats, and generates synthetic data for better training.
July 2nd, 2024 — Source

Patelco shuts down banking systems following ransomware attack
Patelco Credit Union has disclosed it experienced a ransomware attack that led to the proactive shutdown of several of its customer-facing banking systems to contain the incident's impact.
July 2nd, 2024 — Source

Rapid7 Purchases Noetic for Better Attack Surface Management
Deal Aims to Enhance Internal and External Attack Visibility, Security Efficiency
July 2nd, 2024 — Source or Source or Source or Source

"RegreSSHion" vulnerability in OpenSSH gives attackers root on Linux
Full system compromise possible by peppering servers with thousands of connection requests.
July 2nd, 2024 — Source

Splunk Patches High-Severity Vulnerabilities in Enterprise Product
Splunk has patched multiple vulnerabilities in Splunk Enterprise, including high-severity remote code execution bugs.
July 2nd, 2024 — Source

The Cost of Underpreparedness to Your Business
When it rains, it pours. Few organizations are prepared for the data deluge caused by ransomware, but the organizations able to understand and limit data theft and have recoverable backups are the most resilient in the face of ransomware attacks.
July 2nd, 2024 — Source or Source or Source or Source

Yieldstreet says some of its customers were affected by the Evolve Bank data breach
The alternative investment platform Yieldstreet is the latest company to reveal that its customers were affected by the recent data breach at Evolve Bank and Trust, TechCrunch has exclusively learned.
July 2nd, 2024 — Source

Internet — Security Issues — June 29th, 2024

We analyzed the entire web and found a cybersecurity threat lurking in plain sight
Our latest research has found that clickable links on websites can often be redirected to malicious destinations. We call these "hijackable hyperlinks" and have found them by the millions across the whole of the web, including on trusted websites.
June 29th, 2024 — Source

Internet — Security Issues — June 28th, 2024

AuthZed Raises $12 Million for Permissions Management Technology
Permissions management technology startup AuthZed has raised $12 million in a Series A funding round led by General Catalyst.
June 28th, 2024 — Source

Breaches Due to Credential Stuffing: Who's Accountable?
The Theft of Snowflake's Customers' Data Shows That Vendors Need Robust Defenses
June 28th, 2024 — Source or Source or Source or Source or Source

Chicago Children's Hospital Says 791,000 Impacted by Ransomware Attack
Ann & Robert H. Lurie Children's Hospital of Chicago says the recent data breach caused by a ransomware attack impacts 791,000 people.
June 28th, 2024 — Source

Fortra Patches Critical SQL Injection in FileCatalyst Workflow
Fortra has patched a critical-severity vulnerability in FileCatalyst Workflow leading to the creation of administrator accounts.
June 28th, 2024 — Source

How risk profiling can help prevent cyberattacks [Q&A]
Recent cyberattacks like Volt Typhoon, BlackCat ransomware syndicate, and NuGet serve as stark reminders of the critical importance of monitoring cyber risks as these attacks could all have been prevented.
June 28th, 2024 — Source

Infosys McCamish says LockBit stole data of 6 million people
Infosys McCamish Systems (IMS) disclosed that the LockBit ransomware attack it suffered earlier this year impacted sensitive information of more than six million individuals.
June 28th, 2024 — Source

Insurance Software Vendor Notifies 6.1 Million of 2023 Hack
InfoSys McCamish Systems Earlier Alerted 57,000 Bank of America Clients of Breach
June 28th, 2024 — Source or Source or Source or Source or Source

ISMG Editors: Growing Fallout From the Snowflake Breach
Also: Tackling Online Fraud; Highlights From ISMG's Midwest Summit
June 28th, 2024 — Source or Source or Source or Source or Source

LevelBlue Lays Off 15% of Employees After Being Sold by AT&T
Job Cuts Come Less Than 2 Months After WillJam Ventures-Owned Company Rebranded
June 28th, 2024 — Source or Source or Source or Source or Source

Microsoft Alerts More Customers to Email Theft in Expanding Midnight Blizzard Hack
Shockwaves from the Russian government's hack of Microsoft's corporate infrastructure continue to spread as the victim pool widens.
June 28th, 2024 — Source

Microsoft Details 'Skeleton Key' AI Jailbreak Technique
Microsoft has tricked several gen-AI models into providing forbidden information using a jailbreak technique named Skeleton Key.
June 28th, 2024 — Source

Microsoft Is Warning More Customers About Russian State Hack
Company Is Sending Email Alerts to Customers Whose Data Was Accessed by Hackers
June 28th, 2024 — Source or Source or Source or Source or Source

Microsoft reveals even more emails to customers were accessed by Russia-based hackers
Earlier this year, Microsoft revealed that a Russia-based cybercriminal group labeled as Midnight Blizzard got access to the email accounts of its top executives in late 2023. Today, the company has confirmed that it is informing more of its customers that emails sent to those executives were seen by that hacker group.
June 28th, 2024 — Source

Microsoft reveals further emails compromised by Russian hack
The company notified individuals about any correspondences the group, Midnight Blizzard, accessed.
June 28th, 2024 — Source

Multiple Vulnerabilities Found in Gas Chromatographs
Critical-Severity Flaws Expose Emerson Devices to Cyberattacks
June 28th, 2024 — Source or Source or Source or Source or Source

Polyfill Domain Shut Down as Owner Disputes Accusations of Malicious Activity
Namecheap shut down polyfill.io amid reports of malicious activity, but the Chinese owner claims it has good intentions.
June 28th, 2024 — Source

Remote access giant TeamViewer says Russian spies hacked its corporate network

June 28th, 2024 — Source

Russian APT Reportedly Behind New TeamViewer Hack
TeamViewer's corporate network was hacked and some reports say the Russian group APT29 is behind the attack.
June 28th, 2024 — Source

Startup Odaseva Raises $54M to Bolster Global Expansion, R&D
Silver Lake Leads Series C Round for California-Based Data Security Startup Odaseva
June 28th, 2024 — Source or Source or Source or Source or Source

TeamViewer links corporate cyberattack to Russian state hackers
RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week.
June 28th, 2024 — Source

Ticketmaster sends notifications about recent massive data breach
Ticketmaster has started to notify customers who were impacted by a data breach after hackers stole the company's Snowflake database, containing the data of millions of people.
June 28th, 2024 — Source

USX Cyber GUARDIENT helps MSPs protect their clients
USX Cyber unveiled GUARDIENT, an eXtended Detection and Response (XDR) cybersecurity platform designed specifically for Managed Service Providers (MSPs) serving small to medium-sized businesses.
June 28th, 2024 — Source

Internet — Security Issues — June 26th, 2024

Arkansas AG lawsuit claims the number one mobile shopping app is 'dangerous malware'
Tim Griffin is accusing Temu of misleading consumers about its security practices.
June 26th, 2024 — Source

ARMO launches behavioral-based cloud detection and response
ARMO announced its new ARMO Cloud Detection & Response solution, providing robust security for workloads.
June 26th, 2024 — Source

Bogus: LockBit's Claimed Federal Reserve Ransomware Hit
Actual Victim: Evolve Bank, Now Dealing With Open Banking Enforcement Action by Fed
June 26th, 2024 — Source or Source or Source or Source or Source

Certifications in the field of cyber security
The Certifications in the Field of Cyber Security is an unclassified publication. The guide provides information about many of the certifications available for prospective students and cyber security professionals. The intent is not to recommend any certification body or certification in particular, but to provide a listing of some of the different certifications that may help advance an individual's career in the field of cyber security.
June 26th, 2024 — Source

CIS Benchmarks Community Volunteer Spotlight: Mack Bodie
CIS Benchmarks™ volunteers dedicate their time and expertise to developing essential security standards for technology systems globally. A dynamic blend of IT professionals, industry experts, and passionate tech enthusiasts, they contribute significantly to building a more secure online environment. Their collective efforts help organizations strengthen their digital infrastructures against potential threats. By volunteering, they not only showcase their commitment but also drive the evolution of cybersecurity norms and practices.
June 26th, 2024 — Source

CISA: Most critical open source projects not using memory safe code
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws.
June 26th, 2024 — Source

Compromised plugins found on WordPress.org
An unknown threat actor has compromised five (and possibly more) WordPress plugins and injected them with code that creates a new admin account, effectively allowing them complete control over WordPress installations / websites.
June 26th, 2024 — Source

Crypto scammers are double-dipping victims as fake lawyers
Law firms claiming to hunt down crypto scammers are, in fact, just perpetrating one more scam on victims.
June 26th, 2024 — Source

Cyber security guidance for democratic institutions: artificial intelligence (ITSAP.00.135)
Artificial intelligence (AI) is a continuously developing technology that uses computer algorithms to performs tasks, predict results, and create content. Generative AI is a specific subset of AI that uses large data sets to create new content.
June 26th, 2024 — Source

Cybersecurity roundup: U.S. to ban Kaspersky antivirus; Cost of healthcare breaches way up
Also: HIMSS Privacy and Security leader campaigns for ISC2 Board.
June 26th, 2024 — Source

Data breaches are everywhere—but you still need to pay attention to them
Even if your personal info is already out in the wild, you should keep tabs on who last leaked it.
June 26th, 2024 — Source

Enterprise secrets leaked in code management systems
Enterprise secrets could be inadvertently leaking via GitHub repositories, according to new research from Aqua Security.
June 26th, 2024 — Source

Exploitation Attempts Target New MOVEit Transfer Vulnerability
Exploitation attempts targeting CVE-2024-5806, a critical MOVEit Transfer vulnerability patched recently, have started.
June 26th, 2024 — Source

Gaining and Retaining Security Talent: A Cheat Sheet for CISOs
Freed from the shackles of always demanding a technical background, the CISO can concentrate on building a diverse team comprising multiple skills.
June 26th, 2024 — Source

Google Unveils New Chrome Enterprise Core Features for IT, Security Teams
Google has announced new Chrome Enterprise Core features that should be very useful to IT and security teams.
June 26th, 2024 — Source

Grammarly delivers enhanced security and control features for safer AI use
Grammarly announced an extensive set of new security, deployment, and control features to meet soaring enterprise demand for comprehensive, secure AI communication assistance. Grammarly already serves leading enterprises like Salesforce, Atlassian, Zoom, Expedia Group, Eventbrite, and Siemens.
June 26th, 2024 — Source or Source

Hack of Age Verification Company Shows Privacy Danger of Social Media Laws
We've said it before: online age verification is incompatible with privacy. Companies responsible for storing or processing sensitive documents like drivers' licenses are likely to encounter data breaches, potentially exposing not only personal data like users' government-issued ID, but also information about the sites that they visit.
June 26th, 2024 — Source

Hackers Quick to Exploit MOVEit Authentication Flaw
Progress Software: 'Newly Disclosed Third-Party Vulnerability Introduces New Risk'
June 26th, 2024 — Source or Source or Source or Source or Source

Hackers target new MOVEit Transfer critical auth bypass bug
Threat actors are already trying to exploit a critical authentication bypass flaw in Progress MOVEit Transfer, less than a day after the vendor disclosed it.
June 26th, 2024 — Source

Indie Selects for June: Amazing Indie Games We Are Really Excited About
Another great month for indie games! This is the sixth set of Indie Selects and we're happy to report that we had no problem finding some real gems again this month. Starting with the return of a classic Xbox Live Arcade title, the Indie Selects for June also includes a hysterical clown asymmetric horror title, a breakout hit starring your favorite action figures, a truly mesmerizing story that's as funny as it is disturbing, and more.
June 26th, 2024 — Source

ISP accused of installing malware on 600,000 customer PCs to interfere with torrent traffic
When throttling just isn't enough
June 26th, 2024 — Source

Keeping Track of the Cybersecurity Job Market
How Understanding Hiring Trends Can Boost Your Career in Cyber
June 26th, 2024 — Source or Source or Source or Source or Source

LockBit lied: Stolen data is from a bank, not US Federal Reserve
Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States.
June 26th, 2024 — Source

Malware peddlers experimenting with BPL sideloading and masking malicious payloads as PGP keys
A newly spotted campaign is leveraging BPL sideloading and other uncommon tricks to deliver the IDAT Loader (aka HijackLoader) malware and prevent its detection.
June 26th, 2024 — Source

Medusa Android banking trojan returns to the US with new capabilities
After nearly a year of lying low, the Medusa banking trojan for Android has resurfaced on security researchers' radar. Cybersecurity firm Cleafy Threat Intelligence recently detected fresh campaigns targeting users in Europe and North America, including the US. The attackers have deployed more compact variants of the malware, allowing them to operate more stealthily.
June 26th, 2024 — Source

Nuance Ex-Employee Indicted for Breach Affecting 1 Million
DOJ Says Vendor's Terminated Worker Unlawfully Accessed Geisinger Patient Info
June 26th, 2024 — Source or Source or Source or Source or Source

OpenAI Drops ChatGPT Access for Users in China, Russia, Iran
Users of All OpenAI Services in Unsupported Countries Will Lose Access by July 9
June 26th, 2024 — Source or Source or Source or Source or Source

Organizations suffer multiple ransomware infections
A new report reveals that organizations are suffering multiple ransomware infections, 18 percent have suffered a ransomware infection 10 or more times in a 24-month period, a further 18 percent were infected five to nine times, and 30 percent were infected between two and four times.
June 26th, 2024 — Source

P2Pinfect Worm Now Dropping Ransomware on Redis Servers
The P2Pinfect worm targeting Redis servers has been updated with ransomware and cryptocurrency mining payloads.
June 26th, 2024 — Source

Paperwork 'Piling Up Really Bad' at Dealers as Cyberattack Outage Continues
Over 15,000 dealers still can't access CDK software that runs everything from repairs to payroll, and it may not be back up until July.
June 26th, 2024 — Source

Polyfill Supply Chain Attack Hits Over 100k Websites
More than 100,000 websites are affected by a supply chain attack injecting malware via a Polyfill domain.
June 26th, 2024 — Source

Securing Data With Immutable Backups and Automated Recovery
Acronis President Gaidar Magdanurov on Protecting Data, Mitigating Ransomware Risks
June 26th, 2024 — Source

Securing the Nation: FedRAMP Authorized Identity Security
SailPoint's Frank Briguglio on Securing Government and Critical Infrastructure
June 26th, 2024 — Source

Siemens Sicam Vulnerabilities Could Facilitate Attacks on Energy Sector
Several vulnerabilities patched recently in Siemens Sicam products could be exploited in attacks aimed at the energy sector.
June 26th, 2024 — Source

Snowblind is a new Android banking malware abusing a safety tool
Mobile app security provider Promon has uncovered a never-before-seen Android banking malware. Dubbed Snowblind, it uses a novel technique to exploit Android OS functionalities and compromise banking apps. The firm says the malware is effective on all Android devices, including the best ones with the strongest security measures. It requires app-level security enhancements to nullify potential financial loss.
June 26th, 2024 — Source

South Korean telecom company attacks customers with malware — over 600,000 torrent users report missing files, strange folders, and disabled PCs
ISP sends malware to hundreds of thousands of customers to stop them from using a file-sharing service.
June 26th, 2024 — Source

The EU Targets Russia's LNG Ghost Fleet With Sanctions as Concern Mounts About Hybrid Attacks
Some expressed concern about a rise in hybrid attacks by Russia -- including allegations of election interference, cyberattacks and sabotage.
June 26th, 2024 — Source

US DHS Warns of AI-Fueled Chemical and Biological Threats
New Report Urges Public-Private Collaboration to Reduce Chemical, Nuclear AI Risks
June 26th, 2024 — Source

or Source or Source or Source

US Federal Agencies Still Struggle to Recruit Cyber Talent
Federal Officials Say There Is 'No Silver Bullet' to Fix the Cyber Workforce Gap
June 26th, 2024 — Source or Source or Source or Source or Source

Why Activist Investor Jana Is Pressing Rapid7 to Sell Itself
Activist Investors Are Rare in Cybersecurity, But Rapid7's Struggles Drew a Firm In
June 26th, 2024 — Source or Source or Source or Source or Source

Why Employee Cybersecurity Awareness Training Is Important
Not everyone invests in employee cybersecurity awareness training, especially in the case of hybrid workplaces. In a 2023 study, a third of companies told Hornetsecurity they don't provide cybersecurity awareness training for remote employees. This is despite the fact that 75% of these companies' remote personnel can access sensitive data.
June 26th, 2024 — Source

WikiLeaks Founder Julian Assange Returns to Australia a Free Man After US Legal Battle Ends
WikiLeaks founder Julian Assange returned to Australia, hours after pleading guilty to obtaining and publishing U.S. military secrets.
June 26th, 2024 — Source

Internet — Security Issues — June 24th, 2024

Auto Dealership Software Firm Says Restoring Service Will Take 'Days and Not Weeks'
CISA is warning that its Chemical Security Assessment Tool (CSAT) environment was breached in January after hackers deployed a webshell on its Ivanti device, potentially exposing sensitive security assessments and plans.
June 24th, 2024 — Source

Car dealers stuck in the slow lane after cyber woes at software biz CDK
More customers self-reporting to SEC as disruption carries into second week
June 24th, 2024 — Source

Car dealership outages drag on after CDK cyberattacks
Software maker CDK says it will take "several days" to bring its systems back online following back-to-back cyberattacks, as car dealerships and auto shops around the U.S. reliant on the company's software enter a second week of disruption.
June 24th, 2024 — Source

CDK hackers want millions in ransom to end car dealership outage
A group that claims to have hacked CDK Global, the software provider to thousands of car dealerships in North America, has demanded tens of millions of dollars in ransom, according to a person familiar with the matter.
June 24th, 2024 — Source

CDK Begins Restoring Systems Amid Ransomware Payment Reports
Auto Dealership Software Firm Says Restoring Service Will Take 'Days and Not Weeks'
June 24th, 2024 — Source or Source or Source or Source or Source

CHERI Backers Form Alliance to Promote Memory Safety Chip
Chipmaker Arm Is Not an Alliance Member
June 24th, 2024 — Source or Source or Source or Source or Source

Chinese Hackers Caught Spying on Taiwanese Firms
Espionage Group Used SoftEther VPN Client to Exploit Targeted Networks
June 24th, 2024 — Source or Source or Source or Source or Source

CoinStats says North Korean hackers breached 1,590 crypto wallets
CoinStats suffered a massive security breach that compromised 1,590 cryptocurrency wallets, with the attack suspected to have been carried out by North Korean threat actors.
June 24th, 2024 — Source

EFF Issues New Warning After Discovery of Automated License Plate Reader Vulnerabilities
The EFF has issued a warning over the use of automated license plate readers following the discovery of serious vulnerabilities.
June 24th, 2024 — Source

Enzoic appoints Kristen Ranta Haikal Wilson as CEO
Enzoic announces Kristen Ranta Haikal Wilson as its new CEO. With an exceptional track record of over 25 years in software and technology, Wilson assumes the role from Michael Greene, who remains involved with the company in an advisory capacity and as a board member.
June 24th, 2024 — Source

European Union Sanctions Russian State Hackers
Hackers Part of Callisto and Armageddon Groups
June 24th, 2024 — Source

Telegram says it has 'about 30 engineers'; security experts say that's a red flag
Over the weekend, a clip from a recent interview with Telegram's founder Pavel Durov went semi-viral on X (previously Twitter). In the video, Durov tells right-wing personality Tucker Carlson that he is the only product manager at the company, and that he only employs "about 30 engineers."
June 24th, 2024 — Source

Facial Recognition Startup Clearview AI Settles Privacy Suit
Facial recognition startup Clearview AI has reached a settlement in an Illinois lawsuit alleging its massive photographic collection of faces violated the subjects' privacy rights.
June 24th, 2024 — Source

Fighting Payment Fraud by Integrating Security Into Finance
Creednz CEO Johnny Deutsch on the Need for Vendor Visibility and Security Awareness
June 24th, 2024 — Source or Source or Source or Source or Source

Four FIN9 hackers indicted for cyberattacks causing $71M in losses
Four FIN9 hackers indicted for cyberattacks causing $71M in losses
June 24th, 2024 — Source

Hacker Claims Theft of 30M User Records From Australia Ticketing Company TEG
A hacker claims to have stolen the information of 30 million users from TEG subsidiary Ticketek.
June 24th, 2024 — Source

Indonesian government datacenter locked down in $8M ransomware rumble
Variant of Lockbit 3.0 said to be weapon of choice for attack
June 24th, 2024 — Source

Indonesia won't pay an $8 million ransom after a cyberattack compromised the national data center
Indonesia's national data center has been compromised by a hacking group asking for a $8 million ransom that the government says it won't pay.
June 24th, 2024 — Source

Information Blocking of Patient Records Could Cost Providers
Final HHS Rule Cuts Financial Payments to Healthcare Firms That Violate Cures Act
June 24th, 2024 — Source or Source or Source or Source

Japan's Space Agency Was Hit by Multiple Cyberattacks, but Officials Say No Sensitive Data Was TakenJapan's space agency has suffered a series of cyberattacks, but sensitive information related to rockets and satellites was not affected.

June 24th, 2024 — Source

LivaNova USA Discloses Data Breach Impacting 130,000 Individuals
LivaNova USA says the personal and medical information of 130,000 individuals was compromised in an October 2023 data breach.
June 24th, 2024 — Source

Microsoft Defender thinks you created your own Windows PC virus by writing this one line
Microsoft Defender is generally considered to be an excellent anti-malware solution even though it comes as a stock Windows app. Threat detection assessments from AV-Comparatives and AV-TEST have shown that Defender performs well against third-party solutions.
June 24th, 2024 — Source

New security loophole allows spying on internet users visiting websites and watching videos
Internet users leave many traces on websites and online services. Measures such as firewalls, VPN connections and browser privacy modes are in place to ensure a certain level of data protection. However, a newly discovered security loophole allows bypassing all of these protective measures.
June 24th, 2024 — Source

New SnailLoad Attack Relies on Network Latency Variations to Infer User Activity
New attack named SnailLoad allows a remote attacker to infer websites and videos viewed by a user without direct access to network traffic.
June 24th, 2024 — Source

Provenir's AI-powered risk decisioning platform increases fraud detection
As the financial services world becomes increasingly digitized and consumer demands evolve, fraudsters and their methods are becoming more sophisticated. Provenir is helping organizations fight back by detecting these emerging threats via sophisticated decisioning tools and advanced analytics to increase fraud detection while minimizing friction in the customer journey.
June 24th, 2024 — Source

Push Notification Fatigue Leads to LA County Health Department Data Breach
The Los Angeles County Department of Health Services discloses a data breach caused by push notification spamming attack.
June 24th, 2024 — Source

Researchers say 280 million people have installed malware-infected Chrome extensions in the last 3 years
Google claims less than 1% of all installs include malware
June 24th, 2024 — Source

Tech Leaders Gather This Week for AI Risk Summit + CISO Forum at the Ritz-Carlton, Half Moon Bay
SecurityWeek's AI Risk Summit + CISO Forum brings together business and government stakeholders to provide meaningful guidance on risk management and cybersecurity in the age of artificial intelligence.
June 24th, 2024 — Source

The latest cybersecurity trends and how to guard against them [Q&A]
The cybersecurity landscape is a constantly changing one, with new threats emerging and old ones evolving. This makes it difficult for organizations to ensure their defenses are up to the task of properly protecting them.
June 24th, 2024 — Source

Thwarting cyberattacks from China is DHS's top infrastructure security priority
The Department of Homeland Security released a memo outlining its biggest 'priority risk areas' for critical infrastructure through 2025.
June 24th, 2024 — Source

Top Hurdles for MSSPs and One Shining Solution
As a Managed Security Services Provider (MSSP), you know that organizations are increasingly looking to you to help them secure their systems and data. The same goes for MSSPs in general. According to MSSP Alert, the Managed Security Services market is expected to increase from $31.6 billion in 2020 to $46.4 billion by 2025. This forecast represents a compound annual growth rate (CAGR) of 8.0%.
June 24th, 2024 — Source

Vietnamese Members of FIN9 Hacking Group Charged in US
The US has announced charges against four Vietnamese nationals for hacking businesses and causing $71 million in losses.
June 24th, 2024 — Source

What you need to know about about the great car dealer software hack
Owners with cars stuck in dealership service departments may have it the worst
June 24th, 2024 — Source

Internet — Security Issues — June 23rd, 2024

Microsoft Defender flags text file containing 'This content is no longer available.' as a severe threat
It identified the text file as Trojan:Win32/Casdet!rfn.
June 23rd, 2024 — Source

Threat actor Intelbroker now claims it hacked Apple along with AMD
The cybercriminal says it has stolen Apple's source code for internal tools
June 23rd, 2024 — Source

Troy Hunt Weekly Update 405
Ah, sunshine! As much as I love being back in Norway, the word "summer" is used very loosely there. Not as much in Greece, however, which is just spectacular:
June 23rd, 2024 — Source

Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed
Here's an overview of some of last week's most interesting news, articles, interviews and videos:
June 23rd, 2024 — Source

Internet — Security Issues — June 22nd, 2024

Change Healthcare Begins to Notify Clients Affected by Hack
The Company Will Start Notifying Individuals Affected by the Breach in Late July
June 22nd, 2024 — Source or Source or Source or Source or Source

From network security to nyet work in perpetuity: What's up with the Kaspersky US ban?
It's been a long time coming. Now our journos speak their brains
June 22nd, 2024 — Source or Watch Video

U.S. bans Kaspersky and hands out sanctions to execs — 100 days until class-leading antivirus ban takes effect
Kaspersky's C-suite punished for alleged Russian ties
June 22nd, 2024 — Source

Internet — Security Issues — June 21st, 2024

As Britain's NHS Faces Data Leak, Never Normalize Ransomware
Battle the Business Model With Business Resilience Planning, Failover Capabilities
June 21st, 2024 — Source or Source or Source or Source or Source

Australia Optus 2022 Data Breach 'Not Highly Sophisticated'
Hackers Exploited Coding Error, Says Australian Communications and Media Authority
June 21st, 2024 — Source or Source or Source or Source or Source

Auto Dealerships Using CDK Global Hit With Cyber Disruptions
Auto Dealership Tech Firm Confirms System Shutdowns After Multiple Cyber Incidents
June 21st, 2024 — Source or Source or Source or Source or Source

Biden administration bans Kaspersky software in the US over national security concerns
The Moscow-based company has vowed to fight back
June 21st, 2024 — Source

BIOS Security Vulnerability Affects Intel CPUs In Hundreds Of Devices
A few years ago, PC firmware switched from the aging BIOS system to the Unified Extensible Firmware Interface standard, more commonly known as UEFI. This system is more secure than the legacy BIOS was, but it's not perfect. Cybersecurity firm Eclypsium reports the discovery of a serious bug in UEFI that could affect hundreds of Intel-powered PC models.
June 21st, 2024 — Source

Both Europe and Australia back down on 'CSAM' scanning that would kill encryption
Both the EU and Australia have backed down on proposals to force tech companies to implement CSAM scanning within messaging apps, which would have destroyed privacy by killing end-to-end encryption (E2EE).
June 21st, 2024 — Source

Car dealerships are being disrupted by a multi-day outage after cyberattacks on software supplier
Car dealerships across North America have faced major disruptions this week.
June 21st, 2024 — Source

CDK warns: threat actors are calling customers, posing as support
CDK Global has cautioned customers about unscrupulous actors calling them and posing as CDK agents or affiliates to gain unauthorized systems access.
June 21st, 2024 — Source

Change Healthcare confirms ransomware hackers stole medical records on a 'substantial proportion' of Americans
Change Healthcare has confirmed a February ransomware attack on its systems, which brought widespread disruption to the U.S. healthcare system for weeks and resulted in the theft of medical records affecting a "substantial proportion of people in America."
June 21st, 2024 — Source

Change Healthcare finally spills the tea on what medical data was stolen by cyber-crew
'Substantial proportion' of America to get a little note from next month
June 21st, 2024 — Source

Change Healthcare lists the medical data stolen in ransomware attack
UnitedHealth has confirmed for the first time what types of medical and patient data were stolen in the massive Change Healthcare ransomware attack, stating that data breach notifications will be mailed in July.
June 21st, 2024 — Source

Change Healthcare to start notifying customers who had data exposed in cyberattack
Change Healthcare is starting to notify hospitals, insurers and other customers that they may have had patient information exposed in a massive cyberattack.
June 21st, 2024 — Source

Corpay, UHN Secure Hybrid Cloud Infrastructure With Gigamon
How Gigamon's Technical Capabilities Boost Organizations' Cybersecurity
June 21st, 2024 — Source or Source or Source or Source or Source

Court: HHS Overstepped HIPAA Authority in Web Tracking Guide
Agency Must Drop Updated Guidance Provisions Regarding Certain PHI 'Combinations'
June 21st, 2024 — Source or Source or Source or Source or Source

Cybersecurity firm Kaspersky denies it's a hazard after the US Commerce Dept bans its software
The cybersecurity firm Kaspersky denied Friday that it is a security threat after the U.S. Commerce Department banned the use of its software in the United States.
June 21st, 2024 — Source

Disruptions at Many Car Dealerships Continue as CDK Hack Worsens
Car dealership software provider CDK Global was in the process of restoring services impacted by a cyberattack when it discovered an additional hack.
June 21st, 2024 — Source

Gartner: 3 Actions to Achieve Cybersecurity Consolidation
In this TechRepublic exclusive, Gartner VP Analyst Dionisio Zumerle shares three leadership strategies for achieving cybersecurity platform consolidation.
June 21st, 2024 — Source

Google's Zero-Day Hunters Test AI for Security Research
Project Zero Framework Aims to Boost AI Bug Detection Skills
June 21st, 2024 — Source or Source or Source or Source or Source

How AI can keep cybersecurity analysts from drowning in a sea of data
As organizations increasingly rely on networks, online platforms, data and technology, the risks associated with data breaches and privacy violations are more severe than ever. Couple this with the escalating frequency and sophistication of cyber threats and it becomes clear that fortifying cybersecurity defenses has never been more important.
June 21st, 2024 — Source

How small claims court became Meta's customer service hotline
People are using the courts in a last-ditch attempt to recover their accounts.
June 21st, 2024 — Source

Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)
A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime.
June 21st, 2024 — Source

Intelbroker Claims That Hacked Two Tech Giants In A Week
Intelbroker seems to be busy lately. The notorious cyber-breaching team claims it hacked Apple shortly after breaking into AMD earlier this week. AMD is investigating these claims, assisted by competent agencies, but Apple hasn't officially assessed the situation.
June 21st, 2024 — Source

ISMG Editors: How Did Medibank's Lack of MFA Cause a Breach?
Also: Critical Infrastructure Security and Fortinet's Latest Acquisition
June 21st, 2024 — Source or Source

Kaspersky anti-virus software in July
Kaspersky blames the "present geopolitical climate and theoretical concerns."
June 21st, 2024 — Source

Massive Car Dealer Cyberattack Cripples 'Every Angle' of Business
Nearly 15,000 dealers are still shut down. It's a nightmare, they say.
June 21st, 2024 — Source

Personal and Chemical Facility Information Potentially Accessed in CISA Hack
CISA says CFATS program data was likely accessed after an Ivanti Connect Secure appliance was hacked in January.
June 21st, 2024 — Source

Qilin cyber scum leak data they claim belongs to London hospitals' pathology provider
At least they didn't get paid their $50M ransom demand
June 21st, 2024 — Source

Santander Employee Data Breach Linked to Snowflake Attack
Santander US is notifying over 12,000 employees that their personal information was compromised in a data breach.
June 21st, 2024 — Source

Spatial Computing Hack Exploits Apple Vision Pro Flaw to Fill Room With Spiders, Bats
A recently patched Vision Pro vulnerability was classified by Apple as a DoS issue, but a researcher has shown that it's 'scary'.
June 21st, 2024 — Source

Team creates software to block AI phishing scams
A team of researchers at the University of Texas at Arlington has developed software that prevents artificial intelligence (AI) chatbots such as ChatGPT from creating phishing websites—a growing concern as cybercriminals have been utilizing the technology for designing scams.
June 21st, 2024 — Source

US government sanctions Kaspersky executives
The U.S. government announced sanctions against 12 executives and senior leaders of the Russia-based cybersecurity giant Kaspersky.
June 21st, 2024 — Source

US sanctions Kaspersky Lab executives, board members over 'cooperation' with Russia
The Commerce Department banned Kaspersky from conducting new business in the US a day before the announcement.
June 21st, 2024 — Source

Internet — Security Issues — June 20th, 2024

Access Management Startup Pomerium Raises $13.75 Million
Pomerium raises $13.75 million in Series A funding for dynamic user identity verification and access management platform.
June 20th, 2024 — Source

Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira
Atlassian has released Confluence, Crucible, and Jira updates to address multiple high-severity vulnerabilities.
June 20th, 2024 — Source

Biden Administration Bans Kaspersky Antivirus Software
New Updates for Customers Will Become Unavailable on September 29
June 20th, 2024 — Source

Breach Roundup: Phishing Platform ONNX Targets Microsoft 365
Also: Chinese Cyberespionage, Defiant Cleveland, and a Spanish Ransomware Attack
June 20th, 2024 — Source or Source or Source or Source or Source

Car dealer software bigshot CDK pulls systems offline twice amid 'cyber incident'
Downtime set to crash into next week
June 20th, 2024 — Source

Car dealers across US are crippled by a second cyberattack
Auto retailers across the U.S. suffered a second major disruption in as many days due to another cyberattack at CDK Global, the software provider on which thousands of dealers rely to run their stores.
June 20th, 2024 — Source

Car dealerships hit with massive computer system outage
The outage, which has stretched into its second day, has thrown a wrench in the operation of thousands of dealers across North America.
June 20th, 2024 — Source

CDK Global cyberattack cripples 15,000 US auto dealerships
CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers' operations.
June 20th, 2024 — Source

CDK Global hacked again while recovering from first cyberattack
Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack.
June 20th, 2024 — Source

Chinese Hackers Used Open-Source Rootkits for Espionage
UNC3886 Targeted Edge Devices for Persistence, Mandiant Says
June 20th, 2024 — Source or Source or Source or Source

CISA leads tabletop exercise focusing on hacked AI
The simulated cybersecurity attack on an artificial intelligence-enabled system enabled participants to hone their information-sharing and incident response skills. It underscored the need to ensure secure-by-design products, said CISA's Jen Easterly.
June 20th, 2024 — Source

Critical UEFI Flaw in Phoenix Firmware Hits Major PC Brands
Buffer Overflow Vulnerability Lets Attackers Control Devices
June 20th, 2024 — Source or Source or Source or Source or Source

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack "by an international cybercriminal organization," the company has finally confirmed to its employees on Tuesday.
June 20th, 2024 — Source

Cyber Assault on Asian Telecoms Traced to Chinese State Hackers
A years-long espionage campaign has targeted telecoms companies in Asia with tools associated with Chinese groups.
June 20th, 2024 — Source

Cybersecurity Guidance
DHS Calls for Public-Private Collaboration on Critical Infrastructure Security
June 20th, 2024 — Source or Source

European CSAM Scanning Proposal Runs Into Opposition
Council of the European Union Cancels Vote
June 20th, 2024 — Source or Source or Source or Source

Highly Evasive SquidLoader Malware Targets China
A threat actor targeting Chinese-speaking victims has been using the SquidLoader malware loader in recent attacks.
June 20th, 2024 — Source

Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability
Hundreds of PC and server models may be affected by CVE-2024-0762, a privilege escalation and code execution flaw in Phoenix SecureCore UEFI firmware.
June 20th, 2024 — Source

Law Enforcement's Role in Remediating Ransomware Attacks
Different Countries Have Different Levels of Law Enforcement Involvement
June 20th, 2024 — Source or Source or Source or Source or Source or Source

LockBit Ransomware Again Most Active -- Real Attack Surge or Smokescreen?
LockBit appears to once again be the most active ransomware group, but experts believe the hackers may just be inflating their numbers.
June 20th, 2024 — Source

Cyber Assault on Asian Telecoms Traced to Chinese State Hackers
A years-long espionage campaign has targeted telecoms companies in Asia with tools associated with Chinese groups.
June 20th, 2024 — Source

OpenAI Co-Founder Sutskever Sets up New AI Company Devoted to 'Safe Superintelligence'
Ilya Sutskever's new company is focused on safely developing "superintelligence" -- a reference to AI systems that are smarter than humans.
June 20th, 2024 — Source

Opposing a Global Surveillance Disaster | EFFector 36.8
Join EFF on a road trip through the information superhighway! As you choose the perfect playlist for the trip we'll share our findings about the latest generation of cell-site simulators; share security tips for protestors at college campuses; and rant about the surveillance abuses that could come from the latest UN Cybercrime Convention draft.
June 20th, 2024 — Source

Post-Quantum Cryptography Firm PQShield Raises $37 Million
Post-quantum cryptography (PQC) company PQShield has raised $37 million in Series B funding for its quantum-safe cryptography solutions.
June 20th, 2024 — Source

Qilin: We knew our Synnovis attack would cause a healthcare crisis at London hospitals
Cybercriminals claim they used a zero-day to breach pathology provider's systems
June 20th, 2024 — Source

Radiology Practice Hack Affects Sensitive Data of 512,000
Breach Is Latest Major Cyber Incident Reported by a Medical Imaging Provider
June 20th, 2024 — Source or Source or Source or Source

Russia's cyber spies still threatening French national security, democracy
Publishing right before a major election is apparently just a coincidence
June 20th, 2024 — Source

Semperis Eyes IPO With $125 Million in Growth Financing
Enterprise identity company raises new capital from JP Morgan and Hercules Capital as it prepares for an IPO exit.
June 20th, 2024 — Source

Semperis, a specialist in Active Directory security now worth more than $1B, raises $125M
Active Directory, the Microsoft directory service for connecting users with network resources, is used by more than 90% of all Fortune 1000 companies and many more besides. So it's no surprise that it's a giant target for malicious hackers.
June 20th, 2024 — Source

Single point of software failure could hamstring 15K car dealerships for days
"Cyber incident" affecting 15K dealers could mean outages "for several days."
June 20th, 2024 — Source

The US will ban sales of Kaspersky antivirus software next month
Today's move is the culmination of years of national security questions about the Russian company's government ties.
June 20th, 2024 — Source

UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs
A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named 'Reptile' and 'Medusa' to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement.
June 20th, 2024 — Source

US car dealerships face ongoing outage after CDK cyberattacks
Auto retailers and car dealerships across the U.S. are facing another day of outages after a second cyberattack hit tech company CDK Global, which develops software used for managing auto customers and their vehicles.
June 20th, 2024 — Source

US-Russia tensions escalate as Kaspersky ban set to be introduced
The Biden administration is set to ban sales of Kaspersky's anti virus solution in the US later this week, Reuters has reported. The news agency spoke with a person familiar with the matter who said that an announcement will be made this Thursday due to concerns that the software is being used by critical infrastructure providers as well as state and local governments.
June 20th, 2024 — Source

UK cybersecurity startup PQShield raises $37M for post-quantum cryptography
PQC is gaining market momentum as more industries rush to get quantum-ready
June 20th, 2024 — Source

Verimatrix XTD dashboard enhancements improve mobile app security
Verimatrix announced major enhancements to its XTD dashboard, providing customers with better visibility into application security risks and more actionable insights to better protect mobile apps and users.
June 20th, 2024 — Source

Victims of Snowflake Data Breach Receive Ransom Demands
Attackers Demanding Up to $5 Million to Delete Stolen Data, Investigators Report
June 20th, 2024 — Source or Source or Source

Will Upcoming HHS Cyber Regs Move Needle in Health Sector?
New Minimum Cyber Mandates Expected for Hospitals, But Is That Enough?
June 20th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — June 17th, 2024

7 warning signs your computer has been hacked — and what to do
If something doesn't seem right, it's time to run some scans.
June 17th, 2024 — Source

200,000 Impacted by Data Breach at Los Angeles County Public Health Agency
The LA County's Department of Public Health says the personal information of 200,000 was compromised in a data breach.
June 17th, 2024 — Source

Aim Security Raises $18M to Secure Customers' Implementation of AI Apps
Aim Security has raised a total of $28 million to date and is on a mission to help companies to implement AI products with confidence.
June 17th, 2024 — Source

Argus Cyber Security and Microsoft partner to secure automotive fleets throughout the vehicle lifecycle
Argus Cyber Security is collaborating with Microsoft to build a next generation, end-to-end platform for automotive and mobility security.
June 17th, 2024 — Source

ARM's 'TIKTAG' attack affects Google Chrome and Linux systems
Recently, a team of Korean researchers from Samsung, Seoul National University, and Georgia Institute of Technology have tested a new speculative execution attack called TIKTAG. Quite surprisingly, this specially designed attack targets ARM's Memory Tagging Extension allowing data leakage with a success rate higher than 95%. The practical implications of this discovery are significant as it enables hackers to bypass key protection mechanisms against memory corruption.
June 17th, 2024 — Source

Australian Regulators Detail Medibank Hack: VPN Lacked MFA
Court Filing: Threat Actor Stole Admin Credentials From IT Service Desk Contractor
June 17th, 2024 — Source or Source or Source or Source or Source

Blackbaud has to cough up a few million dollars more over 2020 ransomware attack
Four years on and it's still paying for what California attorney general calls 'unacceptable' practice
June 17th, 2024 — Source

CISA Conducts First-Ever AI Security Incident Response Drill
US Cyber Defense Agency Developing AI Security Incident Collaboration Playbook
June 17th, 2024 — Source or Source or Source or Source or Source or Source

Getting a Firmer Grip on AI Privacy Concerns in Healthcare
Karen Habercoss of UChicago Medicine on Emerging Privacy Challenges
June 17th, 2024 — Source or Source or Source or Source

Hackers use F5 BIG-IP malware to stealthily steal data for years
A group of suspected Chinese cyberespionage actors named 'Velvet Ant' are deploying custom malware on F5 BIG-IP appliances to gain a persistent connection to the internal network and steal data.
June 17th, 2024 — Source

How to avoid being hacked: Start by upping your password game—'12345' doesn't cut it
If you type the term "password cyberattack" into Google News, the results will show just how often cyber criminals are getting hold of important data belonging to companies and individuals. Weak passwords are a big part of the problem. For instance, in 2023 technology security firm Nordpass reported that "123456" was the most common password in Nigeria, and the second most common password in the whole world.
June 17th, 2024 — Source

Insurance Company Globe Life Investigating Data Breach
US insurance company Globe Life is investigating a data breach involving unauthorized access to consumer and policyholder information.
June 17th, 2024 — Source

Keytronic Says Personal Information Stolen in Ransomware Attack
Keytronic confirms that personal information was compromised after a ransomware group leaked allegedly stolen data.
June 17th, 2024 — Source

Malware peddlers love this one social engineering trick!
Attackers are increasingly using a clever social engineering technique to get users to install malware, Proofpoint researchers are warning.
June 17th, 2024 — Source

Metomic's Google User Groups feature alerts users when sensitive data might be at risk
Metomic launched its new integration with Google Groups. The feature enables IT and security teams to ensure data loss prevention (DLP) across all business units that leverage Google Groups, allowing organizations to better manage and enforce data security protections and compliance across the platform.
June 17th, 2024 — Source

Nigerian Faces Prison in US After BEC Fraud Conviction
Nigerian national Ebuka Raphael Umeti was convicted in the US for operating a business email compromise (BEC) scheme.
June 17th, 2024 — Source

Panera Bread likely paid a ransom in March ransomware attack
Panera Bread, an American chain of fast food restaurants, most likely paid a ransom after being hit by a ransomware attack, suggests language used an internal email sent to employees.
June 17th, 2024 — Source

Police Dismantle Asian Crime Ring Behind $25M Android Fraud
Hackers Used Dozens of Servers to Distribute Malicious Android Apps
June 17th, 2024 — Source or Source or Source or Source

Privacy app maker Proton transitions to nonprofit foundation structure
Newly formed Proton Foundation counts Sir Tim Berners-Lee as board member
June 17th, 2024 — Source

Sleepy Pickle: Researchers Find a New Way to Poison ML
Hackers Can Use the Attack Method to Manipulate ML Model Output and Steal Data
June 17th, 2024 — Source or Source or Source or Source or Source

Stop playing games with online security, Signal president warns EU lawmakers
A controversial European Union legislative proposal to scan the private messages of citizens in a bid to detect child sexual abuse material (CSAM) is a risk to the future of web security, Meredith Whittaker warned in a public blog post Monday.
June 17th, 2024 — Source

Suspected bosses of $430M dark-web Empire Market charged in US
Cybercrime super-souk's Dopenugget and Zero Angel may face life behind bars if convicted
June 17th, 2024 — Source

That didn't take long: Replacement for SORBS spam blacklist arises ... sort of
Also: Online adoption cyberstalker nabbed; Tesla trade secrets thief pleads guilty; and a critical ASUS Wi-Fi vuln
June 17th, 2024 — Source

The Rise Of Ransomware 2.0: How Attacks Are Evolving And What You Need To Know
Ransomware is changing with the times. The original modus operandi of crypto ransomware attackers was to gain access to your network or computer, inject and activate malware that encrypts data, locking users out of their machines, and finally demanding a ransom — usually in cryptocurrency, as with the WannaCry ransomware of 2017 — for the decryption key.
June 17th, 2024 — Source

UK Man Suspected of Being 'Scattered Spider' Leader Arrested
A British man has been arrested in Spain for allegedly being the ringleader of the notorious Scattered Spider cybercrime group.
June 17th, 2024 — Source

UK's Total Fitness exposed nearly 500K images of members, staff through unprotected database
Health club chain headed for the spa on choose-a-password day
June 17th, 2024 — Source

Internet — Security Issues — June 16th, 2024

Week in review: JetBrains GitHub plugin vulnerability, 20k FortiGate appliances compromised
Here"s an overview of some of last week"s most interesting news, articles, interviews and videos:
June 16th, 2024 — Source

Internet — Security Issues — June 15th, 2024

Cybersecurity in the age of AI: A conversation with Amazon Chief Security Officer Steve Schmidt
This week on the GeekWire Podcast: It was a big week for cybersecurity for Seattle's cloud giants, albeit in very different ways for each.
June 15th, 2024 — Source

ISMG Editors: Will AI Survive the Data Drought?
Also: ISMG's Summit in Chicago; Navigating Regulatory Change
June 15th, 2024 — Source or Source or Source

Microsoft: New Outlook security changes coming to personal accounts
Microsoft has announced new cybersecurity enhancements for Outlook personal email accounts as part of its 'Secure Future Initiative,' including the deprecation of basic authentication (username + password) by September 16, 2024.
June 15th, 2024 — Source

New Linux malware is controlled through emojis sent from Discord
A newly discovered Linux malware dubbed 'DISGOMOJI' uses the novel approach of utilizing emojis to execute commands on infected devices in attacks on government agencies in India.
June 15th, 2024 — Source

Internet — Security Issues — June 14th, 2024

A major disinformation research center"s future looks uncertain
The Stanford Internet Observatory studied key issues plaguing online spaces, like election and vaccine disinformation. It"s long been a target of Republican lawmakers.
June 14th, 2024 — Source

CISA warns of Windows bug exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs.
June 14th, 2024 — Source

CyberLink launches FaceMe Security version 7.15
CyberLink announced the latest release of FaceMe Security. A turnkey security and access control solution, FaceMe Security enables identity verification, attendance management, and access control through AI facial recognition, with real-time monitoring and alerts.
June 14th, 2024 — Source

If Not Amended, States Must Reject the Flawed Draft UN Cybercrime Convention Criminalizing Security Research and Certain Journalism Activities
The latest and nearly final version of the proposed UN Cybercrime Convention—dated May 23, 2024 but released today June 14—leaves security researchers" and investigative journalists" rights perilously unprotected, despite EFF"s repeated warnings.
June 14th, 2024 — Source

In Other News: Fuxnet ICS Malware, Google User Tracking, CISA Employee Scams
Noteworthy stories that might have slipped under the radar: Overview of the ICS malware Fuxnet, Google accused of tracking users, scammers impersonate CISA staff.
June 14th, 2024 — Source

Oscilar"s AI-powered ACH Fraud Detection identifies and prevents fraudulent transactions
Oscilar released its AI-powered ACH Fraud Detection product. The solution identifies and prevents fraudulent transactions with unparalleled speed and accuracy by leveraging advanced machine learning algorithms, generative AI techniques, and real-time data analysis and explainability.
June 14th, 2024 — Source

Tips to shorten healthcare's cybersecurity learning curve
"Healthcare organizations cannot rely on legacy technologies to detect and respond to today"s attacks," says Ricardo Villadiego, CEO of cybersecurity firm Lumu.
June 14th, 2024 — Source

YetiHunter: Open-source threat hunting tool for Snowflake environments
Cloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake environments for evidence of compromise.
June 14th, 2024 — Source

Ascension Says Personal, Health Information Stolen in Ransomware Attack
Ascension says patient information was stolen in an early-May ransomware attack that involved an employee downloading malware.
June 14th, 2024 — Source

CISA Warns of Progress Telerik Vulnerability Exploitation
CISA urges federal agencies to apply mitigations for an exploited Progress Telerik vulnerability as soon as possible.
June 14th, 2024 — Source

Edge Devices: The New Frontier for Mass Exploitation Attacks
The increase in mass exploitation involving edge services and devices is likely to worsen.
June 14th, 2024 — Source

Elastic Automates SIEM Investigations with Tines
Elastic's information security team recently detailed their workflow automation using Tines, aimed at improving their ability to identify and respond to cybersecurity threats. The system automatically triages alerts from its Security Information and Event Management (SIEM) system, enhancing the ability to identify and prioritize real threats.
June 14th, 2024 — Source

France makes 700-mn-euro offer for Atos security units
Debt-laden tech group Atos said Friday the French state has made a 700-million-euro bid for its most sensitive businesses, including cybersecurity and supercomputers used for the country's nuclear deterrent.
June 14th, 2024 — Source

How the Growing Demands of Healthcare Are Complicating Risk
Krista Arndt, CISO of United Musculoskeletal Partners, on Top Threats
June 14th, 2024 — Source or Source or Source or Source or Source

IRONSCALES boosts email security with GPT-powered training feature
IRONSCALES announced its GPT-powered Phishing Simulation Testing solution. This capability, now available to IRONSCALES Complete Protect customers, marks a significant advancement in the ease, efficacy and accessibility of cybersecurity training and awareness.
June 14th, 2024 — Source

ISMG Editors: Will AI Survive the Data Drought?
Also: ISMG's Summit in Chicago; Navigating Regulatory Change
June 14th, 2024 — Source or Source

Keytronic confirms data breach after ransomware gang leaks stolen files
PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago.
June 14th, 2024 — Source

London hospitals cancel over 800 operations after ransomware attack
NHS England revealed today that multiple London hospitals impacted by last week"s Synnovis ransomware attack were forced to cancel hundreds of planned operations and appointments.
June 14th, 2024 — Source

Managing Chaos in Massive Healthcare Sector Cyberattacks
Bryan Chnowski, Deputy CISO at Nuvance Health, on Crisis Response
June 14th, 2024 — Source or Source or Source or Source or Source

Meta Delays Data Harvesting for AI Plans in Europe
Company Says It Will Still Attempt to Use Public Posts Dating to 2007 to Train AI
June 14th, 2024 — Source or Source or Source or Source or Source

Microsoft Delaying Recall Feature to Improve Security
Microsoft is not rolling out Recall with Copilot+ PCs as it"s seeking additional feedback and working on improving security.
June 14th, 2024 — Source

Microsoft faces heat from US Congress over cybersecurity
Members of US Congress on Thursday pressed Microsoft to explain a "cascade of avoidable errors" that allowed a Chinese hacking group to breach emails of senior US officials.
June 14th, 2024 — Source

Microsoft, Palo Alto, CrowdStrike Lead XDR Forrester Wave
Palo Alto Networks Reaches Leaderboard While Trend Micro Falls to Strong Performer
June 14th, 2024 — Source or Source or Source or Source or Source

NCS Insider Prison Sentence Highlights Enterprise Risk Flaws
Enterprise Monitoring Systems Failed to Detect Ex-Worker's Unauthorized Logins
June 14th, 2024 — Source or Source or Source or Source or Source

New York Times freelance contributors info exposed in data breach
The New York Times warned several of its freelance contributors about a recent data breach. The company contacted those who have worked with them in recent years about the situation. The attack could have compromised much of their personal information.
June 14th, 2024 — Source

OpenAI Appoints Former NSA Director Paul Nakasone to Board of Directors
Retired U.S. Army General Paul M. Nakasone brings cybersecurity experience to OpenAI"s Board of Directors and Safety and Security Committee.
June 14th, 2024 — Source

Pakistani Threat Actors Caught Targeting Indian Gov Entities
Security researchers at Cisco Talos and Volexity flag two Pakistani espionage campaigns targeting Indian government entities.
June 14th, 2024 — Source

Rockwell Automation Patches High-Severity Vulnerabilities in FactoryTalk View SE
Rockwell Automation has patched three high-severity vulnerabilities in its FactoryTalk View SE HMI software.
June 14th, 2024 — Source

Security pros struggle with too many tools
New research by Keeper Security shows nearly half of security professionals (48 percent) say they favor standalone security solutions for specific issues.
June 14th, 2024 — Source

The Dangers of Over-Relying on Too Few Critical Vendors
CISO Jigar Kadakia on Business Continuity Gaps Exposed by Change Healthcare Breach
June 14th, 2024 — Source or Source or Source or Source

Internet — Security Issues — June 12th, 2024

20,000 FortiGate appliances compromised by Chinese hackers
Coathanger – a piece of malware specifically built to persist on Fortinet"s FortiGate appliances – may still be lurking on too many devices deployed worldwide.
June 12th, 2024 — Source

Acronis XDR enhances EDR with comprehensive cybersecurity for MSPs
Acronis has introduced Acronis Advanced Security + XDR the newest addition to the company"s security solution portfolio.
June 12th, 2024 — Source

API security is top concern for the financial sector
The proliferation of APIs in the financial services industry has created a vast and complex attack surface that traditional security measures cannot adequately protect.
June 12th, 2024 — Source

Are Security Concerns Around Apple"s AI Announcements Justified?
Artificial intelligence (AI) dominated the first day of the 2024 WWDC, and Apple announced several updates. Siri will be receiving an overhaul, which also includes ChatGPT integration. Apple Intelligence will also appear in several apps, including Notes, and you"ll get AI notification summaries. However, many of these features won"t come until 2025.
June 12th, 2024 — Source

AWS unveils new and improved security features
At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools.
June 12th, 2024 — Source

Beware of these 7 new hacker tricks — and how to protect yourself
Hackers are utilizing AI and video conferencing vulnerabilities to deceive and defraud. You need to watch out for these patterns.
June 12th, 2024 — Source

Black Basta ransomware gang linked to Windows zero-day attacks
The Black Basta ransomware operation is suspected of exploiting a Windows privilege escalation vulnerability (CVE-2024-26169) as a zero-day before a fix was made available.
June 12th, 2024 — Source

Brazil's Climb Onto the World Stage Sparks Cyber Risks
Cyber Spies, Extortionists and Domestic Crooks All Vie to Hack Brazil
June 12th, 2024 — Source or Source or Source or Source

China's FortiGate attacks more extensive than first thought
Dutch intelligence says at least 20,000 firewalls pwned in just a few months
June 12th, 2024 — Source

CISA warns of criminals impersonating its employees in phone calls
Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money.
June 12th, 2024 — Source

CORL Companion automates the security assessment response for healthcare vendors
CORL released CORL Companion, an AI-powered assistant for healthcare vendors to automate and enhance security assessment response.
June 12th, 2024 — Source

Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation
Data security company Cyberhaven has raised $88 million in a Series C funding round that brings the total to $136 million.
June 12th, 2024 — Source

Everfox to Acquire British Hardware Security Vendor Garrison
High-Assurance Security Tech Boosts Everfox's Government and Infrastructure Tools
June 12th, 2024 — Source or Source or Source or Source

Fraudsters Impersonate CISA in Money Scams
CISA Won't Ask You to Wire Money or Keep Discussions Secret
June 12th, 2024 — Source or Source or Source or Source

GitHub Paid Out Over $4 Million via Bug Bounty Program
The code hosting platform GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago.
June 12th, 2024 — Source

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation
The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware.
June 12th, 2024 — Source

ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA
Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their industrial and OT products.
June 12th, 2024 — Source

IT teams struggle to get visibility into tech assets
A new report into IT asset management (ITAM) shows that 53 percent of IT teams report challenges gaining or maintaining complete visibility of their technology investments.
June 12th, 2024 — Source

Lacework"s visibility enhancements give businesses real time insight into resource inventory
Lacework announced a range of visibility updates to its platform headlined by Continuous Threat Exposure Management (CTEM).
June 12th, 2024 — Source

Major cybersecurity upgrades announced to safeguard American healthcare
Recent cyberattacks targeting the nation"s healthcare system have demonstrated the vulnerability of hospitals and payment systems.
June 12th, 2024 — Source

Microsoft launches cybersecurity program to tackle attacks, protect rural hospitals
Microsoft has unveiled a new cybersecurity program to support hospitals serving more than 60 million people living in rural America. In 2023, the healthcare sector reported more ransomware attacks than any other critical infrastructure sector and attacks involving ransomware against the healthcare sector were up nearly 130%.
June 12th, 2024 — Source

Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited
Microsoft"s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution.
June 12th, 2024 — Source

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
June 12th, 2024 — Source

NIST Publishes Draft OT Cybersecurity Guide for Water Sector
Agency Seeks Feedback on OT Security Reference Guide for Water, Wastewater Sectors
June 12th, 2024 — Source or Source

On the Future of Cybersecurity in Hybrid Cloud Environments
An Interview with Gigamon's Chief Security Officer, Chaim Mazal
June 12th, 2024 — Source or Source or Source or Source or Source

Police arrest Conti and LockBit ransomware crypter specialist
The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself.
June 12th, 2024 — Source

Prevalent adds AI-powered enhancements to reduce risk assessment time
Prevalent announced that it added several AI-powered timesaving and threat-sensing enhancements to the Prevalent Third-Party Risk Management Platform, its SaaS solution used by hundreds of organizations around the world to manage, monitor and remediate risks associated with their vendors and suppliers.
June 12th, 2024 — Source

Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day
The Black Basta ransomware gang may have exploited the Windows privilege escalation flaw CVE-2024-26169 before it was patched.
June 12th, 2024 — Source

Ransomware: Disruption of Hospitals and Nearby Facilities
Researchers Rahi Abouk and David Powell on Study Findings, Need for Better Planning
June 12th, 2024 — Source or Source or Source

SentinelOne strengthens cloud security for AWS customers
SentinelOne announced Singularity Cloud Workload Security for Serverless Containers, a new offering that provides real-time, AI-powered protection to secure containerized workloads running on AWS Fargate for Amazon ECS and Amazon EKS.
June 12th, 2024 — Source

Splunk"s security innovations boost threat detection and response
Splunk announced new security innovations aimed at bolstering threat detection and security operations across multiple data sources.
June 12th, 2024 — Source

The CIS® and MS-ISAC® cybersecurity professionals analyze risks and alert members to current online security threats.
On June 12, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in PHP, SolarWinds, Mozilla, Microsoft, Adobe and Google products. On June 7, the MS-ISAC released two advisories. The first advisory was for multiple vulnerabilities in PHP, the most severe of which could allow for remote code execution.
June 12th, 2024 — Source

The Shift to Skills-Based Hiring
How and Why to Select Candidates Based on Their Real-World Skills
June 12th, 2024 — Source or Source or Source or Source

When Vendors Overstep – Identifying the AI You Don"t Need
AI models are nothing without vast data sets to train them and vendors will be increasingly tempted to harvest as much data as they can and answer any questions later.
June 12th, 2024 — Source

White House report dishes deets on all 11 major government breaches from 2023
The MOVEit breach and ransomware weren"t kind to the Feds last year
June 12th, 2024 — Source

Internet — Security Issues — June 10th, 2024

Frontier hackers threaten to release private data for at least 750,000 customers
The telecommunications company has notified impacted customers after a ransomware group breached its systems in April.
June 10th, 2024 — Source

Hackers Leak 270GB Of Stolen New York Times Data Including Source Code
A significant breach of The New York Time's GitHub account and its repository data has apparently been stolen, followed by a massive file dump of things like internal source code and other data posted to the controversial 4Chan board. The stolen 270GB worth of data appears to include source code for the popular Wordle game.
June 10th, 2024 — Source

London Hospitals Seek Biologics Backup After Ransomware Hit
Urgent Appeal Issued for O Type Blood; Attack Disrupts Patient Blood Type Matching
June 10th, 2024 — Source or Source

or Source

or Source

or Source

The number of known Snowflake customer data breaches is rising
LendingTree subsidiary QuoteWizard and automotive parts provider Advance Auto Parts have been revealed as victims of attackers who are trying to sell data stolen from Snowflake-hosted cloud databases.
June 10th, 2024 — Source

UK and Canada privacy watchdogs investigating 23andMe data breach
Privacy watchdogs in the U.K. and Canada have launched a joint investigation into the data breach at 23andMe last year.
June 10th, 2024 — Source

Internet — Security Issues — June 9th, 2024

Akira: Perhaps the next big thing in ransomware, says Tidal threat intelligence chief
Scott Small tells us gang's 'intent and capability' should get the attention of CSOs
June 9th, 2024 — Source or Watch Video

Security Bite: Apple refused to pay bounty to Kaspersky for uncovering vulnerability part of 'Operation Triangulation'
Kaspersky, the renowned Russian cybersecurity firm, made headlines at this time last year after uncovering an attack chain using four iOS zero-day vulnerabilities to create a zero-click exploit. Kaspersky was able to identify and report one of the vulnerabilities to Apple. However, in an unfortunate update, Apple reportedly refuses to pay the security bounty for the firm's contribution.
June 9th, 2024 — Source

Week in review: Atlassian Confluence RCE PoC, new Kali Linux, Patch Tuesday forecast
Here's an overview of some of last week's most interesting news, articles, interviews and videos:
June 9th, 2024 — Source

Internet — Security Issues — June 7th, 2024

750k Impacted by Frontier Communications Data Breach
Frontier Communications is notifying over 750,000 individuals that their personal information was stolen in a recent data breach.
June 7th, 2024 — Source

Christie's starts notifying clients of RansomHub data breach
British auction house Christie's is notifying individuals whose data was stolen by the RansomHub ransomware gang in a recent network breach.
June 7th, 2024 — Source

CISA Planning JCDC Overhaul as Experts Criticize Slow Start
Top US Cyber Defense Agency Aims to Revamp Its Key Public-Private Collaborative
June 7th, 2024 — Source

Collaborative Security: The Team Sport Approach
Dom Lombardi of Kandji on Translating Cyber Risk Into Business Risk
June 7th, 2024 — Source or Source or Source or Source or Source

Discovery highlights 'critical oversight' in perceived security of wireless networks
A research team led by Rice University's Edward Knightly has uncovered an eavesdropping security vulnerability in high-frequency and high-speed wireless backhaul links, widely employed in critical applications such as 5G wireless cell phone signals and low-latency financial trading on Wall Street.
June 7th, 2024 — Source

FCC Proposes BGP Security Reporting for Broadband Providers
The FCC proposes that broadband providers plan for BGP security and provide quarterly reports on implemented risk mitigations.
June 7th, 2024 — Source

Frontier Communications: 750k people's data stolen in April attack on systems
Company says just names and SSNs affected, watering down RansomHub"s claims
June 7th, 2024 — Source or Source

Hypr Secures $30M to Expand Identity Protection Platform
Silver Lake Waterman Investment in Hypr Fuels Product Development, Market Expansion
June 7th, 2024 — Source or Source or Source or Source

Microsoft Tweaks Recall for Security
The Computing Giant Faced a Wave of Criticism Over 'Photographic Memory' Feature
June 7th, 2024 — Source or Source or Source

Mozilla Launches 0Din Gen-AI Bug Bounty Program
Mozilla has announced a 0Day Investigative Network (0Din) bug bounty program for LLMs and other deep learning tech.
June 7th, 2024 — Source

Multiple Vulnerabilities in PHP Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in PHP which could allow for remote code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. Successful exploitation could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
June 7th, 2024 — Source

Qilin RaaS Group Believed to Be Behind Synnovis, NHS Attack
Patient Care, Including Transplants, Still Disrupted at London Hospitals, Clinics
June 7th, 2024 — Source or Source< or Source or Source

Russian hacktivists vow mass attacks against EU elections
But do they get to wear 'I DDoSed' stickers?
June 7th, 2024 — Source

Tenable Boosts Data, Cloud Security With Eureka Acquisition
Tenable to Natively Integrate Eureka's Data Security Posture Management Product
June 7th, 2024 — Source or Source or Source or Source

Tenable to Acquire Eureka Security to Boost DSPM Capabilities
Tenable goes shopping again in Israel with plans to buy early stage startup Eureka Security to boost data security posture management tooling.
June 7th, 2024 — Source

TikTok says it fixed a vulnerability that enabled a cyberattack on high-profile accounts
The cyberattack involved direct messages laced with malicious code.
June 7th, 2024 — Source

Windows Recall will be opt-in and the data more secure, Microsoft says
The insistent public complaints and proof-of-concept tools have have borne fruit: Microsoft has realized that the security of its recently previewed Windows Recall feature leaves much to be desired, and has announced important changes.
June 7th, 2024 — Source

Wiz Counters Orca Security's Patent Infringement Allegations
Wiz Hits Back With Counterclaims, Says Orca Copied Patented Cloud Security Features
June 7th, 2024 — Source or Source or Source

Internet — Security Issues — June 6th, 2024

1Password's Extended Access Management aims to secure modern workforces
The work landscape has changed enormously in recent years with hybrid and remote working now becoming the norm. This makes it harder for businesses to secure their systems as there's no longer a clearly defined network perimeter.
June 6th, 2024 — Source

7,000 LockBit decryption keys now in the hands of the FBI, offering victims hope
The announcement could be good news for those whose data has been inaccessible
June 6th, 2024 — Source

A fast-paced, fictional exploration of cybersecurity and nationwide interoperability
Dr. Marschall Runge, CEO of Michigan Medicine and dean of U-M Medical School, discusses the real-world insider threats that inspired his new "techno-medical thriller," whose plot focuses on misuse of a national electronic health record.
June 6th, 2024 — Source

A Russian Cyber Gang Is Thought to Be Behind a Ransomware Attack That Hit London Hospitals
A Russian cyber gang is believed to be behind a ransomware attack that disrupted London hospitals and led to operations and appointments being canceled.
June 6th, 2024 — Source

AI PCs might solve a real problem: The 'friction' that sees users ignore security
Trend Micro says cloudy email scans trigger GDPR warnings that deter users. Local models that use NPUs don't
June 6th, 2024 — Source

AI startup lands $10M seed round from Madrona, Point72 Ventures to automate complex workflows
A new startup out of Seattle called Tektonic AI has raised $10 million to fuel development of its software that automates business operations with the help of artificial intelligence technology.
June 6th, 2024 — Source

Analysis: Weapons potential of high-assay low-enriched uranium fuel poses greater threat than publicly acknowledged
An analysis published in the journal Science found that, contrary to a widely held assumption, the high assay low-enriched uranium (HALEU) now being produced with federal subsidies to fuel the next generation of small nuclear power reactors can be used directly to make nuclear weapons, and thus presents greater terrorism and nuclear proliferation threats than publicly acknowledged by the federal government and industry.
June 6th, 2024 — Source

Apple will update iPhones for at least 5 years in rare public commitment
UK regulation requires companies to say how long they plan to provide support.
June 6th, 2024 — Source

Breach Roundup: Microsoft Deprecates NTLM Authentication
Also: Hacker Sells Data Obtained Through Snowflake Attack
June 6th, 2024 — Source or Source or Source

Chinese Hackers Exploit Old ThinkPHP Vulnerabilities in New Attacks
Akamai warns that a Chinese threat actor is exploiting years-old remote code execution vulnerabilities in ThinkPHP in new attacks.
June 6th, 2024 — Source

CIS Benchmarks Community Volunteer Spotlight: William Ferguson
CIS Benchmarks™ are the only consensus-developed secure configuration recommendations both created and trusted by a global community of IT security professionals from academia, government, and industry. The community brings real-world experience and expertise to the development process, ensuring the Benchmarks keep pace with technological change.
June 6th, 2024 — Source

Cryptohack Roundup: Robinhood to Acquire Bitstamp
Also: FBI Warns About Work-From-Home Scammers Demanding Crypto
June 6th, 2024 — Source or Source or Source or Source or Source

Exploitation of Recent Check Point VPN Zero-Day Soars
GreyNoise has observed a rapid increase in the number of exploitation attempts targeting a recent Check Point VPN zero-day.
June 6th, 2024 — Source

FBI Says It Has 7,000 LockBit Ransomware Decryption Keys
The FBI has obtained more than 7,000 LockBit ransomware decryption keys and is urging victims to get in touch with its IC3.
June 6th, 2024 — Source

FCC pushes ISPs to fix security flaws in Internet routing
Chair: Addressing BGP flaws will "help make our Internet routing more secure."
June 6th, 2024 — Source

Google, Microsoft: Russian Threat Actors Pose High Risk to 2024 Paris Olympics
Google and Microsoft warn of elevated risks of cyber threats facing the 2024 Paris Olympics, especially from Russian threat actors.
June 6th, 2024 — Source

Hackers exploit 2018 ThinkPHP flaws to install 'Dama' web shells
Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama.
June 6th, 2024 — Source

HYPR raises $30 million to combat threats posed by generative AI
HYPR secures $30 million in funding from Silver Lake Waterman to drive accelerated advancements in technologies to combat the rising threat of generative AI-driven credential-based attacks.
June 6th, 2024 — Source

Interpol and FBI Break Up a Cyber Scheme in Moldova to Get Asylum for Wanted Criminals
A multinational operation by Interpol and the FBI cracked down on attempts in Moldova to sabotage one of the international police agency's key tools, the Red Notice system.
June 6th, 2024 — Source

Multiple Chinese APTs Targeted Southeast Asian Government for Two Years
Multiple Chinese state-sponsored groups have targeted a Southeast Asian government in a years-long cyberespionage campaign.
June 6th, 2024 — Source

New Fog ransomware targets US education sector via breached VPNs
A new ransomware operation named 'Fog' launched in early May 2024, is using compromised VPN credentials to breach the networks of educational organizations in the U.S.
June 6th, 2024 — Source

New ransomware attack based on an evolutional generative adversarial network can evade security measures
In recent years, cyber attackers have become increasingly skilled at circumventing security measures and successfully targeting technology users. Developing effective methods to detect, neutralize or mitigate the impact of these attacks is of utmost importance.
June 6th, 2024 — Source

Norton Antivirus Plus review: A slim suite for digital minimalists
Norton pares back to the essentials in this entry-level suite, but without being stingy.
June 6th, 2024 — Source

Renewed Info Stealer Campaign Targets Ukrainian Military
CERT-UA Says Threat Actor 'Vermin' Used Syncthing Application
June 6th, 2024 — Source or Source or Source or Source or Source

Security, Surveillance, and Government Overreach -- the United States Set the Path but Canada Shouldn't Follow It
The Canadian House of Commons is currently considering Bill C-26, which would make sweeping amendments to the country's Telecommunications Act that would expand its Minister of Industry's power over telecommunication service providers. It's designed to accomplish a laudable and challenging goal: ensure that government and industry partners efficiently and effectively work together to strengthen Canada's network security in the face of repeated hacking attacks.
June 6th, 2024 — Source

Senator Demands That HHS Ratchet Up Health Sector Cyber Regs
Lawmaker Says New Regulations Needed to Fix 'Lax' Cyber Postures of Major Entities
June 6th, 2024 — Source or Source or Source

Tenable partners with Deloitte to help organizations reduce cyber risk
Tenable announced that it has formed a strategic alliance with Deloitte. Deloitte has added the Tenable One Exposure Management Platform, Tenable Cloud Security and Tenable OT Security to its portfolio of available cyber solutions for Internet of Things (IoT) and operational technology (OT) cyber risk management.
June 6th, 2024 — Source

The FBI has over 7,000 decryption keys to help LockBit ransomware victims
Operation Cronos was a "huge success," although no cyber-criminal has been arrested yet
June 6th, 2024 — Source

Ukraine says hackers abuse SyncThing tool to steal data
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed "SickSync," launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces.
June 6th, 2024 — Source

Upleveling the State of SMB Cybersecurity
Gone are the days when cyberattacks were deemed concerns solely by corporate giants.
June 6th, 2024 — Source

US Authorities Attempting to Recover $5.3 Million Stolen in BEC Scam
The US government is trying to recover more than $5.3 million stolen by cybercriminals through a BEC scheme from a workers union.
June 6th, 2024 — Source

US Regulators Intensify Antitrust Scrutiny of AI Developers
DOJ and FTC to Launch Antitrust Investigations Into Microsoft, OpenAI and Nvidia
June 6th, 2024 — Source or Source

The best password manager for 2024
Stay secure online with the best password manager for every budget.
June 6th, 2024 — Source

What is ransomware? 7 things you must know before it's too late
Ransomware is on the rise again. Here's what you need to know and why it matters.
June 6th, 2024 — Source

Why Hackers Love Logs
Log tampering is an almost inevitable part of a compromise. Why and how do cybercriminals target logs, and what can be done to protect them?
June 6th, 2024 — Source

Wiz Counters Orca Security's Patent Infringement Allegations
Wiz Hits Back With Counterclaims, Says Orca Copied Patented Cloud Security Features
June 6th, 2024 — Source or Source

Zyxel patches critical flaws in EOL NAS devices
Zyxel has released patches for three critical vulnerabilities (CVE-2024-29972, CVE-2024-29973, and CVE-2024-29974) affecting two network-attached storage (NAS) devices that have recently reached end-of-vulnerability-support.
June 6th, 2024 — Source

Internet — Security Issues — May 31st, 2024

25,000 individuals affected in BBC Pension Scheme data breach
Personal information of current and former BBC employees has been exposed in a data breach that affected the broadcaster"s in-house pension scheme.
May 31st, 2024 — Source

CISA Warns of Exploited Linux Kernel Vulnerability
CISA instructs federal agencies to mitigate CVE-2024-1086, a Linux kernel flaw leading to privilege escalation.
May 31st, 2024 — Source

Half-billion Ticketmaster customer accounts breached, hackers claim
A serious hack of the Ticketmaster website has exposed a large amount of customer data to third parties.
May 31st, 2024 — Source

Internet — Security Issues — May 30th, 2024

8 Degrees of Secure Access Service Edge
Assembling a diverse team, outlining clear objectives, and meticulously assessing your network landscape can enable organizations to successfully navigate SASE migration without hiccups and pitfalls.
May 30th, 2024 — Source

Australia engaging with Ticketmaster over hacking 'incident'
The Australian government was on Thursday investigating claims by a hacking group to have stolen the details of 560 million customers from global events giant Ticketmaster, with the FBI offering its assistance.
May 30th, 2024 — Source

BBC suffers data breach impacting current, former employees
The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members.
May 30th, 2024 — Source

Breach Roundup: Google AI Blunders Go Viral
Also: Okta Alert on Credential Stuffing; Data Breaches in Spain
May 30th, 2024 — Source

Check Point VPN Attacks Involve Zero-Day Exploited Since April
The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords.
May 30th, 2024 — Source

Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero
Cloudlfare acquires Boston seed-stage startup BastionZero to bolster its Zero Trust Network Access technology portfolio.
May 30th, 2024 — Source

Cooler Master Data Breach Allegedly Exposes Details Of Half A Million Customers To Hackers
Registered members of Cooler Master's Fanzone program should be on extra high alert for phishing attempts and other cyber shenanigans, like unusual (and otherwise unexpected) credit card charges. That's because a hacker purportedly managed to breach Cooler Master's website and ransack a boatload of data containing personal details for some 500,000 customers.
May 30th, 2024 — Source

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors
Malicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites.
May 30th, 2024 — Source

Cryptohack Roundup: FTX Paid Off Whistleblowers
Also: Guilty Pleas - Lots of Them
May 30th, 2024 — Source or Source or Source or Source or Source

Euro cops disrupt malware droppers, seize thousands of domains
Operation Endgame just beginning: 'Stay tuned,' says Europol
May 30th, 2024 — Source

European Police Take Down Botnet Servers, Make Arrests
'Operation Endgame' Disrupted 5 Botnets Including IcedID and SmokeLoader
May 30th, 2024 — Source or Source or Source or Source

FBCS Data Breach Impact Grows to 3.2 Million Individuals
The data breach at debt collection agency Financial Business and Consumer Solutions (FBCS) impacts 3.2 million individuals.
May 30th, 2024 — Source

Four arrested in international anti-malware sweep
Authorities arrested four people and took down or disrupted more than 100 servers in the "largest ever" operation against botnets that deploy ransomware, Europol said Thursday.
May 30th, 2024 — Source

Hospital Allegedly Skirting Ransomware Death Suit Settlement
Attorneys Say Hospital Is Reneging on Paying Up in Case Involving Baby's Death
May 30th, 2024 — Source or Source or Source or Source or Source

Internet-Exposed OT Devices at Risk Amid Israel-Hamas War
Cyberattack on Aliquippa Water Plant Highlights Vulnerabilities in OT Systems
May 30th, 2024 — Source or Source or Source or Source or Source

Is Microsoft Recall a 'privacy nightmare'? 7 reasons you can stop worrying about it
It's one of the signature features of the next-generation Microsoft Copilot+ PCs, and at first glance it acts like the worst kind of spyware. But it's getting a bad rap.
May 30th, 2024 — Source

Law enforcement operation takes aim at an often-overlooked cybercrime linchpin
Officials hope to sever a component crucial to the larger malware landscape
May 30th, 2024 — Source

Malware botnet bricked 600,000 routers in mysterious 2023 attack
A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that destroyed 600,000 office/home office (SOHO) internet routers offline, disrupting customers' internet access.
May 30th, 2024 — Source

Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested
The US announced that the 911 S5 (Cloud Router) botnet, likely the world"s largest, has been dismantled and its administrator arrested.
May 30th, 2024 — Source

Netherlands, France, and Germany lead ‘largest ever" botnet sting
European and US cops are both ramping up their attacks on botnets
May 30th, 2024 — Source

New VR Games & Releases June 2024: Quest, SteamVR, PSVR 2 & More
After some new VR games in June 2024? Here are our monthly highlights.
May 30th, 2024 — Source

NIST Getting Outside Help for National Vulnerability Database
NIST is receiving support to get the NVD and CVE processing back on track within the next few months.
May 30th, 2024 — Source

NIST says NVD will be back on track by September 2024
The National Institute of Standards and Technology (NIST) has awarded a contract for an unnamed company/organization to help them process incoming Common Vulnerabilities and Exposures (CVEs) for inclusion in the National Vulnerability Database (NVD), the agency has announced on Wednesday.
May 30th, 2024 — Source

Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication
Okta raises the alarm on credential stuffing attacks targeting endpoints used for cross-origin authentication.
May 30th, 2024 — Source

Pirated Microsoft Office delivers malware cocktail on systems
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
May 30th, 2024 — Source

Private data of 10,300 people may have been exposed in U of C Medical Center email incident
A phishing incident involving the emails of workers at University of Chicago Medical Center may have exposed the personal information of about 10,300 people, according to the hospital.
May 30th, 2024 — Source

Police seize over 100 malware loader servers, arrest four cybercriminals
An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC.
May 30th, 2024 — Source

Pretty much all the headaches at MSPs stem from cybersecurity
More cybercrime means more problems as understaffed teams stretched to the limit
May 30th, 2024 — Source

Ransomware Attack Disrupts Seattle Public Library Services
The Seattle Public Library is scrambling to bring systems online after shutting them down to contain a ransomware attack.
May 30th, 2024 — Source

RedTail Cryptomining Malware Exploits PAN-OS Vulnerability
Threat Actors Mirror the Tactics of North Korea's Lazarus Group
May 30th, 2024 — Source or Source or Source

Rising breach numbers drive zero-trust adoption
Two-thirds of organizations responding to a new survey list cyber risk concerns as the most important drivers for implementing a zero-trust strategy.
May 30th, 2024 — Source

Tech Moves: Workday CIO joins Tanium board; Madrona investor departs; City of Seattle hires CTO
Johnson is the chief information officer at HR giant Workday. She previously held IT leadership roles at Cloud Software Group, TIBCO, and SolarWinds.
May 30th, 2024 — Source

TrickBot and Other Malware Droppers Disrupted by Law Enforcement
The TrickBot botnet and other malware droppers have been targeted by international law enforcement in Operation Endgame.
May 30th, 2024 — Source

What Is ShrinkLocker? New Ransomware Targets Microsoft BitLocker Encryption Feature
The malware exploits Windows BitLocker to encrypt corporate files.
May 30th, 2024 — Source

Why Barracuda Networks Is Eyeing MSP Platform Vendor N-able
N-able Eyeing a Tech, PE Exit Less Than 3 Years After Spinning Off From SolarWinds
May 30th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — May 29th, 2024

Australian Industries Need OT-IT Convergence to Beat Attacks
IT and OT Teams Rarely Talk and When They Do, They Rarely Agree On Anything
May 29th, 2024 — Source or Source or Source or Source or Source

Balancing security and autonomy: Strategies for CISOs in the cloud era
Maintaining a secure cloud environment is one of the most important responsibilities of any CISO today, given that over 50 percent of all cyberattacks now originate in the cloud. However, this is a daunting task, as security must now be balanced against other priorities such as maintaining agile operations and the need to innovate.
May 29th, 2024 — Source

Checkout with the tech out: Amid cyberattack, here's a read on life at the library in Seattle
For a place that's traditionally supposed to be quiet, the Broadview branch of the Seattle Public Library was exceptionally so on Wednesday.
May 29th, 2024 — Source

Compliance and cybersecurity in the age of AI [Q&A]
Artificial Intelligence is dramatically transforming the business landscape. It streamlines operations, provides critical insights, and empowers businesses to make data-driven decisions efficiently. Through machine learning, predictive analytics, and automation, AI assists in identifying trends, forecasting sales, and streamlining supply chains, leading to increased productivity and improved business outcomes.
May 29th, 2024 — Source

Dashlane Nudges reduces the risk of credential theft
Dashlane unveiled Dashlane Nudges, a new automated tool to empower admins to proactively create a more security-conscious workforce and drive better credential security behavior across their organization, reducing the risk of credential theft
May 29th, 2024 — Source

Enhancing cybersecurity with 'moving trees'
"Please enter the code within the next two minutes." The concept of one-time passwords (OTPs) has become a mainstay in our procedures for secure user verification in sensitive applications, such as government and financial services. Typically found in multi-factor authentication schemes, a standard OTP resists hacking attempts by imposing a time limit for users to input the given password.
May 29th, 2024 — Source

EU's New AI Office Is Set to Begin Operating in June
The Office Will Oversee the Implementation of the European Union's AI Act
May 29th, 2024 — Source

Europe's Cybersecurity Chief Says Disruptive Attacks Have Doubled in 2024, Sees Russia Behind Many
Disruptive digital attacks -- many traced to Russia-backed groups -- have doubled in the European Union in 2024 and are also targeting election-related services, according to the EU's top cybersecurity official.
May 29th, 2024 — Source

Flaw in TP-Link Gaming Router Allows Remote Attacks
Unsanitized Inputs Leads to Remote Code Execution
May 29th, 2024 — Source or Source or Source or Source

GMO GlobalSign introduces Certificate Automation Manager
GMO GlobalSign announced the rebranding of the company's certificate automation product, Automated Enrollment Gateway (AEG), to Certificate Automation Manager.
May 29th, 2024 — Source

Hackers exploited free VPN services to build a massive botnet, used home PCs to commit fraud
The "free" service enabled billions of dollars in fraud, now hit with US sanctions
May 29th, 2024 — Source

Hiding in plain sight: AI may help to replace confidential information in images with similar visuals
Image privacy could be protected with the use of generative artificial intelligence. Researchers from Japan, China and Finland created a system which replaces parts of images that might threaten confidentiality with visually similar but AI-generated alternatives.
May 29th, 2024 — Source

How fraudsters stole $37 million from Coinbase Pro users
A convincing phishing page and some over-the-phone social engineering allowed a group of crooks to steal over $37 million from unlucky Coinbase Pro users.
May 29th, 2024 — Source

Internet Archive facing sustained cyber attacks — nonprofit struggles with 'impactful, targeted, adaptive' DDoS campaign
The attack has been going on since Sunday.
May 29th, 2024 — Source or Source

Moonstone Sleet: A new North Korean threat actor
Microsoft has named yet another state-aligned threat actor: Moonstone Sleet (formerly Storm-1789), which engages in cyberespionage and ransomware attacks to further goals of the North Korean regime.
May 29th, 2024 — Source

Multi-day DDoS attack targets Internet Archive and Wayback Machine
The IA's collection is safe, for now
May 29th, 2024 — Source or Source

New Endpoint Protection Platform by Cigent Blocks Ransomware at the Data Level
The two primary components to the solution are to encrypt company data at all times, and to decrypt only when the file is required for use.
May 29th, 2024 — Source

New North Korean Threat Actor Engaging in Espionage, Revenue Generation Attacks
Microsoft dives into the tactics, techniques, and procedures of North Korean threat actor Moonstone Sleet.
May 29th, 2024 — Source

New research reveals impact of AI and cybersecurity on women, peace and security in south-east Asia
Systemic issues can put women's security at risk when artificial intelligence (AI) is adopted, and gender biases across widely used AI-systems pose a significant obstacle to the positive use of AI in the context of peace and security in South-East Asia.
May 29th, 2024 — Source

North Korea building cash reserves using ransomware, video games
Microsoft says Kim's hermit nation is pivoting to latest tools as it evolves in cyberspace
May 29th, 2024 — Source

Over 90 Malicious Android Apps Spread Malware Via Google Play Store
Researchers at a cloud security firm say the apps were downloaded more than 5.5 million times before they were removed from Google's storefront.
May 29th, 2024 — Source

PoC exploits for critical FortiSIEM command execution flaws released (CVE-2024-23108, CVE-2023-34992)
Horizon3.ai researches have released proof-of-concept (PoC) exploits for CVE-2024-23108 and CVE-2023-34992, vulnerabilities that allow remote, unauthenticated command execution as root on certain Fortinet FortiSIEM appliances.
May 29th, 2024 — Source

Rx Benefits Firm Notifying 2.8 Million of Data Theft Hack
The Breach Notice Raises the Question of Whether Sav-Rx Paid a Ransom
May 29th, 2024 — Source or Source or Source or Source

Technical or Nontechnical? Choosing Your Cybersecurity Path
Assess Your Interests, Skills, Educational Background and Career Goals to Decide
May 29th, 2024 — Source or Source or Source or Source

Tens of thousands of websites vulnerable to data breaches
Over 58,000 unique websites from around the world are vulnerable to data breaches and even complete takeovers according to new research.
May 29th, 2024 — Source

The role of residential proxies in data collection and analysis
A crucial aspect in data collection and analysis is the employment of proxies. specifically, residential proxies are of paramount significance. The role of these technologies has increased in recent years due to the rising demand for accurate, unrestricted and safe ways of data collection.
May 29th, 2024 — Source

Ticketmaster hacked. Breach affects more than half a billion users.
Emails, phone numbers, addresses, and even financial details have allegedly been exposed by a notorious hacker group.
May 29th, 2024 — Source

Transcend Raises $40 Million for Data Privacy Platform
San Francisco data privacy startup Transcend secures 40 million in a Series B funding round that brings the total raised to $90 million.
May 29th, 2024 — Source or Source

Truecaller AI Call Scanner detects AI voice clones in real-time
Three seconds! That's how much of your voice an AI voice synthesizer needs to generate a complete clone of your voice. Illegitimate voice cloning and speech synthesis technologies are improving at an incalculable rate of change and are, unfortunately, already commoditized and ubiquitous. This next wave of AI scams will prey on the most vulnerable side of our psyche: the threat of our loved ones in danger.
May 29th, 2024 — Source

Unlocking cybersecurity success: The need for board and CISO alignment
The C-Suite's perception of cybersecurity has evolved dramatically over the past decade. It's gone from being an afterthought for technology departments to worry about, to a cornerstone for business survival and operational strategy. The heightened awareness of cybersecurity stems from a deeper grasp of the legal, reputational and financial implications of data breaches.
May 29th, 2024 — Source

US Army Unveils $1B Modern Software Development Initiative
Army Seeking Public Input on $1 Billion Software Modernization Contract Vehicle
May 29th, 2024 — Source or Source or Source or Source

US dismantles 911 S5 botnet used for cyberattacks, arrests admin
The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator, in Singapore.
May 29th, 2024 — Source

US Sanctions Three Chinese Men for Operating 911 S5 Botnet
The US government has announced sanctions against three Chinese nationals accused of creating and operating the 911 S5 proxy botnet.
May 29th, 2024 — Source

Vulnerabilities in Eclipse ThreadX Could Lead to Code Execution
Vulnerabilities in the real-time IoT operating system Eclipse ThreadX before version 6.4 could lead to denial-of-service and code execution.
May 29th, 2024 — Source

Why a Broadcom-Zscaler Deal Makes Sense - and Why It Doesn't
Is There Anything to Anonymous Reports About Talks of a $38B Broadcom-Zscaler Deal?
May 29th, 2024 — Source or Source or Source or Source

Why cloud attacks no longer need malware [Q&A]
As organizations have come to rely more on the cloud, it's become an increasingly attractive target for cybercriminals seeking to steal data or extract ransoms.
May 29th, 2024 — Source

Why did ransomware hackers target Seattle Public Library?
The ransomware attack on Seattle Public Library this past weekend isn't the first to target public library systems
May 29th, 2024 — Source

Zendata Emerges From Stealth With Data Security, AI Governance Solutions
Data security and AI governance company Zendata has emerged from stealth mode with $2 million in seed funding.
May 29th, 2024 — Source

Internet — Security Issues — May 28th, 2024

2.8 Million Impacted by Data Breach at Prescription Services Firm Sav-Rx
Pharmacy prescription services provider Sav-Rx says the personal information of 2.8 million was stolen in a cyberattack.
May 28th, 2024 — Source

ABN Amro Client Data Possibly Stolen in AddComm Ransomware Attack
ABN Amro discloses data breach after third-party services provider AddComm suffers a ransomware attack.
May 28th, 2024 — Source

Adaptive Shield unveils platform enhancements to improve SaaS security
To secure emerging SaaS attack surfaces, Adaptive Shield has extended the capabilities of its SaaS Security Posture Management (SSPM) unified platform to cover complex Permissions and Shared Data.
May 28th, 2024 — Source

Auction house Christie"s confirms criminals stole some client data
Centuries-old institution dodges questions on how it happened as ransomware gang claims credit
May 28th, 2024 — Source

BreachForums returns just weeks after FBI-led takedown
Website whack-a-mole getting worse
May 28th, 2024 — Source

Check Point Issues Emergency Patch for Security Gateways
Criminal and Nation-State Focus on Network Edge Devices Continues, Researchers Warn
May 28th, 2024 — Source or Source or Source or Source or Source

Check Point VPNs Targeted to Hack Enterprise Networks
Check Point is warning customers that threat actors are targeting insecure VPN instances for initial access to enterprise networks.
May 28th, 2024 — Source

Christie"s Confirms Data Breach After Ransomware Group Claims Attack
Auction house Christie"s has confirmed suffering a data breach following a ransomware attack launched earlier this month.
May 28th, 2024 — Source

Congresswomen Advocate for Cybersecurity Jobs for Formerly Incarcerated
While reintegration of formerly incarcerated people into the workforce is important, the government should be cautious about what positions those with a criminal history are put into.
May 28th, 2024 — Source

Court Orders Optus to Release Data Breach Report to Lawyers
Class Action Law Firms Seek Access to Commissioned Deloitte Report Into Mega Breach
May 28th, 2024 — Source or Source or Source or Source or Source

DDoS cyber-attack targeting Internet Archive and the Wayback Machine
The DDoS cyber-attack currently targeting the Internet Archive and its Wayback Machine has entered its third day, causing intermittent disruptions in service. The nonprofit research library is best known for housing millions of historical documents, preserved websites, and media content.
May 28th, 2024 — Source

Microsoft links North Korean hackers to new FakePenny ransomware
​Microsoft has linked a North Korean hacking group it tracks as Moonstone Sleet to FakePenny ransomware attacks, which have led to millions of dollars in ransom demands.
May 28th, 2024 — Source

Microsoft Warns of North Korea's 'Moonstone Sleet'
Pyongyang Threat Actor Is After Money and Information
May 28th, 2024 — Source or Source or Source or Source or Source

OpenAI Forms Safety Committee as It Starts Training Latest Artificial Intelligence Model
OpenAI is setting up a new safety and security committee and has begun training a new artificial intelligence model to supplant the GPT-4 system that underpins its ChatGPT chatbot.
May 28th, 2024 — Source

Over 90 malicious Android apps with 5.5M installs found on Google Play
Over 90 malicious Android apps were found installed over 5.5 million times through Google Play to deliver malware and adware, with the Anatsa banking trojan seeing a recent surge in activity.
May 28th, 2024 — Source

Private Equity Firm Hg Acquires AuditBoard for $3 Billion
Private equity company Hg has acquired audit, compliance and risk management firm AuditBoard for over $3 billion.
May 28th, 2024 — Source

Scientists find major gaps in cybersecurity at auto workshops
In a new study from the University of Skövde, researchers found that many auto workshops do not know enough about how to keep our cars safe from cyberattacks. "A large proportion of the vehicle fleet could practically be entirely open to attacks or already breached," says Marcus Nohlberg, docent in cybersecurity at the University of Skövde.
May 28th, 2024 — Source

Security Firm Says VPN Attacks Are On The Rise, Shares Tips To Protect Your Network
Threat actors are actively trying to exploit VPN environments that make use of remote access at an accelerated rate, in order to infiltrate and attack enterprise networks, according to cyber security firm Check Point. The company says the intent is to “discover relevant enterprise assets and users, seeking for vulnerabilities in order to gain persistence on key enterprise assets.”
May 28th, 2024 — Source

Social Distortion: The Threat of Fear, Uncertainty and Deception in Creating Security Risk
While Red Teams can expose and root out organization specific weaknesses, there is another growing class of vulnerability at an industry level.
May 28th, 2024 — Source

Spyware maker pcTattletale says it"s ‘out of business" and shuts down after data breach
The founder of the spyware app pcTattletale said his company is “out of business and completely done” following a data breach over the weekend.
May 28th, 2024 — Source

Study sheds light on shady world of text message phishing scams
Researchers have collected and analyzed an unprecedented amount of data on SMS phishing attacks, shedding light on both the scope and nature of SMS phishing operations. The work also outlines techniques that can be used to collect additional data on phishing activities, and identifies avenues that law enforcement officials can use to address phishing operations.
May 28th, 2024 — Source

Surveillance Risk: Apple's Wi-Fi-Based Positioning System
Starlink Routers in Ukraine and Gaza Trackable via Apple WPS, Researchers Warn
May 28th, 2024 — Source or Source or Source or Source or Source or Source

Tonic Textual extracts, governs, and deploys unstructured data for AI development
Tonic.ai launched secure data lakehouse for LLMs, Tonic Textual, to enable AI developers to seamlessly and securely leverage unstructured data for retrieval-augmented generation (RAG) systems and large language model (LLM) fine-tuning.
May 28th, 2024 — Source

Transcend Gets $40M to Advance Privacy Tech for Enterprises
StepStone Group Leads Series B Round for Enhanced Privacy Solutions for Businesses
May 28th, 2024 — SourceSource or Source or Source or Source

Union Demands Patient Safety Fixes in Ascension Cyber Outage
Medical Staff Says Resorting to Manual, Paper Charting Is Posing Risks to Patients
May 28th, 2024 — Source or Source or Source or Source or Source

US Sanctions Chinese National for Running 911 S5 Botnet
Treasury Department Says Botnet Users Committed Fraud, Made Bomb Threats
May 28th, 2024 — Source or Source or Source or Source or Source

Will Australia Ever Dig Itself Out of the Cybersecurity Skills Shortage?
Australia is grappling with this cyber security challenge that is resulting in frequent breaches across large companies. Here are possible solutions, including how cyber security pros can help.
May 28th, 2024 — Source

Internet — Security Issues — May 25th, 2024

Spyware app pcTattletale was hacked and its website defaced
U.S.-made consumer-grade spyware app pcTattletale has been hacked and its internal data published to its own website, according to a hacker who claimed responsibility for the breach.
May 25th, 2024 — Source

Internet — Security Issues — May 24th, 2024

A Strategic Approach to Stopping SIM Swap Fraud
The UAE No Longer Has Cases of SIM Swap Fraud - Here's Why
May 24th, 2024 — Source or Source or Source or Source

AI-as-a-Service Platform Patches Critical RCE Vulnerability
Hackers Could Exploit Bug on Replicate to Steal Data, Manipulate AI Models
May 24th, 2024 — Source or Source or Source or Source or Source

Attempts to Regulate AI's Hidden Hand in Americans' Lives Flounder in US Statehouses
Only one of seven bills aimed at preventing AI's penchant to discriminate when making consequential decisions — including who gets hired, money for a home or medical care — has passed.
May 24th, 2024 — Source

Australian Telecom Watchdog Sues Optus Over 2022 Data Breach
Telecom Company Also Faces OAIC Investigation and Potentially Millions in Fines
May 24th, 2024 — Source or Source or Source or Source or Source

Averlon Emerges From Stealth Mode With $8 Million in Funding
Averson secures seed funding to build technology that uses AI to identify cloud security weaknesses and counter cyberattacks.
May 24th, 2024 — Source

Code42 partners with Mimecast to protect organizations from data leaks
Code42 announced that it has partnered with Mimecast to release Mimecast for Incydr Flows.
May 24th, 2024 — Source

Courtroom Recording Software Hit by Supply Chain Attack
Backdoored Installer Facilitates Full, Remote Takeover, Justice AV Solutions Warns
May 24th, 2024 — Source

EU Commission and Microsoft Appeal EDPS Office 365 Decision
March Decision Mandated Commission to Stem Data Flows From Its Office 365 Use
May 24th, 2024 — Source or Source or Source or Source or Source

Hacker defaces spyware app's site, dumps database and source code
A hacker has defaced the website of the pcTattletale spyware application, found on the booking systems of several Wyndham hotels in the United States, and leaked over a dozen archives containing database and source code data.
May 24th, 2024 — Source

How Major Acquisitions Are Transforming Security Operations
Forrester's Allie Mellen on How Palo-QRadar and LogRhythm-Exabeam Will Reshape SIEM
May 24th, 2024 — Source or Source or Source or Source or Source

How Microsoft Secures Generative AI
Enabling Safety in the Age of Generative AI
May 24th, 2024 — Source

Illumio and Netskope join forces to strengthen enterprise resilience against cyberattacks
Illumio and Netskope announced a Zero Trust partnership that brings together the power of Zero Trust Segmentation (ZTS) and Zero Trust Network Access (ZTNA) to protect against breaches and build cyber resilience.
May 24th, 2024 — Source

In Other News: China's Undersea Spying, Hotel Spyware, Iran's Disruptive Attacks
Noteworthy stories that might have slipped under the radar: Chinese repair ships might be spying on undersea communications, spyware found at hotel check-ins, UK not ready for China threat.
May 24th, 2024 — Source

ISMG Editors: UnitedHealth Group's HIPAA Breach Fallout
Also: The End of an Era at Mandiant and Privacy and Ethics Concerns Related to LLMs
May 24th, 2024 — Source or Source or Source or Source or Source

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor
Backdoored JAVS courtroom recording and management software installer puts thousands at risk of complete takeover.
May 24th, 2024 — Source

'Little weirdo' shoulder surfer teaches UK cabinet minister a lesson in cybersecurity
Tory comms leaked thanks to a barefooted Johnny Mercer's wayward situational awareness
May 24th, 2024 — Source

LockBit Publishes Data Stolen in London Drugs Attack
Canadian Retail Pharmacy Chain Says It's Reviewing Exposed Data on Gang's Leak Site
May 24th, 2024 — Source or Source or Source or Source or Source

Seven crucial dos and don'ts for cyber-attack survival
Think you've been hit by a cyber-attack? You need to move fast, but what immediate actions should you take, or should you not take? Here's a Cyber Incident Responder's guide to steer you through the turmoil. The actions your team takes -- or doesn't take -- can greatly impact the overall duration of recovery, cost, and the potential to uncover vital evidence left by threat actors within your infrastructure.
May 24th, 2024 — Source

ShrinkLocker Ransomware Exploits Microsoft's BitLocker
Malicious Script Targets Users in Mexico, Indonesia, Jordan
May 24th, 2024 — Source or Source

SoSafe Human Risk OS reduces human-related security risks
SoSafe introduced their pioneering Human Risk Operating System, The Human Risk OS, a set of capabilities designed to help customers identify, quantify, monitor, and intervene on human security risk.
May 24th, 2024 — Source

Surfshark ONE all-in-one cyber security app for all your devices -- Review
As someone who spends a significant portion of my life online, I've always been concerned about my digital security and privacy. In the past, I've relied on various tools and services to protect myself from cyber threats, but managing multiple subscriptions and apps can be a hassle.
May 24th, 2024 — Source

US retailers under attack by gift card-thieving cyber gang
Earlier this month, the FBI published (PDF) a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards.
May 24th, 2024 — Source

Internet — Security Issues — May 23rd, 2024

70% of CISOs worry their org is at risk of a material cyber attack
Wait, why do you want this job again?
May 23rd, 2024 — Source

55,000 Impacted by Cyberattack on California School Association
The Association of California School Administrators (ACSA) is informing nearly 55,000 individuals that they have been impacted by a ransomware attack.
May 23rd, 2024 — Source

400,000 Impacted by CentroMed Data Breach
The personal information of 400,000 individuals was compromised in a data breach at El Centro Del Barrio (CentroMed).
May 23rd, 2024 — Source

A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass
A vulnerability has been discovered in GitHub Enterprise Server (GHES), which could allow for authentication bypass. GHES is a popular platform for software developers. Organizations can build and store software applications using Git version control and automate deployment pipelines. Successful exploitation of this vulnerability could allow for an attacker to forge a SAML response to provision and/or gain access to a user with site administrator privileges. An attacker could then view, change, or delete data; or create new accounts with full user rights.
May 23rd, 2024 — Source

Active Chinese Cyberespionage Campaign Rifling Email Servers
'Rare Tools' Employed in 'Operation Diplomatic Specter,' Threat Researchers Find
May 23rd, 2024 — Source or Source or Source or Source or Source

AI relies on mass surveillance, warns Signal boss
The AI tools that crunch numbers, generate text and videos and find patterns in data rely on mass surveillance and exercise concerning control over our lives, the boss of encrypted messaging app Signal told AFP on Thursday.
May 23rd, 2024 — Source

Air-Ground Ambulance Firm Tells 858,000 of Hack 1 Year Ago
It's the Latest Hack Reported in Recent Weeks by an Ambulance Services Provider
May 23rd, 2024 — Source or Source or Source or Source or Source

Anyone Can Trick AI Bots Into Spilling Passwords
Thousands of People Tricked Bots Into Revealing Sensitive Data in Lab Setting
May 23rd, 2024 — Source or Source or Source or Source or Source

Bolster Raises $14 Million for AI-Powered Phishing Protection
Bolster has raised $14 million in Series B funding for technology integrations for its AI-powered phishing protection platform.
May 23rd, 2024 — Source

Bugcrowd Buys Informer to Enhance Attack Surface Management
First Purchase in Bugcrowd's History to Boost Attack Surface Management, Visibility
May 23rd, 2024 — Source or Source or Source or Source or Source

Bugcrowd, the crowdsourced white-hat hacker platform, acquires Informer to ramp up its security chops
On the heels of raising $102 million earlier this year, Bugcrowd is making good on its promise to use some of that funding to make acquisitions to strengthen its security chops.
May 23rd, 2024 — Source

Casino cyberattacks put a bullseye on Scattered Spider -- and the FBI is closing in
Mandiant CTO chats to The Reg about the looming fate of this ransomware crew
May 23rd, 2024 — Source or Watch Video

Compromised courtroom recording software was served from vendor's official site
Courtroom recording software JAVS Viewer has been saddled with loader malware and has been served from the developer's site since at least April 2, a threat researcher has warned last month.
May 23rd, 2024 — Source or Source

Consumer-grade spyware found running on hotel guest PCs contains serious security flaw that lets anyone see recent screenshots
Shades of Microsoft's Recall, with a dash of... major security flaw
May 23rd, 2024 — Source

Cryptohack Roundup: $206M Gala Games Exploit
Also: Pump.fun Hack, Arrests in $73M Pig-Butchering Scam
May 23rd, 2024 — Source or Source or Source or Source or Source

Cybersecurity Labeling for Smart Devices Aims to Help People Choose Items Less Likely to be Hacked
Under the new U.S. Cyber Trust Mark Initiative, manufacturers can affix the label on their products if they meet federal cybersecurity standards.
May 23rd, 2024 — Source

Dutch cybercops tracked a crypto theft to one of the world's worst botnets
The Ebury malware has expanded into stealing Bitcoin and credit cards
May 23rd, 2024 — Source

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub.
May 23rd, 2024 — Source

Google claims only Epic benefits from proposed Play Store changes
Google has posted an official response to the proposed Play Store change that Epic requested in court, stating that these remedies are "bad for everyone but Epic," suggesting that only Epic will benefit. If you're not sure what Google is talking about, it's referencing Epic's proposed remedies to the Judge and the court in its case against Google over the Play Store being a monopoly.
May 23rd, 2024 — Source

HHS pledges $50M for autonomous vulnerability management solution for hospitals
As organizations in the healthcare sector continue to be a prime target for ransomware gangs and CISA warns about a vulnerability (CVE-2023-43208) in a healthcare-specific platform being leveraged by attackers, the Advanced Research Projects Agency for Health (ARPA-H) has announced the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program aimed at developing a vulnerability management platform for healthcare IT teams.
May 23rd, 2024 — Source

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries
Find out how Grandoreiro banking trojan campaigns work and the countries targeted, as well as how to mitigate this malware threat.
May 23rd, 2024 — Source

IT and security data is siloed in most organizations
Although the goals and challenges of IT and security professionals overlap, 72 percent of respondents to a new survey report that security data and IT data are siloed in their organization, contributing to elevated security risk.
May 23rd, 2024 — Source

JAVS courtroom recording software backdoored in supply chain attack
Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them take over compromised systems.
May 23rd, 2024 — Source

NETMundial+10 Multistakeholder Statement Pushes for Greater Inclusiveness in Internet Governance Processes
A new statement about strengthening internet governance processes emerged from the NETMundial +10 meeting in Brazil last month, strongly reaffirming the value of and need for a multistakeholder approach involving full and balanced participation of all parties affected by the internet—from users, governments, and private companies to civil society, technologists, and academics.
May 23rd, 2024 — Source

Newly Detected Chinese Group Targeting Military, Government Entities
Unfading Sea Haze has been targeting military and government entities in South China Sea countries since 2018.
May 23rd, 2024 — Source

NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack
Intercontinental Exchange, the company that operates NYSE and other exchanges, has agreed to pay a $10 million fine related to a 2021 hack.
May 23rd, 2024 — Source

OneTrust helps organizations meet the framework requirements
OneTrust announced the expansion of OneTrust solutions to help organizations drive operational resilience and risk management across their extended enterprise, as well as comply with regulations like the European Union's (EU) Digital Operational Resilience Act (DORA).
May 23rd, 2024 — Source

Rockwell Automation Says to Disconnect ICS From the Internet
Advisory Says Disconnecting ICS Reduces Exposure to Malicious Cyber Activities
May 23rd, 2024 — Source or Source or Source

SOCRadar raises $25.2 million to accelerate investments in key areas
SOCRadar announced the successful completion of its Series B funding round, raising $25.2 million. The round was led by PeakSpan Capital, with participation from Oxx, reflecting investor confidence in SOCRadar's innovative approach to cybersecurity.
May 23rd, 2024 — Source

The Aspen Institute's Jeff Greene Is Headed to CISA
Former White House, Symantec Executive Will Rejoin Government
May 23rd, 2024 — Source or Source or Source or Source or Source

US Intelligence Agencies' Embrace of Generative AI Is at Once Wary and Urgent
U.S. intelligence agencies are scrambling to embrace the AI revolution, believing they'll be smothered by exponential data growth as sensor-generated surveillance tech further blankets the planet.
May 23rd, 2024 — Source

Using AI, Mastercard Expects to Find Compromised Cards Quicker, Before They Get Used by Criminals
Mastercard is integrating AI into its fraud-prediction technology that it expects will be able to see patterns in stolen cards faster and allow banks to replace them before they are used by criminals.
May 23rd, 2024 — Source

VMware Abused in Recent MITRE Hack for Persistence, Evasion
MITRE has shared information on how China-linked hackers abused VMware for persistence and detection evasion in the recent hack.
May 23rd, 2024 — Source

Why We Need to Get a Handle on AI
It will be interesting to see how AI continues to evolve and how it is used by defenders as they attempt to leapfrog attackers and protect the organization against new forms of AI attacks
May 23rd, 2024 — Source

Zero-Day Attacks and Supply Chain Compromises Surge, MFA Remains Underutilized: Rapid7 Report
Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7's 2024 Attack Intelligence Report suggests that this will change.
May 23rd, 2024 — Source

Internet — Security Issues — May 21st, 2024

77 percent of organizations suffer cyberattacks due to identity issues
According to a new survey, 77 percent of organizations have suffered from instances of cyberattacks or data breaches in the past 12 months due to improper access or over-privileged users.
May 21st, 2024 — Source

100 Groups Urge Feds to Put UHG on Hook for Breach Notices
Medical Associations Ask HHS to Clarify HIPAA Duties in Change Healthcare Hack
May 21st, 2024 — Source or Source or Source or Source or Source

CIS Benchmarks Volunteer Spotlight: Hardeep Mehrotara
CIS volunteers are the backbone of our security best practices. They work hard to make sure the CIS Benchmarks™ and the CIS Critical Security Controls® (CIS Controls®) reflect a global knowledge base of the latest known cyber threats. Our unique consensus process ensures the Center for Internet Security® (CIS®) continues to produce objective, referenced cybersecurity standards for hardening resources in industry, government, and academia. Together with CIS, volunteers from around the world develop, review, and maintain our best practices.
May 21st, 2024 — Source

CIS volunteers are the backbone of our security best practices. They work hard to make sure the CIS Benchmarks™ and the CIS Critical Security Controls® (CIS Controls®) reflect a global knowledge base of the latest known cyber threats. Our unique consensus process ensures the Center for Internet Security® (CIS®) continues to produce objective, referenced cybersecurity standards for hardening resources in industry, government, and academia. Together with CIS, volunteers from around the world develop, review, and maintain our best practices.
@3
May 21st, 2024 — Source

CISA: NextGen Healthcare Flaw Still Exploited After 7 Months
Attackers Are Targeting the Widely Used Mirth Connect Data Integration Platform
May 21st, 2024 — Source or Source or Source or Source or Source

Critical Fluent Bit flaw affects major cloud platforms, tech companies' offerings (CVE-2024-4323)
Tenable researchers have discovered a critical vulnerability (CVE-2024-4323) in Fluent Bit, a logging utility used by major cloud providers and tech companies, which may be leveraged for denial of service, information disclosure, or remote code execution.
May 21st, 2024 — Source

Did OpenAI Illegally Mimic Scarlett Johansson's Voice?
Actor Said She Firmly Declined Offer From AI Firm to Serve as Voice of GPT-4.o
May 21st, 2024 — Source or Source or Source or Source or Source

Do you really need a VPN as part of your antivirus software?
A bundled VPN can offer great value and convenience.
May 21st, 2024 — Source

EPA Issues Alert After Finding Critical Vulnerabilities in Drinking Water Systems
The EPA has issued an enforcement alert, outlining the steps needed to comply with the Safe Drinking Water Act.
May 21st, 2024 — Source

Google Urges Feds to Ditch Microsoft Over Security Concerns
Technology Giants Vie for Public Sector Customers Amid Microsoft's Recent Breaches
May 21st, 2024 — Source or Source or Source or Source or Source

Healthcare Identity Security: What to Expect From a Solution
SailPoint's Radcliffe and Sebaugh on How to Accelerate Your Identity Program
May 21st, 2024 — Source or Source

How to Land Your Dream Job in Tech
Tips to Get You to the Place in Your Career Where You Really Want to Be
May 21st, 2024 — Source or Source or Source or Source or Source

Kevin Mandia Exits Mandiant CEO Role After Google Purchase
Sandra Joyce, Jurgen Kutscher to Oversee Mandiant Threat Intel, IR Business Units
May 21st, 2024 — Source or Source or Source

LockBit says they stole data in London Drugs ransomware attack
Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations.
May 21st, 2024 — Source

Passkeys: Everything you need to know
Chances are that many of you are already familiar with passkeys. Many people are still not, however. The term 'passkey' has been very difficult to miss in the last couple of years, especially if you're reading about tech. That term is also often used in relation to passwords, as many people have been saying it will end passwords. So it has to be important, right?
May 21st, 2024 — Source

New results in AI research: Humans barely able to recognize AI-generated media
AI-generated images, texts and audio files are so convincing that people are no longer able to distinguish them from human-generated content. This is the result of an online survey of about 3,000 participants from Germany, China, and the U.S. This is the first time that a large transnational study has examined this particular form of media literacy.
May 21st, 2024 — Source

Nikesh Arora on Why Palo Alto Networks Is Buying IBM QRadar
QRadar SaaS SIEM Customers Will Be Migrated to XSIAM as Part of $500M Transaction
May 21st, 2024 — Source or Source or Source or Source or Source

OmniVision Says Personal Information Stolen in Ransomware Attack
Semiconductor giant OmniVision Technologies says personal information was stolen in a September 2023 ransomware attack.
May 21st, 2024 — Source

Only 60 percent of brands can protect their customers from digital impersonation
More than half of respondents (53 percent) to a new survey say their existing cybersecurity solutions do not effectively address website impersonation attacks, and 41 percent say their existing solutions only partially protect them and their customers.
May 21st, 2024 — Source

Priorities for data center OT security in the cloud era
The decentralized nature of the cloud provides great flexibility for users, but it also introduces great vulnerabilities for data center operators. As an abundant source of valuable data, the modern data center has become a prime target for cybercriminals, from small business facilities to the huge hyperscale colocation data centers run by Amazon, Google, and Microsoft.
May 21st, 2024 — Source

QNAP Rushes Patch for Code Execution Flaw in NAS Devices
QNAP rolls out patches for multiple vulnerabilities after proof-of-concept exploit published for a remote code execution vulnerability.
May 21st, 2024 — Source

Reasonable Cybersecurity: On the Need for a Definition
In a digital era where cyber threats have become increasingly potent and pervasive, the concept of reasonable cybersecurity is assuming greater significance. "Reasonable cybersecurity" is a phrase that has broad implications across various sectors, especially for businesses that handle sensitive data. Yet the definition lacks clarity and fails to specify what an organization must do to meet the standard of reasonable cybersecurity.
May 21st, 2024 — Source

Researchers spot cryptojacking attack that disables endpoint protections
A key component: Installing known vulnerable drivers from Avast and IOBit.
May 21st, 2024 — Source

Snapchat Revises AI Privacy Policy Following UK ICO Probe
ICO Urges Companies to Assess Data Protection Before Releasing Products
May 21st, 2024 — Source or Source or Source or Source or Source

Tackling long-range malware detection tasks using holographic global convolutional networks
Over the past few decades, cyber-attackers have devised increasingly sophisticated malware that can disrupt the functioning of computer systems or grant them access to sensitive data. The development of techniques that can reliably detect the presence of malware and determine the "family" to which they belong could be highly advantageous, as it could help to neutralize them rapidly, before they cause significant damage.
May 21st, 2024 — Source

With ransomware whales becoming so dominant, would-be challengers ask 'what's the point?'
Fewer rivals on the scene as big-gang success soars
May 21st, 2024 — Source

Zero-day vulnerabilities see increased targeting by cybercriminals
Last year saw more mass compromise events arising from zero-day vulnerabilities (53 percent) than from older vulnerabilities for the first time since 2021.
May 21st, 2024 — Source

Internet — Security Issues — May 18th, 2024

Banking malware Grandoreiro returns after police disruption
The banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.
May 18th, 2024 — Source

ISMG Editors: Why Synthetic ID Fraud Is on the Rise
Also: More Support for Ransomware Victims, Key Takeaways From RSA 2024
May 18th, 2024 — Source or Source or Source or Source

Ransomware gang targets Windows admins via PuTTy, WinSCP malvertising
A ransomware operation targets Windows system administrators by taking out Google ads to promote fake download sites for Putty and WinSCP.
May 18th, 2024 — Source

Internet — Security Issues — May 17th, 2024

A Former OpenAI Leader Says Safety Has 'Taken a Backseat to Shiny Products' at the AI Company
Jan Leike, who ran OpenAI's "Super Alignment" team, believes there should be more focus on preparing for the next generation of AI models, including on things like safety.
May 17th, 2024 — Source

Australia Investigating Large-Scale Medical Billing Hack
e-Prescription Provider Brings in Government on Ransomware Response
May 17th, 2024 — Source or Source or Source or Source or Source

Black Basta Ransomware Struck More Than 500 Organizations Worldwide
Read about Black Basta ransomware's impact and how to mitigate it. Plus, learn about recent ransomware trends.
May 17th, 2024 — Source

C/side Emerges From Stealth Mode With $1.7 Million Investment
C/side has emerged from stealth mode with $1.7 million in pre-seed funding from Scribble Ventures and angel investors
May 17th, 2024 — Source

Canadian intelligence agency advises against TikTok over 'risky' data practices
User data is a matter of national security and the CSIS is getting involved.
May 17th, 2024 — Source

CISA Warns of Exploited Vulnerabilities in EOL D-Link Products
CISA has added two vulnerabilities in discontinued D-Link products to its KEV catalog, including a decade-old flaw.
May 17th, 2024 — Source

False Positives: The Unwanted Side of Antivirus Protection
Have you ever been annoyed by your antivirus software telling you that a perfectly harmless file is infected with malware? That's what we call a false positive, and it can be a real pain in the ASCII. False Positives are not only annoying but can be downright destructive - Personally, while testing a known AV product once - it detected my NTUser.dat as a virus rendering the system unbootable. Seriously? WTF? Anyway......
May 17th, 2024 — Source or Watch Video

Financial institutions have 30 days to disclose breaches under new rules
Amendments contain loopholes that may blunt their effectiveness.
May 17th, 2024 — Source

GitLab unveils AI capabilities to help organizations better secure their software
GitLab announced new innovations across the platform to streamline how organizations build, test, secure, and deploy software.
May 17th, 2024 — Source

Hackers Target US AI Experts With Customized RAT
Hackers Sought Specific Generative AI Software at Leading US Firm: Proofpoint
May 17th, 2024 — Source or Source or Source or Source or Source

Health Plan Services Firm Notifying 2.4 Million of PHI Theft
Data Stolen Over a Year Ago, But WebTPA Didn't Discover Hack Until December
May 17th, 2024 — Source or Source or Source or Source or Source

Healthcare Identity Security: What to Expect From a Solution
SailPoint's Radcliffe and Sebaugh on How to Accelerate Your Identity Program
May 17th, 2024 — Source

In Other News: MediSecure Hack, Scattered Spider Targeted by FBI, New Wi-Fi Attack
Noteworthy stories that might have slipped under the radar: FBI is targeting Scattered Spider, Australia's MediSecure hacked, new Wi-Fi attack.
May 17th, 2024 — Source

Kroll expands its document review capabilities to accelerate incident response
Kroll expands its document review capabilities with DataminerAI to immediately pinpoint where sensitive data is located, providing faster, more efficient and affordable data mining. The technology optimizes incident response investigations and is available to all insurance carriers, law firms, and incident response providers seeking more efficient document review.
May 17th, 2024 — Source

Microsoft Quick Assist Tool Abused for Ransomware Delivery
The Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment.
May 17th, 2024 — Source

New 'Antidot' Android Trojan Allows Cybercriminals to Hack Devices, Steal Data
The Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages.
May 17th, 2024 — Source

Palo Alto to Acquire IBM QRadar SIEM Business
IBM Leans Ever More Heavily on Palo Alto for Tech
May 17th, 2024 — Source or Source or Source or Source or Source

Parents underestimate the privacy risks kids face in virtual reality
Virtual reality lets kids play 3D games with their friends as avatars, go back in time, even journey to outer space, all without leaving their living rooms.
May 17th, 2024 — Source

SEC: Financial orgs have 30 days to send data breach notifications
The Securities and Exchange Commission (SEC) has adopted amendments to Regulation S-P that require certain financial institutions to disclose data breach incidents to impacted individuals within 30 days of discovery.
May 17th, 2024 — Source

The importance of access controls in incident response
The worst time to find out your company doesn't have adequate access controls is when everything is on fire. The worst thing that can happen during an incident is that your development and operations teams are blocked from solving the problem.
May 17th, 2024 — Source

The OpenAI team tasked with protecting humanity is no more
Its former head quit, claiming safety concerns had taken "a backseat to shiny products."
May 17th, 2024 — Source

The Week in Ransomware - May 17th 2024 - Mailbombing is back
This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum.
May 17th, 2024 — Source

Top US Cyber Defense Official Eric Goldstein to Step Down
Eric Goldstein Stepping Down in June After 3 Years at US Cyber Defense Agency
May 17th, 2024 — Source or Source or Source or Source

Two Santa Cruz students uncover security bug that let anyone do their laundry for free
CSC ServiceWorks belatedly apologized and thanked the security researchers after the laundry giant ignored requests to fix a security bug.
May 17th, 2024 — Source

US arrests suspects behind $73M 'pig butchering' laundering scheme
​The U.S. Department of Justice charged two suspects for allegedly leading a crime ring that laundered at least $73 million from cryptocurrency investment scams, also known as "pig butchering."
May 17th, 2024 — Source

US SEC Approves Wall Street Data Breach Reporting Regs
Covered Financial Institutions Have 30 Days to Notify Customers of Data Breaches
May 17th, 2024 — Source or Source or Source or Source or Source

WebTPA data breach impacts 2.4 million insurance policyholders
The WebTPA Employer Services (WebTPA) data breach disclosed earlier this month is impacting close to 2.5 million individuals, the U.S. Department of Health and Human Services notes.
May 17th, 2024 — Source

Internet — Security Issues — May 14th, 2024

7 application security startups at RSAC 2024
VC-backed up-and-comers zero in on devsecops, the software supply chain, and securing the software development life cycle.
May 14th, 2024 — Source

A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
A vulnerability has been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
May 14th, 2024 — Source

Apple stopped over $7 billion in potentially fraudulent App Store transactions in four years
Since launching the App Store in 2008, Apple has continued to invest in and develop industry-leading technologies designed to provide users with the safest and most secure experience for downloading apps, and a vibrant and innovative platform for developers to distribute their software.
May 14th, 2024 — Source

Apps under attack as cybercriminals target changing use patterns
The frequency of application attacks is rising as cybercriminals continue to prey on the increasing reliance on web, mobile and desktop apps, according to a new report.
May 14th, 2024 — Source

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
Threat actors are using DNS tunneling to track victims' interaction with spam and to scan network infrastructures.
May 14th, 2024 — Source

Beyond Passwords: Elastic's Proactive Move to Phishing-Resistant MFA
Recently, Elastic, a platform for search-powered solutions, discussed the advantages of phishing-resistant multi-factor authentication (MFA). This secure authentication method goes beyond traditional MFA, which uses passwords, SMS codes, or biometrics, by employing multiple layers of protection and a cryptographic registration process.
May 14th, 2024 — Source

Counterfeit coins can be detected more easily thanks to a novel approach
Metal coins may be just about the oldest medium of exchange still in use today, but ensuring their worth requires some of the most state-of-the-art technology available. Counterfeit coins remain a threat to global currencies, with malicious actors flooding markets with fakes. European police broke up a Spain-based criminal ring in late April, demonstrating the issue's ongoing urgency.
May 14th, 2024 — Source

Critical Patches Issued for Microsoft Products, May 14, 2024
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
May 14th, 2024 — Source

Cyber Insurers Pledge to Help Reduce Ransom Payments
Firms Back New Guidance for Victims From UK's National Cyber Security Center
May 14th, 2024 — Source or Source or Source or Source

FCC Warns of 'Royal Tiger' Robocall Scammers
The FCC has issued a public notice on robocall scammer group 'Royal Tiger', the first designated threat actor.
May 14th, 2024 — Source

Impact of Ascension's Cyberattack IT Outage Varies by Region
In Some Regions, ER Patients Still Diverted, Pharmacies Can't Fill Prescriptions
May 14th, 2024 — Source or Source or Source

Google Patches Second Chrome Zero-Day in One Week
Google has patched CVE-2024-4761, the second exploited vulnerability addressed by the company within one week.
May 14th, 2024 — Source

Google's steps to protect app users
Mobile device users can download a variety of apps to enhance their online experience. App developers create platforms designed for mobile use, allowing users to navigate easily and enjoy mobile-specific content.
May 14th, 2024 — Source

Cybersec chiefs team up with insurers to say 'no' to ransomware bullies
Guidebook aims to undermine the criminal business model
May 14th, 2024 — Source

Microsoft Patches Zero-Day Exploited by Qakbot
Kaspersky Says It Spotted Qakbot Operators Exploiting the Flaw in April
May 14th, 2024 — Source or Source or Source

Ransomware isn't as big a threat as these scams
Be wary of unexpected situations that play to your emotions.
May 14th, 2024 — Source

SHacker Conversations: Ron Reiter, and the Making of a Professional Hacker
Ron Reiter was a childhood hacker in Israel. He was recruited into the IDF's elite Unit 8200 for his military service. Now he is CTO and co-founder of cybersecurity firm Sentra.
May 14th, 2024 — Source

MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
May 14th, 2024 — Source

SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver
SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day.
May 14th, 2024 — Source

Singing River Health System: Data of 895,000 stolen in ransomware attack
The Singing River Health System is warning that it is now estimating that 895,204 people are impacted by a ransomware attack it suffered in August 2023.
May 14th, 2024 — Source

The importance of people, process and expertise for cyber resilience in the AI age
No business is immune to the cyber threats that exist today, ranging from malicious software and ransomware to AI threats and more, which occur daily, weekly and often even more frequently than this. To counter them, companies must have strategies in place to minimize the potential damage of an attack by protecting data and putting plans in place to recover from a cyberattack as quickly and effectively as possible.
May 14th, 2024 — Source

Tornado Cash Developer Sentenced to 5 Years in Prison
Pertsev Turned a Blind Eye to Illicit Activity on the Mixer, Dutch Court Says
May 14th, 2024 — Source or Source or Source or Source or Source

UK, US Officials Warn About Chinese Cyberthreat
UK GCHQ Director Calls Chinese Hacking a 'Top Priority'
May 14th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — May 13th, 2024

$2.5 Million Offered at Upcoming ‘Matrix Cup" Chinese Hacking Contest
The Chinese hacking contest Matrix Cup is offering big rewards for exploits targeting OSs, smartphones, enterprise software, browsers, and security products.
May 13th, 2024 — Source

AHA, H-ISAC warn hospitals about Black Basta following Ascension cyberattack
Meanwhile, staff at the health system say they don't have patient orders and can't page doctors. As it works to restore clinical systems, Ascension says it's working with law enforcement and sharing threat intelligence to help prevent similar attacks.
May 13th, 2024 — Source

AI red-teaming tools helped X-Force break into a major tech manufacturer 'in 8 hours'
Hint: It's the 'the largest' maker of a key computer component
May 13th, 2024 — Source

Apple and Google Finally Team Up to Protect Users from Unwanted Tracking
Tech giants Apple and Google have joined forces to combat unwanted tracking via Bluetooth devices. This collaboration has resulted in the creation of an industry-standard called “Detecting Unwanted Location Trackers.” This standard will let both iPhones and Android phones (version 6.0 and later) identify unknown tracking devices in their vicinity.
May 13th, 2024 — Source

Black Basta ransomware group is imperiling critical infrastructure, groups warn
Threat group has targeted 500 organizations. One is currently struggling to cope.
May 13th, 2024 — Source

Black Basta target orgs with new social engineering campaign
Black Basta, one of the most prolific ransomware-as-a-service operators, is trying out a combination of email DDoS and vishing to get employees to download remote access tools.
May 13th, 2024 — Source

Botnet sent millions of emails in LockBit Black ransomware campaign
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign.
May 13th, 2024 — Source

China and US Envoys Will Hold First Top-Level Dialogue on Artificial Intelligence
China"s official Xinhua news agency said the two sides would take up issues including the technological risks of AI and global governance.
May 13th, 2024 — Source

Cinterion Modem Flaws Pose Risk to Millions of Devices in Industrial, Other Sectors
A critical vulnerability in the Cinterion cellular modems can be exploited for remote code execution via SMS messages.
May 13th, 2024 — Source

Cinterion IoT Cellular Modules Vulnerable to SMS Compromise
Modules Widely Deployed in Manufacturing, Telecommunications and Healthcare Devices
May 13th, 2024 — Source or Source< or Source or Source or Source

Cyber anxiety on the rise in the UK
A new study reveals that 56 percent of UK adults are more worried over potential cyberattacks since Russia's invasion of Ukraine.
May 13th, 2024 — Source

'Cyberattack' shutters Christie's website days before $840M art mega-auction
Going once, going twice, going offline
May 13th, 2024 — Source

Defenders' Dilemma: Can AI Bolster Cyber Resilience?
Visa's Subra Kumaraswamy on Threat Detection, AI and Third-Party Supply Chain Risk
May 13th, 2024 — Source or Source or Source or Source or Source

Dell Confirms Data Breach Exposed Customer Details To Hackers, Millions Affected
It has been a little while since our last major data breach, with the latest being back on April Fools' with AT&T having the information of 73 million accounts appear on the dark web
May 13th, 2024 — Source

Dell hacker claims to have scraped millions of customer records
Dell is in the midst of a data security crisis after a hacker named Menelik claimed responsibility for a breach exposing millions of customers' personal information. Menelik said they directly accessed Dell servers and scraped a massive dataset for weeks before detection.
May 13th, 2024 — Source

Europol Investigating Breach After Hacker Offers to Sell Classified Data
Europol is investigating a data breach, but says no core systems are impacted and no operational data has been compromised.
May 13th, 2024 — Source

Experts Warn the NVD Backlog Is Reaching a Breaking Point
Federal Database Nears 10,000 Unanalyzed Vulnerabilities Amid Halt in Operations
May 13th, 2024 — Source or Source or Source or Source

FBCS Collection Agency Data Breach Impacts 2.7 Million
Financial Business and Consumer Solutions (FBCS) says the personal information of 2.7 million was impacted in the recent data breach.
May 13th, 2024 — Source

Feds, Groups Warn Health Sector of Black Basta Threats
Advisories Come As Black Basta Appears Responsible for Ascension Ransomware Attack
May 13th, 2024 — Source or Source or Source or Source or Source

Female health apps misuse highly sensitive data, study finds
Apps designed for female health monitoring are exposing users to unnecessary privacy and safety risks through their poor data handling practices, according to new research from King's College London and University College London (UCL).
May 13th, 2024 — Source

Google"s 3D video conferencing platform, Project Starline, is coming in 2025 with help from HP
In 2021, Google kicked off work on Project Starline, a corporate-focused teleconferencing platform that uses 3D imaging, cameras and a custom-designed screen to let people converse with someone as if they were in the same room — more or less.
May 13th, 2024 — Source

‘Got that boomer!": How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
The incoming phone call flashes on a victim"s phone. It may only last a few seconds, but can end with the victim handing over codes that give cybercriminals the ability to hijack their online accounts or drain their crypto and digital wallets.
May 13th, 2024 — Source

Hackers use DNS tunneling for network scanning, tracking victims
Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities.
May 13th, 2024 — Source

Helsinki suffers data breach after hackers exploit unpatched flaw
The City of Helsinki is investigating a data breach in its education division, which it discovered in late April 2024, impacting tens of thousands of students, guardians, and personnel.
May 13th, 2024 — Source

Human Risk Crisis: 8% of Employees Cause 80% of Incidents
Mimecast's Masha Sedova on Using a Metrics-Driven Approach to Mitigate Human Risk
May 13th, 2024 — Source or Source or Source or Source

INC ransomware source code selling on hacking forums for $300,000
A cybercriminal using the name "salfetka" claims to be selling the source code of INC Ransom, a ransomware-as-a-service (RaaS) operation launched in August 2023.
May 13th, 2024 — Source

MITRE EMB3D improves security for embedded devices
MITRE released EMB3D, a cybersecurity threat model for embedded devices. The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them. The model is the result of a collaborative effort by MITRE, Niyo Little Thunder Pearson, Red Balloon Security, and Narf Industries.
May 13th, 2024 — Source

Palo Alto Networks and Accenture help organizations accelerate AI adoption
Palo Alto Networks and Accenture announced an expansion of their long-standing strategic alliance. New offerings will combine Precision AI technology from Palo Alto Networks and Accenture"s secure generative AI services to help organizations embrace the potential of AI with unparalleled cybersecurity.
May 13th, 2024 — Source

Squarespace to go private in $6.9 billion takeover
Is this the new trend?
May 13th, 2024 — Source

The ultimate free digital security guide: Stay safe without spending a dime
Excellent security tools are available to everyone. You don"t have to pay a single cent to protect yourself.
May 13th, 2024 — Source

US and China to Hold Discussions on AI Risks and Security
White House Announces High-Level Talks With Beijing on Advanced AI Systems
May 13th, 2024 — Source or Source or Source or Source or Source

UK public voice fear over security in NHS data systems
NHS England's own survey also reveals suspicions that it would sell data to third parties
May 13th, 2024 — Source

Uncle Sam urges action after Black Basta ransomware infects Ascension
Emergency ambulances diverted while techies restore systems
May 13th, 2024 — Source

Internet — Security Issues — May 11th, 2024

Critical infrastructure security will stay poor unless everyone pulls together
Claroty CEO Yaniv Vardi tells us what's needed to defend vital networks
May 11th, 2024 — Source or Watch Video

ISMG Editors: RSA Conference 2024 Wrap-Up
Panels Unpack the Buzz Around AI, Future Trends for CISOs
May 11th, 2024 — Source or Source or Source or Source or Source

Solving the Fractured Data Problem in Exposure Management
Sevco Security's J.J. Guy on Aggregating and Prioritizing Vulnerabilities
May 11th, 2024 — Source or Source

Internet — Security Issues — May 10th, 2024

500,000 Impacted by Ohio Lottery Ransomware Attack
The Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals.
May 8th, 2024 — Source

Ascension Diverts Emergency Patients, Postpones Care
Wednesday Cyber Incident Shakes America's Largest Healthcare System
May 8th, 2024 — Source or Source or Source or Source or Source

Cyberattack cripples major US health care network
Ascension, a major U.S. health care system with 140 hospitals in 19 states, announced late Thursday that a cyberattack has caused disruptions at some of its hospitals.
May 8th, 2024 — Source

Exploited Chrome Zero-Day Patched by Google
A Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024.
May 8th, 2024 — Source

Hackers Steal Credit Card Data of Deal-Seeking Shoppers
China-Linked Criminals Processed Orders Worth $50M: Security Research Labs
May 8th, 2024 — Source or Source or Source or Source or Source

Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service
One of the largest healthcare systems in the United States is scrambling to contain a hack that's causing disruption and "downtime procedures" at hospitals around the country.
May 8th, 2024 — Source

Highest and lowest cyber risk countries revealed
New analysis from MixMode.ai reveals the countries with the highest and lowest risk for cyber threats worldwide in 2024, with the US ranking 9th overall among countries with the lowest risk.
May 8th, 2024 — Source

How Can Businesses Defend Themselves Against Common Cyberthreats?
TechRepublic consolidated expert advice on how businesses can defend themselves against the most common cyberthreats, including zero-days, ransomware and deepfakes.
May 8th, 2024 — Source

In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved
Noteworthy stories that might have slipped under the radar: European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom portal.
May 8th, 2024 — Source

Iran most likely to launch destructive cyber-attack against US -- ex-Air Force intel analyst
But China's the most technologically advanced
May 8th, 2024 — Source

ISMG Editors: Day 3 Highlights at RSA Conference 2024
Panel Discusses Way to Address the Job Shortage, the Latest Product Launches and OT
May 8th, 2024 — Source or Source or Source or Source or Source

Microsoft's Brad Smith summoned by Homeland Security committee over 'cascade' of infosec failures
Major intrusions by both China and Russia leave a lot to be answered for
May 8th, 2024 — Source

Ohio Lottery ransomware attack impacts over 538,000 individuals
​The Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization's systems on Christmas Eve.
May 8th, 2024 — Source

Quishing and vishing: How to protect yourself from new security threats
Quishing and vishing use modern technologies to obtain your data. Find out how you can protect yourself against these fraud methods.
May 8th, 2024 — Source

Singapore updates cybersecurity law to expand regulatory oversight
Amendments to the country's cybersecurity bill aim to bolster its administration amid changes in the threat landscape.
May 8th, 2024 — Source

Solving the Fractured Data Problem in Exposure Management
Sevco Security's J.J. Guy on Aggregating and Prioritizing Vulnerabilities
May 8th, 2024 — Source or Source or Source

The Week in Ransomware - May 10th 2024 - Chipping away at LockBit
After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation.
May 8th, 2024 — Source

UK's National Cyber Security Centre entry code cracks up critics
One, two, three, four is all you need to pass that door
May 8th, 2024 — Source

Wearable devices can now harvest neural data—urgent privacy reforms needed
Recent trends show Australians are increasingly buying wearables such as smartwatches and fitness trackers. These electronics track our body movements or vital signs to provide data throughout the day, with or without the help of artificial intelligence (AI).
May 8th, 2024 — Source

Internet — Security Issues — May 8th, 2024

Ascension healthcare takes systems offline after cyberattack
​Ascension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a "cyber security event."
May 8th, 2024 — Source

Attackers may be using TunnelVision to snoop on users" VPN traffic (CVE-2024-3661)
Researchers have brought to light a new attack method – dubbed TunnelVision and uniquely identified as CVE-2024-3661 – that can be used to intercept and snoop on VPN users" traffic by attackers who are on the same local network.
May 8th, 2024 — Source

Brandywine Realty Trust Hit by Ransomware
Philadelphia-based real estate company Brandywine Realty Trust shuts down systems following a ransomware attack.
May 8th, 2024 — Source

Cado Security launches solution for forensic investigations in distroless container environments
Cado Security has introduced a solution for conducting forensic investigations in distroless container environments. With Cado Security"s new offering, security teams can investigate the root cause, scope, and impact of malicious activity detected within distroless container environments to gain greater visibility into cloud risk.
May 8th, 2024 — Source

CISA boss: Secure code is the 'only way to make ransomware a shocking anomaly'
And it would seriously inconvenience the Chinese and Russians, too
May 8th, 2024 — Source

CISA Directors Talk Geopolitical Threats, Election Security
Explosion in Threat Actors, Poorly Configured Technology Compound the Risk
May 8th, 2024 — Source or Source or Source or SourceSource

City of Wichita breach claimed by LockBit ransomware gang
The LockBit ransomware gang has claimed responsibility for a disruptive cyberattack on the City of Wichita, which has forced the City's authorities to shut down IT systems used for online bill payment, including court fines, water bills, and public transportation.
May 8th, 2024 — Source

Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion
Hackers can exploit them to gain full administrative control of internal devices.
May 8th, 2024 — Source

CyberSaint releases NIST CSF Benchmarking Feature
CyberSaint released the NIST Cybersecurity Framework (CSF) Benchmarking Feature, which allows CISOs and security teams to measure their NIST posture against industry peers through a historical maturity graph on the CyberStrong Executive Dashboard.
May 8th, 2024 — Source

Cybersecurity, AI and Alicia Keys: What We've Seen at the RSA Conference
From deepfakes to disinformation, this year's annual San Francisco gathering of cybersecurity professionals is heavily focused on artificial intelligence, with a few celebrity appearances.
May 8th, 2024 — Source

Data privacy in the post-Roe era
In 2022, when the U.S. Supreme Court overturned Roe v. Wade—ending the constitutional right to an abortion—privacy advocates warned women against using smartphone apps to track their periods.
May 8th, 2024 — Source

DDoS attacks shift from mobile to computers
Computers and servers made up 92 percent of DDoS targets in 2013, compared to just eight percent for mobile devices. The split the previous year was 32 percent computers and 68 percent mobile. At the same time the DDoS attack count decreased 55 percent in 2023, but the average attack size grew 233 percent.
May 8th, 2024 — Source

Ghost Security Phantasm detects attackers targeting APIs
Ghost Security announced the early access availability of Phantasm, application-specific threat intelligence poised to fill a large gap that currently exists in both threat intelligence and application security.
May 8th, 2024 — Source

Healthcare Cybersecurity Firm Blackwell Raises $13 Million
Healthcare cybersecurity company Blackwell Security has raised $13 million and appointed Geyer Jones as its first CEO.
May 8th, 2024 — Source

Meet the leader of LockBit, the ‘most active ransomware gang ever"
Unmasking LockBit's mastermind could 'reignite leads' but also embolden the gang, experts say
May 8th, 2024 — Source

MITRE breach details reveal attackers" successes and failures
MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December 31, 2023.
May 8th, 2024 — Source

New ‘TunnelVision" Technique Leaks Traffic From Any VPN System
A new VPN bypass technique allows threat actors to snoop on victims" traffic by forcing it off the VPN tunnel using built-in features of DHCP.
May 8th, 2024 — Source

Ring of bogus web shops steals 850K credit card numbers
Fake online storefronts, which show up highly in Google and other search engines, are becoming a big problem.
May 8th, 2024 — Source

Report: Undetectable Threats Found in F5's Central Manager
Researchers Discover Major Vulnerabilities in Popular Central Management Platform
May 8th, 2024 — Source or Source or Source or Source or Source

SentinelOne Singularity Cloud Native Security simulates harmless attacks on cloud infrastructure
Attackers are targeting the scope and scale of the cloud to run rapid and coordinated threat campaigns. A new approach is needed to defend against them, and SentinelOne is delivering it with the launch of Singularity Cloud Native Security.
May 8th, 2024 — Source

Shields Up: How to Minimize Ransomware Exposure
Organizations need to look beyond preventive measures when it comes to dealing with today"s ransomware threats and invest in ransomware response.
May 8th, 2024 — Source

Ten years since the first corp ransomware, Mikko Hyppönen sees no end in sight
On the plus side, infosec's a good bet for a long, stable career
May 8th, 2024 — Source or Watch Video

Third-party data breaches rise almost 50 percent
A new study from Prevalent shows third-party Breaches have risen 49 percent year-on-year, increasing threefold since 2021.
May 8th, 2024 — Source

Token Security Raises $7 Million Seed Funding for Machine-First Identity Security
Tel Aviv-based firm emerged from stealth with $7 million seed funding led by TLV Partners with participation from SNR and angel investors.
May 8th, 2024 — Source

Traceable launches Generative AI API Security to combat AI integration risks
Traceable AI has revealed an Early Access Program for its new Generative AI API Security capabilities. As enterprises increasingly integrate Generative AI such as Large Language Models (LLMs) into critical applications, they expose those applications to attacks that exploit the unique characteristics of AI, such as prompt injection, insecure outputs, and sensitive data disclosure.
May 8th, 2024 — Source

TunnelVision hack allows attackers to bypass VPN protections
The TunnelVision vulnerability has been around since 2002 according to security researchers.
May 8th, 2024 — Source

UK opens investigation of MoD payroll contractor after confirming attack
China vehemently denies involvement
May 8th, 2024 — Source

UK Regulator Tells Platforms to 'Tame Toxic Algorithms'
Ofcom Prepares to Enforce the Online Safety Act
May 8th, 2024 — Source or Source or Source or Source or Source

Undersea cables must have high-priority protection before they become top targets
It's 'essential to national security' ex-Navy intel officer tells us
May 8th, 2024 — Source or Watch Video

University System of Georgia Says 800,000 Impacted by MOVEit Hack
University System of Georgia says Social Security numbers and bank account numbers were compromised in the May 2023 MOVEit hack.
May 8th, 2024 — Source

US indicted Russian LockBit ransomware ringleader with $10 million reward
Ransomware has become quite common these days due to the high probability of victims paying to recover their data. The perpetrators count on this when they select victims and deploy their attacks. One of the most notorious ransomware, LockBit, was allegedly created and made highly destructive by 31-year-old Dmitry Yuryevich Khoroshev, as indicated by the US.
May 8th, 2024 — Source

US revokes licenses that allowed companies to sell chips to Huawei
The US government has just made life more difficult for Huawei. The Biden administration revoked export licenses that allowed certain semiconductor companies to supply chips to the beleaguered Chinese conglomerate. This affects the supply of chipsets for its laptops and smartphones.
May 8th, 2024 — Source

Internet — Security Issues — May 7th, 2024

Abnormal extends Account Takeover Protection to cloud apps, introduces AI Security Mailbox
Abnormal Security is expanding its Account Takeover Protection product line beyond email to provide visibility into cross-platform user behavior and centralize compromised account detection and remediation across identity, collaboration, and cloud infrastructure applications.
May 7th, 2024 — Source

Akamai to Acquire API Protection Startup Noname Security for $450 Million
Akamai has announced plans to acquire Noname Security to enhance its API protection offering.
May 7th, 2024 — Source

Akamai to acquire Noname for $450 million
Akamai Technologies has announced that it has entered into a definitive agreement to acquire application programming interface (API) security company, Noname Security. Noname, one of the top API security vendors in the market, will enhance Akamai's existing API Security solution and accelerate its ability to meet growing customer demand and market requirements as the use of APIs continues to expand.
May 7th, 2024 — Source

An RFID blocker could be a lifesaver — here's why
Here's a little something to mull over.
May 7th, 2024 — Source

AT&T Launches New Managed Cybersecurity Services Business LevelBlue
LevelBlue, a new WillJam Ventures and AT&T joint venture, provides various managed cybersecurity services.
May 7th, 2024 — Source

Biden Administration Releases Global Cybersecurity Initiative
The U.S. Department of State has released a comprehensive cybersecurity framework aimed at international cooperation when targeting cybercriminals and strengthening defenses.
May 7th, 2024 — Source

BigID introduces dual-scanning capabilities for cloud native workloads
BigID has introduced a new advancement in cloud data security, privacy, and governance with the launch of its dual-scanning technology.
May 7th, 2024 — Source

Boosting US Tech Leadership: Antony Blinken's Agenda at RSAC
Secretary of State Antony Blinken Debuts New Policies to Propel US Tech Advancement
May 7th, 2024 — Source or Source or Source or Source or Source

Brandywine Realty Trust says data stolen in ransomware attack
U.S. realty trust giant Brandywine Realty Trust has confirmed a cyberattack that resulted in the theft of data from its network.
May 7th, 2024 — Source

CISA's early-warning system helped critical orgs close 852 ransomware holes
In the first year alone, that's saved us all a lot of money and woe
May 7th, 2024 — Source or Watch Video

Complexity leads to trade-off between risk and innovation
A new report finds that 85 percent of executives surveyed believe computing innovation is
May 7th, 2024 — Source

Computer scientists discover vulnerability in cloud server hardware used by AMD and Intel chips
Public cloud services employ special security technologies. Computer scientists at ETH Zurich have now discovered a gap in the latest security mechanisms used by AMD and Intel chips. This affects major cloud providers.
May 7th, 2024 — Source

Cops finally unmask 'LockBit kingpin' after two-month tease
Dmitry Yuryevich Khoroshev's $10M question is answered at last
May 7th, 2024 — Source

Cranium AI Exposure Management Solution helps organizations secure internal and third-party AI systems
Cranium has launched Cranium AI Exposure Management, the exposure management solution to help organizations protect and secure internal and third-party AI solutions. The Cranium Platform features an AI-augmented workflow with a secure LLM architecture paired with proprietary threat intelligence to provide visibility into an AI system, characterize attack surfaces, and assess vulnerabilities in an organization.
May 7th, 2024 — Source

Datadog Event Management helps teams reduce alert fatigue
Datadog released IT Event Management to its suite of AIOps capabilities. With Event Management, Datadog intelligently consolidates, correlates and enriches all alert events and important signals from Datadog and existing third-party observability tools into one consistent view. This process reduces alert fatigue so teams can focus their time and resources on remediating issues.
May 7th, 2024 — Source

DocGo discloses cyberattack after hackers steal patient health data
Mobile medical care firm DocGo confirmed it suffered a cyberattack after threat actors breached its systems and stole patient health data.
May 7th, 2024 — Source

Dynatrace enhances its platform with new Kubernetes Security Posture Management capabilities
Dynatrace is enhancing its platform with new Kubernetes Security Posture Management (KSPM) capabilities for observability-driven security, configuration, and compliance monitoring. This announcement follows the rapid integration of Runecast technology into the Dynatrace platform following the company's successful acquisition earlier this year.
May 7th, 2024 — Source

Forescout AI enables security leaders to make confident, informed decisions
Forescout introduced its AI product strategy built to help business leaders and security operators synthesize connected device threats and make decisions with clarity and confidence.
May 7th, 2024 — Source

From Warnings to Action: Preparing America's Infrastructure for Imminent Cyber Threats
As cyber threats grow more sophisticated, America cannot afford complacency. The time for decisive action and enhanced cyber resilience is now.
May 7th, 2024 — Source

Germany Recalls Its Ambassador in Russia for a Week in Protest Over a Hacker Attack
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scholz's party.
May 7th, 2024 — Source

Google, Mandiant, VirusTotal And Gemini AI Join Forces To Stomp Out Security Threats
Artificial intelligence has been used for some rather interesting applications, such as helping people deal with losing a loved one. While this is a unique use of the technology, there is so much more that AI can be used to improve our daily lives. This includes cybersecurity, which Google is now capitalizing on by integrating its Gemini AI model into the new Google Threat Intelligence Platform, announced at the RSA Conference in San Fransisco.
May 7th, 2024 — Source

Hackers exploit LiteSpeed Cache flaw to create WordPress admins
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.
May 7th, 2024 — Source

CyberEdBoard Profiles in Leadership: Nicole Darden Ford
Nordstrom CISO Shares Her Journey From B2B to B2C Industry in Security
May 7th, 2024 — Source or Source or Source or Source or Source

ISMG Editors: Day 1 Highlights at RSA Conference 2024
Panel on Secretary of State Antony Blinken's Keynote, Risk and Emerging Tech
May 7th, 2024 — Source or Source or Source or Source or Source

LockBit leader unmasked: US charges Russian national
Russian national Dmitry Khoroshev is "LockBitSupp", the creator, developer and administator of the infamous LockBit ransomware group, according to UK, US and Australia law enforcement agencies.
May 7th, 2024 — Source

LockBit Ransomware Mastermind Unmasked, Charged
Charges and sanctions announced against Dimitry Yuryevich Khoroshev, the alleged developer and operator of LockBit ransomware.
May 7th, 2024 — Source

LockBitSupp's Identity Revealed: Dmitry Yuryevich Khoroshev
Russian National Faces US Criminal Indictment, Sanctions
May 7th, 2024 — Source or Source or Source or Source or Source

MITRE Hack: China-Linked Group Breached Systems in December 2023
MITRE has shared more details on the recent hack, including the new malware involved in the attack and a timeline of the attacker's activities.
May 7th, 2024 — Source

Niobium Raises $5.5M for Zero Trust Computing Hardware Acceleration
Niobium has raised $5.5 million in seed funding for a fully homomorphic encryption (FHE) hardware accelerator designed for zero trust computing.
May 7th, 2024 — Source

Ransomware Attack Shuts Down Kansas City Systems
Phones, Wi-Fi, Digital Payments Are Among the Affected Systems
May 7th, 2024 — Source or Source or Source or Source or Source

Ransomware criminals use children's phone numbers to coerce payments from parents
"A psychological attack against the victim"
May 7th, 2024 — Source

Ransomware crooks now SIM swap executives' kids to pressure their parents
Extortionists turning to 'psychological attacks', Mandiant CTO says
May 7th, 2024 — Source

Ransomware mastermind LockBitSupp reveled in his anonymity—now he's been ID'd
The US places a $10 million bounty for the arrest of Dmitry Yuryevich Khoroshev.
May 7th, 2024 — Source

Ransomware operations are becoming less profitable
As the number of real (and fake) victims of ransomware gangs continues to rise, the number of ransomware payments is falling, along with the average ransom payment.
May 7th, 2024 — Source

Report: US Cybersecurity Makes Major Gains Amid New Threats
First-Ever US National Cybersecurity Posture Report Highlights AI, Cloud Migrations
May 7th, 2024 — Source or Source or Source or Source or Source

Researcher explains why we should care more about converging technologies
Professor Dirk Helbing of ETH Zurich and Austria's Complexity Science Hub expects future digital technologies to penetrate the human body even more in the future. However, he believes that society is not prepared for the risks involved. In a new article, he puts forward a new legal framework to protect our most intimate data from misuse.
May 7th, 2024 — Source

Suspected Chinese Hackers Hacked UK Defense Contractor
Up to 270,000 Defense Staff Across the UK Affected by Hack
May 7th, 2024 — Source or Source or Source or Source or Source

Sumo Logic's analytics capabilities allow security teams to find insights within their data
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.
May 7th, 2024 — Source

The UK Says a Huge Payroll Data Breach by a 'Malign Actor' Has Exposed Details of Military Personnel
The UK Ministry of Defense said a breach at a third-party payroll system exposed as many as 272,000 armed forces personnel and veterans.
May 7th, 2024 — Source

The UK's Ministry of Defence was hacked, and the country is reportedly blaming China
Names, bank details and addresses of former and active military personnel were exposed.
May 7th, 2024 — Source

Traditional vulnerability management overlooks risky systems
A new report from Claroty finds that that 38 percent of the riskiest the cyber-physical systems (CPS) assets are overlooked by traditional approaches to vulnerability management.
May 7th, 2024 — Source

US indicts LockBit ransomware ringleader, offers $10 million reward
The 31-year-old Russian national allegedly helped make LockBit one of the most 'prolific' ransomware groups in the world.
May 7th, 2024 — Source

US Releases International Cyberspace Strategy
The US calls for international engagement towards building an open, inclusive, resilient, safe, and equitable digital space.
May 7th, 2024 — Source

US State Department launches cyber and digital policy strategy
Part of the race with Beijing to set standards and advance norms
May 7th, 2024 — Source

US, UK police identify and charge Russian leader of LockBit ransomware gang
The identity of the leader of one of the most infamous ransomware groups in history has finally been revealed.
May 7th, 2024 — Source

What we learned from the indictment of LockBit's mastermind
On Tuesday, U.S. and U.K. authorities revealed that the mastermind behind LockBit, one of the most prolific and damaging ransomware groups in history, is a 31-year-old Russian named Dmitry Yuryevich Khoroshev, aka "LockbitSupp."
May 7th, 2024 — Source

Wiz Raises $1 Billion at $12 Billion Valuation
Cloud security giant Wiz has raised $1 billion, which brings the total funding to $1.9 billion, at a valuation of $12 billion.
May 7th, 2024 — Source

Internet — Security Issues — May 3rd, 2024

ArcaneDoor Espionage Campaign Targeting Cisco Firewalls Linked to China
An analysis of IoCs suggests that a Chinese threat group may be behind the recent ArcaneDoor espionage campaign targeting Cisco firewalls.
May 3rd, 2024 — Source

BlackBerry CylanceMDR improves cybersecurity defensive strategy
BlackBerry introduced the new and expanded CylanceMDR, offering comprehensive Managed Detection & Response (MDR) protection powered by the Cylance AI platform and augmented with award-winning security operations center analysts for 24×7 threat coverage.
May 3rd, 2024 — Source

Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals
A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.
May 3rd, 2024 — Source

Child Tax Credit 2024: Where Is Your Refund Money?
If you're still waiting to get your child tax credit money, here's how to find out when it'll arrive.
May 3rd, 2024 — Source

CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
May 3rd, 2024 — Source

Critical Flaw in R Language Poses Supply Chain Risk
Deserialization Vulnerability Allows for Remote Code Execution
May 3rd, 2024 — Source or Source< or Source or Source or Source

Cybercrime doesn't pay: REvil hacker receives 13-year prison sentence and $16 million fine
He played a part in extorting $700 million from more than 2,500 victims
May 3rd, 2024 — Source

Cyble Vision X covers the entire breach lifecycle
Cyble is launching Cyble Vision X, the successor to its Cyble Vision 2.0 threat intelligence platform, to elevate the user experience by empowering decision-makers with immediate access to critical information.
May 3rd, 2024 — Source

Dell Advances Data Protection Portfolio Amid Rising Cyber Threats
Dell Technologies is advancing its data protection portfolio to enhance cyber resiliency across appliances, software, and as-a-service offerings amid rising cyber threats. This development aligns with findings from the 2024 Dell Global Data Protection Index survey, which indicated that 75% of organizations are not confident in their current data protection strategies against ransomware.
May 3rd, 2024 — Source

Edgio ASM reduces risk from web application vulnerabilities
Edgio launched its Attack Surface Management (ASM) solution. ASM is designed to discover all web assets, provide full inventory of technologies, detect security exposures and manage exposure response across an organization from a centralized management interface.
May 3rd, 2024 — Source

FortiGate 200G series boosts campus connectivity for Wi-Fi 7
Fortinet announced a new next-generation firewall (NGFW) appliance with the security and networking performance needed to serve as the backbone of the modern campus.
May 3rd, 2024 — Source

French lawmakers sound alarm over alleged Chinese hacking
A group of French parliamentarians has sounded the alarm over what they say is an inadequate government response to cyberattacks targeting their computers and attributed to China.
May 3rd, 2024 — Source

Gurucul REVEAL empowers organizations with full control over data
Gurucul announced REVEAL, a unified security analytics platform. REVEAL delivers Threat Detection, Investigation and Response (TDIR) regardless of data type, volume and residency through a combination of its AI/ML analytics, an intelligent data engine with unified data fabric, native data optimization, federated search capabilities, an enterprise risk engine for prioritized alerts, and a disruptive pricing model.
May 3rd, 2024 — Source

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster
SaaS-based, AI-assisted penetration service allows proactive defensive action against exploitation of new vulnerabilities.
May 3rd, 2024 — Source

How Intel 471's Buy of Cyborg Is Reshaping Threat Hunting
Why Customers Benefit From Bringing Threat Hunting and Threat Intelligence Together
May 3rd, 2024 — Source or Source or Source or Source

Identity and permissions present a major security challenge
The average organization has roughly 1,400 permissions for every employee, according to a new report from Veza.
May 3rd, 2024 — Source

Internal memo: Microsoft CEO Satya Nadella delivers a new mandate on security
This is the text of Microsoft CEO Satya Nadella's internal memo sent to employees Friday, May 3, about the company's new security initiatives, expanding on Microsoft Security leader Charlie Bell's public blog post on the topic.
May 3rd, 2024 — Source

ISMG Editors: RSA Conference 2024 Preview
Also: Insights From Verizon's Data Breach Investigations Report; Investment Trends
May 3rd, 2024 — Source or Source or Source or Source or Source

Israel builds 'cyber dome' against Iran's hackers
Israel's Iron Dome defense system has long shielded it from incoming rockets. Now it is building a "cyber dome" to defend against online attacks, especially from arch foe Iran.
May 3rd, 2024 — Source

It may take decade to shore up software supply chain security, says infosec CEO
Sure, we're waking to the risk, but we gotta get outta bed, warns Endor Labs founder Varun Badhwar
May 3rd, 2024 — Source or Watch Video

Permira Takes Majority Stake in BioCatch at $1.3B Valuation
Biometrics Stalwart Eyes M&A, Geographic Expansion With Private Equity Firm Backing
May 3rd, 2024 — Source or Source or Source or Source or Source

LayerX Raises $26 Million for Browser Security Platform
Israeli startup LayerX Security banks $25 million in new financing as investors continue to pour money into secure web browsing technologies.
May 3rd, 2024 — Source

Lenovo launches AI-based Cyber Resiliency as a Service
Lenovo has launched its new AI-based Cyber Resiliency as a Service (CRaaS) leveraging Lenovo device telemetry and the Microsoft security software portfolio including Microsoft Copilot for Security and Defender for Endpoint.
May 3rd, 2024 — Source

Microsoft overhaul treats security as 'top priority' after a series of failures
Microsoft's security overhaul and goals are now linked to leadership compensation.
May 3rd, 2024 — Source

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report
Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to prioritize security above all other product features.
May 3rd, 2024 — Source

Microsoft, Google widen passkey support for its users
Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives.
May 3rd, 2024 — Source or Source

NATO and EU condemn Russia's cyberattacks against Germany, Czechia
​NATO and the European Union, with international partners, formally condemned a long-term cyber espionage campaign against European countries conducted by the Russian threat group APT28.
May 3rd, 2024 — Source

New Botnet 'Goldoon' Targets D-Link Devices
FortiGuard Labs Identifies Botnet Exploiting Decade-Old D-Link Vulnerability
May 3rd, 2024 — Source

Source or Source or Source or Source

New Report Exposes Iranian Hacking Group's Media Masquerade
Mandiant Says APT42 Members Have Been Posing as Journalists to Steal Troves of Data
May 3rd, 2024 — Source or Source or Source or Source or Source

Nokod Security Platform secures low-code/no-code development environments and apps
Nokod Security launched the Nokod Security Platform, enabling organizations to protect against security threats, vulnerabilities, compliance issues, and misconfigurations introduced by LCNC applications and robotic process automations (RPAs).
May 3rd, 2024 — Source

NSA warns of North Korean hackers exploiting weak DMARC email policies
The NSA and FBI warned that the APT43 North Korea-linked hacking group exploits weak email Domain-based Message Authentication Reporting and Conformance (DMARC) policies to mask spearphishing attacks.
May 3rd, 2024 — Source

Read Satya Nadella's Microsoft memo on putting security first
Microsoft is overhauling its security processes after a series of attacks.
May 3rd, 2024 — Source

Rehab Hospital Chain Hack Affects 101,000; Facing 6 Lawsuits
At Least 33 Ernest Health Facilities in 12 States Are Reporting Breaches
May 3rd, 2024 — Source or Source

Russian GRU Hackers Compromised German, Czech Targets
APT28 Used Microsoft Outlook Zero-Day, Governments Said
May 3rd, 2024 — Source or Source or Source or Source or Source

The changing face of the cybersecurity market [Q&A]
The cybersecurity world is a fast changing one with a constant arms race between attackers and defenders.
May 3rd, 2024 — Source

Trellix Wise automates security workflows with AI, streamlining threat detection and remediation
Trellix has unveiled Trellix Wise, a powerful suite of traditional and Generative Artificial Intelligence (GenAI) tools to drastically reduce cyber risk. Trellix Wise extends across the Trellix XDR Platform to discover and neutralize threats more efficiently while lowering security operations costs.
May 3rd, 2024 — Source

Top 5 Global Cyber Security Trends of 2023, According to Google Report
According to the M-Trends report, the average time it takes for an organisation to detect an attacker in their environment has decreased from 16 days in 2022 to 10 days in 2023.
May 3rd, 2024 — Source

U.K., U.S. and Canadian Cyber Authorities Warn of Pro-Russia Hacktivist Attacks on Operational Technology Systems
The U.K.'s National Cyber Security Centre, along with U.S. and Canadian cyber authorities, has identified a rise in attacks against OT operators since 2022.
May 3rd, 2024 — Source

Ukrainian REvil Ransomware Affiliate Gets 13 Years in US Prison
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation.
May 3rd, 2024 — Source

UnitedHealth data breach should be a wake-up call for the UK and NHS
Ransomware gangs are cashing in, but we keep entrusting sensitive data to irresponsible companies
May 3rd, 2024 — Source

US Says North Korean Hackers Exploiting Weak DMARC Settings
The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.
May 3rd, 2024 — Source

Web Trackers Persist in Healthcare Despite Privacy Risks
Ian Cohen, CEO of Lokker, Discusses the Latest Online Tracking Concerns
May 3rd, 2024 — Source or Source or Source or Source or Source

White House Issues National Security Memorandum for Critical Infrastructure
The White House has published a national security memorandum focusing on critical infrastructure security and resilience.
May 3rd, 2024 — Source

Internet — Security Issues — May 1st, 2024

A closer look at Apiiro's SHINE partner program
In this Help Net Security video, Adam LaGreca, Founder of 10KMedia, sat down with John Leon, VP of Partnerships at Apiiro, discusses the company's new technology partner program SHINE. The name stands for the program's guiding principles -- Seamless, Holistic, Integrated, Vendor-Neutral, and Enriched -- doubling down on the company's goal to integrate across stacks, from security testing tools, CMDBs, WAFs, runtime API security solutions, training, risk management systems, and development tools.
May 1st, 2024 — Source

Adobe Adds Content Credentials and Firefly to Bug Bounty Program
Adobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly.
May 1st, 2024 — Source

AI security bill aims to prevent safety breaches of AI models
The Secure Artificial Intelligence Act would create a database tracking AI security breaches.
May 1st, 2024 — Source

Change Healthcare cyberattack was due to a lack of multifactor authentication, UnitedHealth CEO says
The Change Healthcare cyberattack that disrupted health care systems nationwide earlier this year started when hackers entered a server that lacked a basic form of security: multifactor authentication.
May 1st, 2024 — Source

CISO Conversations: LinkedIn's Geoff Belknap and Meta's Guy Rosen
SecurityWeek interviews Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
May 1st, 2024 — Source

Citigroup's VC arm invests in API security startup Traceable
In 2019, Jyoti Bansal co-founded San Francisco-based security company Traceable alongside Sanjay Nagaraj. With Traceable, Bansal — who previously co-launched app performance management startup AppDynamics, acquired by Cisco in 2017 — sought to build a platform to protect customers' APIs from cyberattacks.
May 1st, 2024 — Source

Corelight Gets $150M to Expand Detection, Improve Workflows
Series E Funding Round to Cover Future Operations, Enhance Product Innovation
May 1st, 2024 — Source or Source or Source or Source

Correlating Cyber Investments With Business Outcomes
CEO Ted Gutierrez on Impact of the New SEC Rules for Reporting Material Incidents
May 1st, 2024 — Source or Source or Source or Source or Source

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data
Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.
May 1st, 2024 — Source

DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding
AI-Native Trust, Risk, and Security Management (TRiSM) startup DeepKeep raises $10 million in seed funding.
May 1st, 2024 — Source

Devious "Brokewell" trojan masquerades as Chrome browser update to steal your banking data
Brokewell could make you broke if it gains control of your device
May 1st, 2024 — Source

DHS: AI-Enhanced Nuclear and Chemical Threats Are Risk to US
New Report Says Global Threat Actors May Use AI to Enhance Physical Attacks on US
May 1st, 2024 — Source

Former Microsoft engineers raise $3M for cybersecurity startup StepSecurity
StepSecurity, a Seattle-area startup aiming to help developers secure their projects, raised a $3 million seed round led by Runtime Ventures.
May 1st, 2024 — Source

French hospital CHC-SV refuses to pay LockBit extortion demand
The Hôpital de Cannes - Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom.
May 1st, 2024 — Source

GitLab Hackers Use 'Forgot Your Password' to Hijack Accounts
US CISA Orders Federal Agencies to Apply January Patch
May 1st, 2024 — Source or Source or Source or Source or Source

Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push
Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.
May 1st, 2024 — Source

Google urges US to update immigration rules to attract more AI talent
In a letter to the Department of Labor, Google says a list of jobs considered scarce must include AI.
May 1st, 2024 — Source

How Personal Branding Can Elevate Your Tech Career
Your Personal Brand Is as Crucial as Any Skill in Your Tech Toolkit
May 1st, 2024 — Source

Lawmakers Grill UnitedHealth CEO on Change Healthcare Attack
UnitedHealth Group CEO Andrew Witty Explains the Steps the Company Is Taking
May 1st, 2024 — Source or Source or Source or Source or Source

Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle
Venafi introduced a 90-Day TLS Readiness solution to help enterprises prepare for Google's proposed 90-day limit for the lifecycle of a digital certificate.
May 1st, 2024 — Source

Nearly 1 in 5 ransomware attacks results in a lawsuit
A new study from Comparitech finds that around a fifth of ransomware attacks in the US led to a lawsuit in 2023.
May 1st, 2024 — Source

New Cuttlefish malware infects routers to monitor traffic for credentials
A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.
May 1st, 2024 — Source

Oasis Security Raises $35 Million to Tackle Non-Human Identity Management
New York startup Oasis Security banks $35 million in a Series A extension round led by Accel, Cyberstarts, and Sequoia Capital.
May 1st, 2024 — Source

Object First Ootbi: Simple Ransomware-Proof Backups For Veeam
The founders of Veeam, renowned for their innovative solutions in data management, have once again made a significant contribution to the field of data security with their new venture.
May 1st, 2024 — Source

Qantas Airways Says App Showed Customers Each Other's Data
Customers Report Seeing Each Other's Bookings and Inadvertent Flight Cancellations
May 1st, 2024 — Source or Source or Source or Source or Source

Qantas says app glitch exposed passengers' travel details
Qantas apologized Wednesday after a "technology issue" with its mobile app exposed users' travel details including their names, flights and points.
May 1st, 2024 — Source

Ransomware was used in 72% of network intrusions last year, says BakerHostetler
While extortion continues to drive the work of cyber adversaries, organizations are restoring from attacks faster and making ransom payments less frequently than in years past, the data and security experts said.
May 1st, 2024 — Source

Traceable AI Raises $30 Million to Safeguard Cloud APIs
Traceable AI has raised $110 million since launching in 2018 with ambitious plans in the competitive API security and observability space.
May 1st, 2024 — Source

UnitedHealth CEO admits it paid $22 million ransom to BlackCat
'This was one of the hardest decisions I've ever had to make,' CEO Andrew Witty said in a Senate hearing on Wednesday.
May 1st, 2024 — Source

UnitedHealth CEO tells Senate all systems now have multi-factor authentication after hack
UnitedHealth Group Chief Executive Officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company's systems exposed to the internet in response to the recent cyberattack against its subsidiary Change Healthcare.
May 1st, 2024 — Source

UnitedHealthcare CEO says 'maybe a third' of US citizens were affected by recent hack
Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it's still unclear how many Americans were impacted by the cyberattack.
May 1st, 2024 — Source

US sanctions on Iranian hackers highlight growing concern about the Islamic Republic's cyberwarriors
A feature of the simmering tensions between the US, Israel and Iran has been not just the tit-for-tat missile and drone strikes and assassinations, but accusations of cyberwarfare waged by Iran.
May 1st, 2024 — Source

Verizon DBIR: Cyber Defenders Are Facing Exploit Fatigue
Experts Warn That Human Failures Have Led to Surge in Successful Zero-Day Exploits
May 1st, 2024 — Source or Source or Source or Source or Source

VNC is the hacker's favorite remote desktop tool
Virtual Network Computing (VNC) is the remote desktop tool most targeted by attacks, accounting for 98 percent of the traffic across all remote desktop-specific ports.
May 1st, 2024 — Source

What the EU AI act means for cybersecurity teams and organizational leaders
On March 13, 2024, the European Parliament adopted the Artificial Intelligence Act (AI Act), establishing the world's first extensive legal framework dedicated to artificial intelligence. This imposes EU-wide regulations that emphasize data quality, transparency, human oversight, and accountability. With potential fines reaching up to €35 million or 7 percent of global annual turnover, the act has profound implications for a wide range of companies operating within the EU.
May 1st, 2024 — Source

Internet — Security Issues — April 30th, 2024

Apptega Raises $15 Million for Cybersecurity Compliance Platform
Mainsail Partners leads a $15 million financing round for end-to-end cybersecurity compliance platform company Apptega.
April 30th, 2024 — Source

Between one and all: Researchers propose system to control selected devices on network
One or all—that's the current choice many networks give users when it comes to controlling smart devices. With the evolving Internet of Things (IoT), referring to the technology that connects devices to one another and to the cloud, users need more specific control over their devices. Now, a Japanese team of researchers has developed a solution that may allow both more efficient and more secure control.
April 30th, 2024 — Source

Change Healthcare hacked using stolen Citrix account with no MFA
UnitedHealth confirms that Change Healthcare's network was breached by the BlackCat ransomware gang, who used stolen credentials to log into the company's Citrix remote access service, which did not have multi-factor authentication enabled.
April 30th, 2024 — Source or Source

Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report
While China-linked Muddling Meerkat's operations look like DNS DDoS attacks, it seems unlikely that denial of service is their goal, at least in the near term.
April 30th, 2024 — Source

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover
Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
April 30th, 2024 — Source

Cybersixgill Third-Party Intelligence module identifies potential supply chain risks
Cybersixgill, the global cyber threat intelligence data provider, broke new ground by introducing its Third-Party Intelligence module.
April 30th, 2024 — Source

DHS: AI-Enhanced Nuclear and Chemical Threats Are Risk to US
New Report Says Global Threat Actors May Use AI to Enhance Physical Attacks on US
April 30th, 2024 — Source or Source or Source or Source

Docker Hub Users Targeted With Imageless, Malicious Repositories
JFrog raises an alarm after finding three large-scale malware campaigns targeting Docker Hub with imageless repositories.
April 30th, 2024 — Source

ESET launches two MDR subscription tiers for SMBs and enterprises
ESET launched two new Managed Detection and Response (MDR) subscription tiers: ESET PROTECT MDR for small and medium businesses (SMBs) and ESET PROTECT MDR Ultimate for enterprises.
April 30th, 2024 — Source

FCC Fines Wireless Carriers for Sharing User Locations Without Consent
The Federal Communications Commission leveraged nearly $200 million in fines against wireless carriers AT&T, Sprint, T-Mobile and Verizon for illegally sharing customers' location data.
April 30th, 2024 — Source or Source or Source or Source or Source

Finnish Hacker Kivimaki Found Guilty in Vastaamo Hack
'Ransom_man' Extortionist Faces 6-Year, 3-Month Prison Term
April 30th, 2024 — Source or Source or Source or Source or Source or Source

Forescout CEO on Navigating OT, IoT Threats in Cybersecurity
Barry Mainz Discusses Asset Visibility, Security and Risk Management Outside IT
April 30th, 2024 — Source or Source

Google blocked over two million malicious Android apps in 2023
Google blocked over two million Android apps from the Play Store for violating its policies in 2023. The company also banned over 333,000 developers for repeated violations and malicious activities. Its SAFE principles helped it identify bad apps, actors, and fraud rings.
April 30th, 2024 — Source

How Personal Branding Can Elevate Your Tech Career
Your Personal Brand Is as Crucial as Any Skill in Your Tech Toolkit
April 30th, 2024 — Source or Source or Source or Source

Human factor is significant cyber risk for smaller businesses
Human factors, including lack of awareness, training and inconsistent policy adherence, are getting in the way of cybersecurity for smaller businesses.
April 30th, 2024 — Source

Island Gets $175M Series D Funding, Doubles Valuation to $3B
Investments in Island Led by Coatue and Sequoia Support Global Expansion, R&D, M&A
April 30th, 2024 — Sourceor Source or Source or Source or Source

Millions of Docker repos found pushing malware, phishing sites
Three large-scale campaigns targeted Docker Hub users, planting millions of repositories that pushed malware and phishing sites since early 2021.
April 30th, 2024 — Source

New Payment Rails to Rely on RFP for More Security
Modern Treasury's Ani Narayan on Why RFP on New Rails Won't Replace ACH Just Yet
April 30th, 2024 — Source

New threats and regulations lead companies to update security strategies
A new report from LogRhythm, based on a survey from Dimensional Research, reveals that 95 percent of enterprises have changed their cybersecurity strategies in the last 12 months.
April 30th, 2024 — Source

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability."
April 30th, 2024 — Source

Patched Deserialization Flaw in Siemens Product Allows RCE
The Siemens Simatic Energy Manager Used an Unsafe BinaryFormatter Method
April 30th, 2024 — Sourceor Source or Source or Source

SafeBase Scores $33M Series B Investment
SafeBase has raised north of $50 million since launching in 2020 with plans to simplify vendor risk assessment disclosures.
April 30th, 2024 — Source

ThreatX provides always-active API security from development to runtime
ThreatX has extended its Runtime API and Application Protection (RAAP) offering to provide always-active API security from development to runtime, spanning vulnerability detection at Dev phase to protection at SecOps phase of the software lifecycle.
April 30th, 2024 — Source

UnitedHealth CEO: Paying Ransom Was 'Hardest Decision' Ever
CEO Tells Congress Attackers Gained Access Via a Citrix Portal; What Happened Next
April 30th, 2024 — Source or Source or Source or Source or Source or Source

Vulnerability in R Programming Language Could Fuel Supply Chain Attacks
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.
April 30th, 2024 — Source

Why Many Healthcare Sector Entities End Up Paying Ransoms
Attorney Lynn Sessions of BakerHostetler on Cyberattack Considerations
April 30th, 2024 — Source or Source or Source or Source

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues
Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls.
April 30th, 2024 — Source

Internet — Security Issues — April 29th, 2024

91% of ransomware victims paid at least one ransom in the past year, survey finds
With more than half of organizations experiencing at least six ransomware attack attempts over the past year, many want more budget to cope.
April 29th, 2024 — Source

Apple Faces New Cybersecurity Law in UK
A new British cybersecurity law mandates smart device manufacturers like Apple to enhance protections or face hefty penalties.
April 29th, 2024 — Source

Are Enterprises Overconfident About Cybersecurity Readiness?
Cisco Cybersecurity Readiness Index Shows Only 3% of Companies Are Cyber Resilient
April 29th, 2024 — Source

Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual
Jennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity.
April 29th, 2024 — Source

Career Spotlight: Growing Need for Technology Legal Analysts
High Demand for Experts Who Know Law Plus AI, Blockchain and Internet of Things
April 29th, 2024 — Source or Source or Source or Source or Source

CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure
New CISA guidelines categorize AI risks into three significant types and pushes a four-part mitigation strategy.
April 29th, 2024 — Source

Collection Agency FBCS Says Data Breach Exposed Nearly 2 million People
Financial Business and Consumer Solutions (FBCS) says compromised information may include names, dates of birth, Social Security numbers, and account information.
April 29th, 2024 — Source

Critics question tech-heavy lineup of new Homeland Security AI safety board
CEO-heavy board to tackle elusive AI safety concept and apply it to US infrastructure.
April 29th, 2024 — Source

Cyberattack strikes Georgia county that was site of 2021 election breach
The Georgia county where tech experts copied the state's election software after the 2020 election was hit by a cyberattack in April.
April 29th, 2024 — Source

Cybersecurity researchers spotlight a new ransomware threat—be careful where you upload files
You probably know better than to click on links that download unknown files onto your computer. It turns out that uploading files can get you into trouble, too.
April 29th, 2024 — Source

FCC Fines US Cell Carriers $200M for Selling Location Data
Commission Approves Long-Anticipated Fines for Verizon, T-Mobile, AT&T and Sprint
April 29th, 2024 — Source or Source

Forescout CEO on Navigating OT, IoT Threats in Cybersecurity
Barry Mainz Discusses Asset Visibility, Security and Risk Management Outside IT
April 29th, 2024 — Source or Source or Source

French Government Bids on Atos' Cyber and Computing Assets
Atos Received a Letter of Intent From French Finance Minister Bruno Le Maire
April 29th, 2024 — Source or Source or Source or Source or Source

Google Says it Blocked 2.28 Million Apps from Google Play Store
In 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts.
April 29th, 2024 — Source

Hackers may have accessed Inquirer subscriber and employee personal data in 2023 cyberattack
About 25,500 Philadelphia Inquirer subscribers, employees, former employees, and employees' family members on company benefit plans may have had their personal information exposed in a May cyberattack, Inquirer publisher and chief executive officer Lisa Hughes said April 26.
April 29th, 2024 — Source

Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated
An analysis conducted by Honeywell shows that much of the USB-borne malware targeting industrial organizations can still cause OT disruption.
April 29th, 2024 — Source

How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat
History of TikTok and how it many view it as a national security threat.
April 29th, 2024 — Source

It's time to get proactive on the UK's critical national infrastructure (CNI) security -- but where to start?
The critical national infrastructure that underpins the UK has undergone a tremendous amount of digital transformation in recent years. Areas like water treatment, energy and food production are still heavily reliant on operational technology (OT) systems that were often designed and implemented long before the digital revolution.
April 29th, 2024 — Source

Kaiser Permanente Data Breach Impacts 13.4 Million Patients
US healthcare giant is warning millions of current and former patients that their personal information was exposed to third-party advertisers.
April 29th, 2024 — Source

London Drugs closes all of its pharmacies following 'cybersecurity incident'
Canadian stores shuttered 'until further notice'
April 29th, 2024 — Source or Source

Major alert! Fake Chrome update for Android installs trojan that will access your banking apps
Google has reached out to us today and gave us the following statement. "Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."
April 29th, 2024 — Source

Millions of devices still vulnerable to abandoned USB worm, continues to spread globally
Researchers suspect Chinese state-sponsored hackers are responsible
April 29th, 2024 — Source

Muddling Meerkat hackers manipulate DNS using China's Great Firewall
A new cluster of activity tracked as "Muddling Meerkat" is believed to be linked to a Chinese state-sponsored threat actor's manipulation of DNS to probe networks globally since October 2019, with a spike in activity observed in September 2023.
April 29th, 2024 — Source

Weak passwords for smart home devices to be illegal in Europe
Default passwords for smart home devices and wireless routers will have to be made stronger in order to comply with new cybersecurity laws in both the UK and EU ...
April 29th, 2024 — Source

New UK cybersecurity law will make weak passwords a thing of the past
The UK is setting minimum-security standards for consumer smart devices
April 29th, 2024 — Source or Source

Okta warns customers about credential stuffing onslaught
Credential stuffing attacks have exploded this April, Okta warns, and advises its customers to use available tools to block access requests originating from residential proxies before authentication takes place.
April 29th, 2024 — Source

Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies
Okta warned of a spike in credential stuffing attacks using anonymizing services such as Tor, DataImpulse, Luminati, and NSocks.
April 29th, 2024 — Source

Pyongyang Hackers Deploy Backdoors Via Fake Job Interviews
North Korean Prediliction for Elaborate Social Engineering Attacks Strikes Again
April 29th, 2024 — Source or Source or Source or Source or Source

Researchers create verification techniques to increase security in AI and image processing
A team of researchers from the Institute IMDEA Software, Universidad Carlos III de Madrid and NEC Laboratories Europe has introduced a novel framework that promises to improve the efficiency and practicality of verifiable computing.
April 29th, 2024 — Source

Researchers unveil novel attack methods targeting Intel's conditional branch predictor
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use.
April 29th, 2024 — Source

Secure by Design: UK Enforces IoT Device Cybersecurity Rules
Law Bans Universal Default Passwords; Requires Bug-Reporting Channels, Update Plan
April 29th, 2024 — Source or Source or Source

Should Cybersecurity Leadership Finally be Professionalized?
The majority opinion is that a cybersecurity professional body is long overdue and would benefit cybersecurity and cybersecurity practitioners.
April 29th, 2024 — Source

Silobreaker empowers users with timely insight into key cybersecurity incident filings
Silobreaker announced the addition of automatic collection, AI-enhanced analysis, and alerting on 8-K cybersecurity incident filings made to the US Securities and Exchange Commission (SEC).
April 29th, 2024 — Source

UK enacts IoT cybersecurity law
The Product Security and Telecommunications Infrastructure (PSTI) Act has come into effect today, requiring manufacturers of consumer-grade IoT products sold in the UK to stop using guessable default passwords and have a vulnerability disclosure policy.
April 29th, 2024 — Source

UK rolls out new consumer safeguards for smart devices
From today all new internet connected smart devices sold in the UK will be required by law to meet minimum-security standards.
April 29th, 2024 — Source

WordPress plugin vulnerability poses severe security risk, allows for site takeovers
Millions of exploitation attempts were detected in under a month
April 29th, 2024 — Source

Internet — Security Issues — April 28th, 2024

Hackers Claim to Have Infiltrated Belarus' Main Security Service
A Belarusian hacker activist group claims to have infiltrated the network of the country's main KGB security agency and accessed personnel files of over 8,600 employees.
April 28th, 2024 — Source

Major alert! Fake Chrome update for Android installs trojan that will access your banking apps
Google has reached out to us today and gave us the following statement. "Android users are automatically protected against known versions of this malware by Google Play Protect, which is on by default on Android devices with Google Play Services. Google Play Protect can warn users or block apps known to exhibit malicious behavior, even when those apps come from sources outside of Play."
April 28th, 2024 — Source

Password Managers: The Hidden Hero of Your Home Security
Password managers help home-havers fill out multiple device logins, store safe codes and improve Wi-Fi security. Here's everything you should know.
April 28th, 2024 — Source

Internet — Security Issues — April 27th, 2024

Computer scientists unveil novel attacks on cybersecurity
Researchers have found two novel types of attacks that target the conditional branch predictor found in high-end Intel processors, which could be exploited to compromise billions of processors currently in use.
April 27th, 2024 — Source

FTC Finalizes Health Breach Notification Rule Update
Regs Now Cover Wearables and Health Apps, Extend to More Types of Breaches
April 27th, 2024 — Source or Source

Microsoft Releases New-Open Source Tool for OT Security
ICSpector Is Now on GitHub, Scans PLCs, Extracts Info and Detects Malicious Code
April 27th, 2024 — Source or Source or Source or Source or Source

Rubrik Execs on How Going Public Will Drive More Innovation
Why Cyber's First IPO Since 2021 Will Fuel Growth, Foster Customer Relationships
April 27th, 2024 — Source or Source

Internet — Security Issues — April 26th, 2024

7 antivirus myths that are dead wrong
Not everything you hear is true when it comes to antivirus.
April 26th, 2024 — Source

CISA to launch ransomware warning program this year
The Cybersecurity and Infrastructure Security Agency (CISA) is launching a ransomware warning program this year to alert businesses about vulnerabilities in their systems.
April 26th, 2024 — Source

Computer scientists unveil novel attacks on cybersecurity
Intel and AMD will issue security alerts today based on the findings
April 26th, 2024 — Source

Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors
A vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites.
April 26th, 2024 — Source

Cybercriminals are using developing nations as test beds for ransomware attacks
Sandboxing their techniques
April 26th, 2024 — Source

Cybersecurity firm Darktrace accepts $5 bn takeover
Cybersecurity firm Darktrace said Friday it had accepted a $5.3-billion takeover bid from US private equity firm Thoma Bravo, which highlighted the British group's "capability in artificial intelligence".
April 26th, 2024 — Source

FTC Finalizes Health Breach Notification Rule Update
Regs Now Cover Wearables and Health Apps, Extend to More Types of Breaches
April 26th, 2024 — Source or Source or Source

Hackers try to exploit WordPress plugin vulnerability that's as severe as it gets
WP Automatic plugin patched, but release notes don't mention the critical fix.
April 26th, 2024 — Source

Health Analytics Firm Reports Breach Affecting 1.1 Million
Data Stolen via Breach of Reliable Networks - BerryDunn's Managed Service Provider
April 26th, 2024 — Source or Source or Source or Source or Source

Human risk management automation can help beat burnout
Cyber criminals are relentlessly exploiting new technologies to improve their chances of success. As such, security professionals are feeling the pressure of keeping watch against these threats and trying to stay a step ahead of these criminals.
April 26th, 2024 — Source

In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO
Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO.
April 26th, 2024 — Source

Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
April 26th, 2024 — Source

Rubrik Execs on How Going Public Will Drive More Innovation
Why Cyber's First IPO Since 2021 Will Fuel Growth, Foster Customer Relationships
April 26th, 2024 — Source or Source or Source

State AGs, Industry Groups Urge Action in Change Health Saga
Calls for More Aid to Providers Come as Parent Company UHG Grapples With Breach
April 26th, 2024 — Source or Source or Source or Source or Source

Strengthening Asset Management, Security in Rail Transport
CISO Tom Remberg on Enhancing Rail Passenger Experience While Beefing Up Security
April 26th, 2024 — Source or Source or Source or Source or Source

Tech Titans, AI Leaders Join New Federal AI Security Board
Heads of OpenAI, Microsoft, Alphabet Join Inaugural AI Safety and Security Board
April 26th, 2024 — Source or Source

Thoma Bravo to Buy Cybersecurity AI Firm Darktrace for $5.3B
PE Firm Tried to Take Darktrace Private in Summer 2022, But Couldn't Agree on Terms
April 26th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — April 24th, 2024

1Kosmos CSP enables government agencies to digitally verify resident identity
1Kosmos has expanded its offerings for the identity verification and passwordless market with the introduction of a new Credential Service Provider (CSP) managed service based on the privacy-by-design 1Kosmos platform.
April 24th, 2024 — Source

A closed-loop drug-delivery system could improve chemotherapy
When cancer patients undergo chemotherapy, the dose of most drugs is calculated based on the patient's body surface area. This is estimated by plugging the patient's height and weight into an equation, dating to 1916, that was formulated from data on just nine patients.
April 24th, 2024 — Source

AI Is Sexist, Racist and Homophobic
Regulation and Inclusive Training Data Can Help Reduce Bias, Experts Say
April 24th, 2024 — Source or Source or Source or Source or Source

AI Voice Cloning Pushes 91% of Banks to Rethink Verification
BioCatch Survey Report Focuses on New AI-Based Risks and Fraud-Fighting Solutions
April 24th, 2024 — Source or Source

Amplifier Security Emerges From Stealth With AI Copilot, Human-in-the-Loop Automation
Amplifier Security has raised $3.3 million in funding for a solution that includes human-in-the-loop automation and an AI copilot.
April 24th, 2024 — Source

ArcaneDoor hackers exploit Cisco zero-days to breach govt networks
​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide.
April 24th, 2024 — Source

Australia's top spy urges big tech to unravel encrypted chats
Australia's top spy on Wednesday urged greater cooperation from the big tech companies, asking them to break a long-held industry taboo by providing access to encrypted messages.
April 24th, 2024 — Source

Best free VPN for Android 2024: Which ones can you trust?
When you need a quick free VPN connection for your Android phone or tablet.
April 24th, 2024 — Source

Binarly releases Transparency Platform v2.0 to improve software supply chain security
Binarly has released the Binarly Transparency Platform v2.0 with features for continuous post-build compliance, visibility into the security posture of IoT and XIoT devices, and the ability to identify malicious behavior and hidden backdoors within binaries based on their behavior.
April 24th, 2024 — Source

Cisco Fixes Firewall 0-Days After Likely Nation-State Hack
Networking Giant Dubs Campaign Against Government Customers 'Arcane Door'
April 24th, 2024 — Source or Source or Source or Source or Source

Cisco Raises Alarm for 'ArcaneDoor' Zero-Days Hitting ASA Firewall Platforms
Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks.
April 24th, 2024 — Source

CISOs worry about gen AI leading to security breaches
A new survey of more than 400 CISOs in the US and UK reveals that 72 percent are concerned about security breaches related to generative AI.
April 24th, 2024 — Source

Comcast Business MDR limits the impact of cyber threats
Comcast Business has expanded its cybersecurity portfolio with the launch of its Comcast Business Managed Detection and Response (MDR) solution.
April 24th, 2024 — Source

Cyberint platform enhancements boost protection against external threats
Cyberint has unveiled a series of platform updates aimed at bolstering client protection against external threats.
April 24th, 2024 — Source

Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant's M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time -- the time attackers remain undetected within a target environment -- has reached its lowest point in over a decade.
April 24th, 2024 — Source

Hackers are using developing countries for ransomware practice
Businesses in Africa, Asia, and South America hit before moving on to Western targets.
April 24th, 2024 — Source

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.
April 24th, 2024 — Source

Harnessing AI: A Step-by-Step Guide for Job Seekers
How ChatGPT Can Help You Write Your Job Application Documents
April 24th, 2024 — Source or Source or Source or Source or Source

Hotspot Shield review: This speedster VPN's still got it
Hotspot Shield is fast, secure, and pricey.
April 24th, 2024 — Source

KnowBe4 Buys Egress to Aid Awareness Training, Email Defense
KnowBe4's First Deal Since 2021 Brings AI-Based Email Protection, Training Together
April 24th, 2024 — Source or Source or Source

KnowBe4 Plans to Acquire Egress for Email Security Tech
KnowBe4 boasts that the merger will create "the largest, advanced AI-driven cybersecurity platform for managing human risk."
April 24th, 2024 — Source

Login.gov to Test Facial Recognition Under New Leadership
Hanna Kim to Take Over Login.gov at a Pivotal Moment for Federal Sign-On Service
April 24th, 2024 — Source or Source or Source or Source

Major Areas of Cybersecurity Focus for Medical Device Makers
Nastassia Tamari of the FDA on Top Challenges During Premarket Device Submissions
April 24th, 2024 — Source or Source or Source or Source or Source

Maximum severity Flowmon bug has a public exploit, patch now
Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility.
April 24th, 2024 — Source

Mechanism of grafting Prunus sp. to control crown gall disease by regulating the rhizosphere environment
Grafting is a traditional and significant strategy to suppress soil-borne diseases, such as the crown gall disease caused by tumorigenic Agrobacterium and Rhizobium. Root exudates and the rhizosphere microbiome play critical roles in controlling crown gall disease, but their roles in suppressing crown gall disease in grafted plants remain unclear.
April 24th, 2024 — Source

Microsoft launches Phi-3 Mini, a tiny AI model that packs a punch
Phi-3 Mini was designed with smartphones in mind.
April 24th, 2024 — Source

Nagomi Security Emerges From Stealth With $30 Million in Funding
Nagomi Security, a company that helps customers prevent threats by leveraging existing security tools, emerged from stealth with $30 million in funding.
April 24th, 2024 — Source

Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
April 24th, 2024 — Source

Navigating Vendor Speak: A Security Practitioner's Guide to Seeing Through the Jargon
As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk.
April 24th, 2024 — Source

New Password Cracking Analysis Targets Bcrypt
Hive Systems conducts another study on cracking passwords via brute-force attacks, but it's no longer targeting MD5.
April 24th, 2024 — Source

New Relic AI monitoring helps enterprises use AI with confidence
New Relic announced New Relic AI monitoring with a suite of new features to meet the evolving needs of organizations developing AI applications.
April 24th, 2024 — Source

North Korean Hackers Hijack Antivirus Updates for Malware Delivery
A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners.
April 24th, 2024 — Source

On the trail of deepfakes, researchers identify 'fingerprints' of AI-generated video
In February, OpenAI released videos created by its generative artificial intelligence program Sora. The strikingly realistic content, produced via simple text prompts, is the latest breakthrough for companies demonstrating the capabilities of AI technology. It also raised concerns about generative AI's potential to enable the creation of misleading and deceiving content on a massive scale.
April 24th, 2024 — Source

Oracle launches Autonomous Shield initiative, with eye on cloud cybersecurity
The aim is to help electronic health record clients migrate to Oracle Cloud Infrastructure, reducing cyber risk while boosting performance, the company says.
April 24th, 2024 — Source

PoC for critical Progress Flowmon vulnerability released (CVE-2024-2389)
More details of and a proof-of-concept exploit for an unauthenticated OS command injection vulnerability (CVE-2024-2389) in Flowmon, Progress Software's network monitoring/analysis and security solution, have been published.
April 24th, 2024 — Source

Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape
A new report by cyber security firm Radware identifies the four main impacts of AI on the threat landscape emerging this year.
April 24th, 2024 — Source

Prophet Security Emerges From Stealth Mode With $11 Million in Funding
Bain Capital Ventures and angel investors invest $11 million in automated alerts analysis startup Prophet Security.
April 24th, 2024 — Source

SD-WAN: Don't Build a Dead End, Prepare for Future-Proof Secure Networking
SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE.
April 24th, 2024 — Source

Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization's security posture.
April 24th, 2024 — Source

Six out of 10 businesses struggle to manage cyber risk
A new study from Barracuda Networks finds just 43 percent of organizations surveyed have confidence in their ability to address cyber risk, vulnerabilities, and attacks.
April 24th, 2024 — Source

Study reviews the role of a ribonucleic acid 'MALAT1' in hematological malignancies
Long non-coding ribonucleic acids (lncRNAs), despite not coding for any protein, can play a significant role in cancer formation, progression, and treatment outcomes. One such lncRNA of interest is MALAT1, abbreviated for metastasis-associated lung adenocarcinoma transcript 1.
April 24th, 2024 — Source

Targeted use of enfortumab vedotin for the treatment of advanced urothelial carcinoma
An interdisciplinary research team has published new findings that indicate which patients with advanced urothelial carcinoma could benefit in particular from the new targeted therapy with the antibody-drug conjugate enfortumab vedotin.
April 24th, 2024 — Source

ThreatLocker Gets $115M to Fuel Zero Trust Defense, Eyes IPO
After Quintupling Revenue Over the Past 18 Months, ThreatLocker Wants to Go Public
April 24th, 2024 — Source or Source

Threat Actor Uses Multiple Infostealers in Global Campaign
A threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide.
April 24th, 2024 — Source

Why you need a fake online identity
Any time you give out your email address, you're running a risk. Here's how to fight back.
April 24th, 2024 — Source

Internet — Security Issues — April 22nd, 2024

7 Tips for Complying With Healthcare Fraud Regulations
Attorney Rachel Rose on Navigating the Intensifying Scrutiny of Federal Regulators
April 22th, 2024 — Source or Source or Source or Source or Source

apexanalytix Passkeys protects data with biometric authentication
apexanalytix launched Passkeys, a feature that enables suppliers to securely log into their accounts using biometrics like a fingerprint or face scan, or a screen lock PIN.
April 22th, 2024 — Source

Benefits of a Unified CNAPP and XDR Platform
Uptycs CEO Ganesh Pai Discusses the Evolution of Endpoint Threat Detection
April 22th, 2024 — Source or Source or Source or Source or Source

Binary Defense enhances BDVision to improve security for SMBs
Binary Defense announced several important updates to BDVision, the company's real-time detection and containment Managed Endpoint Detection & Response (mEDR) solution.
April 22th, 2024 — Source

CrushFTP Patches Exploited Zero-Day Vulnerability
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
April 22th, 2024 — Source

Despite US Sanctions, TV Shows May Have Unknowingly Used North Korean Animators
Skybound Entertainment has denied the allegations of working with North Korean animators.
April 22th, 2024 — Source

Email still the most popular phishing technique even on mobile
Most incidents of phishing or spoofing on smartphones still happen via email, according to MEF's (Mobile Ecosystem Forum) 9th Annual Trust Study.
April 22th, 2024 — Source

European police chiefs target E2EE in latest demand for 'lawful access'
In the latest iteration of the never-ending (and always head-scratching) crypto wars, Graeme Biggar, the director general of the U.K.'s National Crime Agency (NCA), has called on Instagram's parent, Meta, to rethink its continued rollout of end-to-end encryption (E2EE).
April 22th, 2024 — Source

Feds Issue Guide for Change Health Breach Reporting Duties
HHS OCR Says the Company Has Not Yet Filed HIPAA Breach Reports to the Agency
April 22th, 2024 — Source or Source or Source or Source or Source

Google Chrome might be getting AI-powered password suggestions
Having some help during the password creation process to protect your data is always welcome, especially for inexperienced users. Most novice users aren't familiar with additional privacy methods and don't use 2-factor authentication or other alternatives. Some websites even offer a password strength bar to show you how good your new password is.
April 22th, 2024 — Source

HHS Beefs Up Privacy Protection for Reproductive Health Info
Finalizes HIPAA Privacy Rule Changes Involving PHI Related to Reproductive Care
April 22th, 2024 — Source or Source or Source or Source

Microsoft: APT28 hackers exploit Windows flaw reported by NSA
​Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg.
April 22th, 2024 — Source

MITRE breached by nation-state threat actor via Ivanti zero-days
MITRE has been breached by attackers via two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Ivanti's Connect Secure VPN devices.
April 22th, 2024 — Source

MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days
MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.
April 22th, 2024 — Source or Source or Source or Source or Source

Olympians Tout AI in Sports
International Olympics Committee Publishes AI Strategy
April 22th, 2024 — Source or Source

Proton Mail launches Dark Web Monitoring to alert users to leaks
One of the most common forms of cyberattack is credential stuffing, using exposed details on different sites to exploit the fact that people frequently reuse passwords.
April 22th, 2024 — Source or Source

Ransomware Payments Plunge To Record Low In Q1 '24, Don't Get Complacent
In the past few years, the ransomware market has heated up, leading to more payouts for threat actors and more attacks overall. However, in late 2023, with the seizure of BlackCat ALPHV by law enforcement, among other factors, the business side of ransomware-as-a-service (RaaS) has been put on ice, at least somewhat.
April 22th, 2024 — Source

Report: Russian Hackers Targeting Ukrainian Soldiers on Apps
Russian Hackers Using Open-Source Malware on Popular Messaging Apps, Report Says
April 22th, 2024 — Source or Source or Source

Research Shows How Attackers Can Abuse EDR Security Products
Vulnerabilities in Palo Alto Networks Cortex XDR allowed a security researcher to turn it into a malicious offensive tool.
April 22th, 2024 — Source

Rural Texas Towns Report Cyberattacks That Caused One Water System to Overflow
A hack that caused a small Texas town's water system to overflow in January has been linked to a shadowy Russian hacktivist group, the latest case of a U.S. public utility becoming a target of foreign cyberattacks.
April 22th, 2024 — Source

Russian Sandworm hackers targeted 20 critical orgs in Ukraine
Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team (CERT-UA).
April 22th, 2024 — Source

Study: GPT-4 Agent Can Exploit Unpatched Vulnerabilities
Researchers Keep Prompts Under Wraps
April 22th, 2024 — Source or Source or Source or Source or Source

Synlab Italia suspends operations following ransomware attack
Synlab Italia has suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline.
April 22th, 2024 — Source

The first steps of establishing your cloud security strategy
In this article, we'll identify some first steps you can take to establish your cloud security strategy. We'll do so by discussing the cloud security impact of individual, concrete actions featured within the CIS Critical Security Controls (CIS Controls) and the CIS Benchmarks.
April 22th, 2024 — Source

Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
April 22th, 2024 — Source

Trend Micro launches AI-driven cyber risk management capabilities
Trend Micro unveiled AI-driven cyber risk management capabilities across its entire flagship platform, Trend Vision One.
April 22th, 2024 — Source

Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now.
April 22th, 2024 — Source

Internet — Security Issues — April 19th, 2024

A phishing campaign is using LastPass branding, fake calls to steal passwords
LastPass users on Android and other platforms are targets of a phishing campaign combining fake customer service calls with cleverly designed emails featuring the company's branding to steal their master passwords. This multi-layered attack exploits social engineering tactics to trick victims into handing over the keys to their password vault, potentially compromising all their online accounts.
April 19th, 2024 — Source

Akira Ransomware Made Over $42 Million in One Year: Agencies
Akira ransomware has hit over 250 organizations worldwide and received over $42 million in ransom payments.
April 19th, 2024 — Source

Breach Roundup: LabHost Phishing-as-a-Service Site Goes Down
Also: Omni Hack Exposed Customer Data; More Ivanti Vulnerabilities Come to Light
April 19th, 2024 — Source or Source or Source or Source or Source

BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems
Investors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability.
April 19th, 2024 — Source

CEO Andre Durand on Why Ping, ForgeRock Are Better Together
How Ping-ForgeRock Merger Provides Enhanced Deployment Flexibility, More Services
April 19th, 2024 — Source or Source or Source or Source or Source

Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals
It's the second time the World-Check list has fallen into the wrong hands
April 19th, 2024 — Source

FIN7 Targeted US Automotive Giant In Failed Attack
Spear Phishing Messages Sent to Emplpyees With Admin Rights
April 19th, 2024 — Source or Source or Source or Source or Source

First Major Attempts to Regulate AI Face Headwinds From All Sides
While over 400 AI-related bills are being debated this year in statehouses nationwide, most target one industry or just a piece of the technology — such as deepfakes used in elections.
April 19th, 2024 — Source

Forget Boss Battles, RedLine Malware Aims To Defeat Gamers With Fake Cheats
If you are a threat actor and want to mine cryptocurrency or steal some juicy information, a gamer's PC is a good target for that sort of thing, given the hardware and software they use. Even better yet is the PC of a game cheater because they are used to downloading sketchy software in the first place, so the barrier to entry of the malware target is lowered.
April 19th, 2024 — Source

From $8.3B to $200M: Why Lacework Is Examining a Sale to Wiz
Lacework Got the Largest Funding Round in Cyber History. Now, It's Eyeing the Exits
April 19th, 2024 — Source or Source or Source

Frontier Communications Shuts Down Systems Following Cyberattack
Telecom giant Frontier shuts down systems to contain a cyberattack that led to personal information compromise.
April 19th, 2024 — Source

Hacking the Floodgates: US Dams Face Growing Cyber Threats
Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn
April 19th, 2024 — Source or Source or Source or Source or Source

HelloKitty ransomware rebrands, releases CD Projekt and Cisco data
An operator of the HelloKitty ransomware operation announced they changed the name to 'HelloGookie,' releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks.
April 19th, 2024 — Source

ISMG Editors: Global Fallout From Leaked LockBit Ransomware
Also: Congress Weighs in on Change Healthcare Saga; Hot Topics at ISMG's AI Summit
April 19th, 2024 — Source or Source or Source or Source or Source

Millennials are key targets for phishing
A new report reveals that millennials are the top targets for phishing attacks, receiving 37.5 percent of phishing emails.
April 19th, 2024 — Source

Mitre Says Hackers Breached Unclassified R&D Network
Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in Cyberattack
April 19th, 2024 — Source or Source or Source or Source or Source

MITRE says state hackers breached its network via Ivanti zero-days
The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days.
April 19th, 2024 — Source

Novel Android Malware Targets South Korean Banking Users
New Malware SoumniBot Exploiting Legitimate Android Process
April 19th, 2024 — Source or Source or Source or Source

Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
More organizations hit by ransomware gangs are starting to realize that it doesn't pay to pay up: "In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%," ransomware incident response firm Coveware has found.
April 19th, 2024 — Source

Ready Or Not Developer Confirms It Was Hacked, Source Code Stolen
No employee or player data was stolen.
April 19th, 2024 — Source

Rising Ransomware Issue: English-Speaking Western Affiliates
Domestic Teen Groups Demand 'Nip the Bud' and 'Alternative Pathways,' Experts Say
April 19th, 2024 — Source or Source or Source or Source or Source

Roku's massive hack is why you shouldn't reuse passwords
You can easily protect yourself from this kind of attack.
April 19th, 2024 — Source

Suspected Attack Shuts Down US Blood Plasma Donation Centers
Swiss-Based Octapharma Plasma Says Co. is Dealing with 'Network Issues'
April 19th, 2024 — Source or Source or Source or Source or Source

Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing
VulnCheck banks $8 million in early stage capital to build 'exploit intelligence' technologies and services.
April 19th, 2024 — Source

UK mulls fresh controls on 'sensitive tech' after China cyber attack claim
Tech has become a focal point of escalating geopolitical tensions
April 19th, 2024 — Source

United Nations agency investigates ransomware attack, data theft
​The United Nations Development Programme (UNDP) is investigating a cyberattack after threat actors breached its IT systems to steal human resources data.
April 19th, 2024 — Source

US Government Releases Guidance on Securing Election Infrastructure
New US guidance details foreign malign influence operations to help election infrastructure stakeholders increase resilience.
April 19th, 2024 — Source

Your Android phone could have stalkerware — here's how to remove it
How to remove common consumer-grade spyware
April 19th, 2024 — Source

Internet — Security Issues — April 17th, 2024

5 outdated security practices you shouldn't use anymore
The old ways aren't always the best ways.
April 17th, 2024 — Source

80 percent of companies don't have sufficient cyber insurance
According to a new report, 80 percent of insured companies that have suffered a data breach didn't have sufficient coverage for the incident.
April 17th, 2024 — Source

Apple quiet about its iPhone 'spyware attack' warnings — but the mystery may be solved
A new report uncovers the return of the spyware LightSpy.
April 17th, 2024 — Source

Armis Acquires Silk Security for $150 Million
Armis has acquired cyber risk prioritization and remediation company Silk Security for $150 million.
April 17th, 2024 — Source or Source

Armis Buys Cyber Remediation Startup Silk Security for $150M
Combination of Armis and Silk Will Create Leader in Asset Management, Remediation
April 17th, 2024 — Source or Source or Source or Source

Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks
Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services.
April 17th, 2024 — Source

CISOs not changing priorities in response to AI threats
A new report by ClubCISO in collaboration with Telstra Purple finds that despite significant concerns around the impact of AI cyberattacks, many organizations have not seen their priorities or investment plans change.
April 17th, 2024 — Source

Congress Asks What Went Wrong in Change Healthcare Attack
Parent Company UHG Is a No-Show at Hearing & Faces Data Leak, Attack Costs of $1.6B
April 17th, 2024 — Source

Cybercriminals take aim at ERP apps
Many enterprises rely on some sort of ERP application for their business operations and decision making. The vast majority of large organizations use ERP applications from leading vendors like SAP and Oracle.
April 17th, 2024 — Source

Dark Web Monitoring: What's the Value?
The term "dark web" conjures up images of a shadowy netherworld of cybercrime, espionage, drugs, and guns. In reality "dark web" sites are simply websites ending in .onion that need to be accessed through a special browser, The Onion Router (Tor).
April 17th, 2024 — Source

Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released.
April 17th, 2024 — Source

Exploited TP-Link Vulnerability Spawns Botnet Threats
Attackers Exploit Old Flaw, Hijack TP-Link Archer Routers
April 17th, 2024 — Source or Source or Source or Source or Source

Free Ransomware: LockBit Knockoffs and Imposters Proliferate
Experts See Surge in Attacks, Including in Russia, Using Leaked LockBit Code
April 17th, 2024 — Source

Hack on Clinic Serving Homeless Is Latest Hit to Underserved
Centers for Underserved Patients, Resource-Poor Communities Fight for Cyber Funds
April 17th, 2024 — Source or Source or Source or Source or Source

Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks
In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities.
April 17th, 2024 — Source

How to Start a Career in Cybersecurity
A Guide to Seizing Opportunities and Pursuing Growth
April 17th, 2024 — Source or Source or Source or Source or Source

Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product
Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution.
April 17th, 2024 — Source

Kapeka: A New Backdoor in Sandworm's Arsenal of Aggression
Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm's malware arsenal and possibly a successor to GreyEnergy.
April 17th, 2024 — Source

Key Lawmaker Heralds 'Landmark' Draft Federal Privacy Bill
Top Democrat Calls Draft Bill a 'Unique' Chance to Pass Federal Privacy Legislation
April 17th, 2024 — Source or Source or Source or Source or Source

Kremlin's Sandworm blamed for cyberattacks on US, European water utilities
Water tank overflowed during one system malfunction, says Mandiant
April 17th, 2024 — Source

Likely Sandworm Hackers Using Novel Backdoor Kapeka
Kapeka Shows Similarities With Russian GRU Hacking Group's GreyEnergy Malware
April 17th, 2024 — Source or Source or Source or Source or Source

Microsoft's security threat division sees evidence of more Russian disinformation efforts
Earlier this month, Microsoft's security threat division, the Microsoft Threat Analysis Center (MTAC), issued a report on efforts by China and North Korea-based state-sponsored hacker groups. The MTAC stated these groups are posting misinformation on US social media outlets in order to sow division in the country.
April 17th, 2024 — Source

Moldovan charged for operating botnet used to push ransomware
The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States.
April 17th, 2024 — Source

Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, which could allow for remote code execution. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged on user.
April 17th, 2024 — Source

Multiple vulnerabilities have been discovered in Google Chrome, which could allow for remote code execution. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for remote code execution. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings (including encryption and authentication), and apply those settings on a schedule throughout the network. Successful exploitation could allow for remote code execution in the context of the system.
April 17th, 2024 — Source

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation
While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices' telemetry, it has now been confirmed that this mitigation is ineffectual.
April 17th, 2024 — Source

Possible Chinese Hackers Use OpenMetadata to Cryptomine
Hackers Target OpenMetadata Platforms Running on Cloud Kubernetes Environments
April 17th, 2024 — Source or Source or Source

Recent OT and Espionage Attacks Linked to Russia's Sandworm, Now Named APT44
Mandiant summarizes some of the latest operations of Russia's notorious Sandworm group, which it now tracks as APT44.
April 17th, 2024 — Source

Russian Sandworm hackers pose as hacktivists in water utility breaches
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups.
April 17th, 2024 — Source

SoumniBot malware exploits Android bugs to evade detection
A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure.
April 17th, 2024 — Source

The Global Menace of the Russian Sandworm Hacking Team
Russian Cyber Sabotage Unit Sandworm Adopting Advanced Techniques, Mandiant Warns
April 17th, 2024 — Source or Source or Source or Source or Source

Vorlon is trying to stop the next big API breach
Application programming interfaces (APIs) are the bedrock of everything we do online. APIs allow two things on the internet to talk with each other, including connected devices or phone apps.
April 17th, 2024 — Source

Watch Now: Ransomware Resilience & Recovery Summit Sessions Now on Demand
Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organization to defend against and recover from these relentless attacks.
April 17th, 2024 — Source

Websites deceive users by deliberately hiding the extent of data collection and sharing
Websites sometimes hide how widely they share our personal information, and can go to great lengths to pull the wool over our eyes. This deception is intended to prevent full disclosure to consumers, thus preventing informed choice and affecting privacy rights.
April 17th, 2024 — Source

Internet — Security Issues — April 15th, 2024

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets.
April 15th, 2024 — Source

Change Healthcare stolen patient data leaked by ransomware gang
An extortion group has published a portion of what it says are the private and sensitive patient records on millions of Americans stolen during the ransomware attack on Change Healthcare in February.
April 15th, 2024 — Source

Chipmaker Nexperia confirms breach after ransomware gang leaks data
Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data.
April 15th, 2024 — Source

CIS Benchmarks Volunteer Spotlight: Pierluigi Falcone
Pierluigi Falcone headshotEnsuring the security of our online world is an ongoing challenge; it requires the expertise and dedication of IT professionals around the globe. That's why the CIS Benchmarks™ Community exists — to provide independent, vendor-agnostic security guidance that benefits everyone. Volunteers in the CIS Benchmarks Communities help those who seek a safer online experience.
April 15th, 2024 — Source

Cisco Duo warns third-party data breach exposed SMS MFA logs
Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider.
April 15th, 2024 — Source

Cybersecurity startup that helps companies secure industrial systems opens Seattle office
Josh Steinman spent four years working as a senior director inside the National Security Council at the White House. One of his biggest takeaways from that experience was the vulnerability of industrial operations that were becoming more digitized — and more susceptible to cyberattacks.
April 15th, 2024 — Source

Daixin ransomware gang claims attack on Omni Hotels
The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening to publish customers' sensitive information if a ransom is not paid.
April 15th, 2024 — Source

Destructive ICS Malware ‘Fuxnet" Used by Ukraine Against Russian Infrastructure
ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm.
April 15th, 2024 — Source

Feline firewall woke developer to declaw DDoS disaster
System alerts were pinging but cat had no way of knowing what was happening
April 15th, 2024 — Source

Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges
Former security engineer Shakeeb Ahmed was sentenced to prison for hacking and defrauding cryptocurrency exchanges.
April 15th, 2024 — Source

FTC Bans Online Mental Health Firm From Sharing Certain Data
Proposed Action Also Orders Cerebral Inc. to Pay $7M Penalty
April 15th, 2024 — Source or Source or Source or Source

Juniper Networks Publishes Dozens of New Security Advisories
Juniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products.
April 15th, 2024 — Source

Law Firm to Pay $8M to Settle Health Data Hack Lawsuit
Orrick Herrington Cyberattack Compromised Clients' Data, Affected Nearly 638,000
April 15th, 2024 — Source or Source or Source or Source or Source

Likely State Hackers Exploiting Palo Alto Firewall Zero-Day
Company Released a Hotfix to the Command Injection Vulnerability
April 15th, 2024 — Source or Source or Source or Source

Microsoft, beset by hacks, grapples with problem years in the making
The world's largest seller of cybersecurity products has a problem with its own cybersecurity.
April 15th, 2024 — Source

New Foundation Sees Mental Health Tied to Cyber Resilience
Mental Health Charter Targets Burnout, Stress Among Cybersecurity Professionals
April 15th, 2024 — Source

New SteganoAmor attacks use steganography to target 320 orgs globally
A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems.
April 15th, 2024 — Source

NightVision Raises $5.4 Million for Application Security Testing
NightVision, an early stage startup in the application security testing space, has raised $5.4 million in seed funding.
April 15th, 2024 — Source

Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge
Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea"s Lazarus.
April 15th, 2024 — Source

Ransomware gang starts leaking alleged stolen Change Healthcare data
The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company.
April 15th, 2024 — Source

Ransomware Group Claims Theft of Data From Chipmaker Nexperia
The Dark Angels (Dunghill) ransomware group claims to have stolen 1 Tb of data from Nexperia, which is investigating the incident.
April 15th, 2024 — Source

Roku confirms over half a million accounts hacked in second credential stuffing incident
In some cases, hackers were able to make purchases after breaching user accounts.
April 15th, 2024 — Source

Safeguarding the future of online security with AI and metasurfaces
Researchers at Pohang University of Science and Technology (POSTECH) have advanced online security by integrating an AI-based metasurface with oblique helicoidal cholesteric liquid crystals.
April 15th, 2024 — Source

Sam Bankman-Fried, Fraud and the Future of Crypto
Policy Expert Ari Redbord Details SBF Case Standouts, Illicit Crypto Ecosystem
April 15th, 2024 — Source

ShadowDragon Horizon enhancements help users conduct investigations from any device
ShadowDragon announced significant enhancements to its Open-Source Intelligence Investigative platform Horizon.
April 15th, 2024 — Source

Sisense Breach Highlights Rise in Major Supply Chain Attacks
Experts Warn of Growing Threat From Supply Chain Attacks After High-Profile Breach
April 15th, 2024 — Source or Source or Source or Source or Source

US Cybersecurity Agency Will Review Malware Samples Sent by the Public
Previously reserved for government employees, Malware Next-Gen now allows submissions from any person or organization in the country.
April 15th, 2024 — Source

Privacera adds access control and data filtering functionality for Vector DB/RAG
Privacera announced the addition of new access control and fine-grained data filtering functionality for Vector DB/RAG to Privacera AI Governance (PAIG).
April 15th, 2024 — Source

Security vulnerability in browser interface allows computer access via graphics card
Modern websites place ever greater demands on the computing power of computers. For this reason, web browsers have also had access to the computing capacities of the graphics card (Graphics Processing Unit or GPU) in addition to the CPU of a computer for a number of years.
April 15th, 2024 — Source

Two People Arrested in Australia and US for Development and Sale of Hive RAT
Authorities in Australia and the US have arrested and charged two individuals for developing and selling the Hive RAT.
April 15th, 2024 — Source

Internet — Security Issues — April 12th, 2024

5 Ways Your Personal Information May End Up On The Dark Web
As technology advances, cybersecurity has never been more important. Each new device we connect to the internet further opens the door for cyberattacks and leaks of our personal information onto the dark web. But what is this part of the internet? 
April 12th, 2024 — Source

A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution
A vulnerability has been discovered in PAN-OS that could allow for arbitrary code execution. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the root user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
April 12th, 2024 — Source

American Privacy Rights Bill: Implications for Health Sector
How Proposed Data Privacy Law Could Affect the Handling of Health Information
April 12th, 2024 — Source or Source or Source or Source or Source

API startup Noname Security nears $500M deal to sell itself to Akamai
Noname Security, a cybersecurity startup that protects APIs, is in advanced talks with Akamai Technologies to sell itself for $500 million, according to a person familiar with the deal.
April 12th, 2024 — Source

‘BatBadBut" Command Injection Vulnerability Affects Multiple Programming Languages
A critical vulnerability in multiple programming languages allows attackers to inject commands in Windows applications.
April 12th, 2024 — Source

Cado Security teams up with Wiz to accelerate forensic investigations and minimize cloud threats
Cado Security has uveiled its partnership with Wiz and joins Wiz Integration (WIN) Platform. Cado Security enhances WIN by bringing the power of the Cado Security platform to the partner ecosystem so that Wiz customers can seamlessly integrate Cado into their existing cloud security workflows.
April 12th, 2024 — Source

Check Point boosts security in Harmony Email & Collaboration
Check Point announced new email security features that enhance its Check Point Harmony Email & Collaboration portfolio: Patented unified quarantine, DMARC monitoring, archiving, and Smart Banners.
April 12th, 2024 — Source

Cloned Voice Tech Is Coming for Bank Accounts
Experts Warn AI Tools Can Now Compromise Voice Password Systems Used by Many Banks
April 12th, 2024 — Source or Source or Source or Source or Source or Source

Critical EUV chipmaking tool supplier hacked, pressed to pay $10 million for ransomware unlock – Hoya dismisses hack as an ‘IT system incident"
1.7 million files were swiped by Hunters International, say reports.
April 12th, 2024 — Source

CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks
Earlier today, Palo Alto Networks revealed that a critical command injection vulnerability (CVE-2024-3400) in the company"s firewalls has been exploited in limited attacks and has urged customers with vulnerable devices to quickly implement mitigations and workarounds.
April 12th, 2024 — Source

Epic wants to blow the Google Play Store wide open
The company isn't holding back in its demands after winning an antitrust case against Google.
April 12th, 2024 — Source

Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars
Second identifier, CVE-2024-3272, assigned to unpatched D-Link NAS device vulnerabilities, just as exploitation attempts soar.
April 12th, 2024 — Source

FBI Calls for Increased Funding to Counter Cyber Threats
FBI Director Chris Wray Warns U.S. Falling Behind to Adversaries in Cyberspace
April 12th, 2024 — Source or Source or Source or Source or Source

“Highly capable” hackers root corporate networks by exploiting firewall 0-day
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall.
April 12th, 2024 — Source

House Will Try Again on Reauthorization of US Spy Program After Republican Upheaval
Speaker Mike Johnson is expected to bring forward a Plan B that would reform and extend Section 702 of the Foreign Intelligence Surveillance Act for a shortened period of two years.
April 12th, 2024 — Source

How Ukraine"s cyber police fights back against Russia"s hackers
Ukraine's cyber police talks crypto, ransomware and documenting war crimes after Russia's invasion
April 12th, 2024 — Source

In Other News: Moscow Sewage Hack, Women in Cybersecurity Report, Dam Security Concerns
Noteworthy stories that might have slipped under the radar: Moscow sewage system hacked, a new women in cybersecurity report, PasteHub domain seized by law enforcement.
April 12th, 2024 — Source

ISMG Editors: Unpacking the Change Healthcare Attack Saga
Also: Positive Cyber Market Trends, AI Threats to Supply Chain Security
April 12th, 2024 — Source

or Source or Source or Source or Source

LastPass Employee Targeted With Deepfake Calls
LastPass this week revealed that one of its employees was targeted in a phishing attack involving deepfake technology.
April 12th, 2024 — Source

Microsoft breach allowed Russian spies to steal emails from US government
Affected federal agencies must comb through mails, reset API keys and passwords
April 12th, 2024 — Source

Palo Alto Networks enhances Cortex XSIAM to help SecOps teams identify cloud threats
Palo Alto Networks announced a new milestone in how security operations centers (SOC) secure the cloud.
April 12th, 2024 — Source

Palo Alto Networks firewalls under attack, hotfixes incoming! (CVE-2024-3400)
Attackers are exploiting a command injection vulnerability (CVE-2024-3400) affecting Palo Alto Networks" firewalls, the company has warned, and urged customers to implement temporary mitigations and get in touch to check whether their devices have been compromised.
April 12th, 2024 — Source

Palo Alto Networks Warns of Exploited Firewall Vulnerability
Palo Alto Networks warns of limited exploitation of a critical command injection vulnerability leading to code execution on firewalls.
April 12th, 2024 — Source

PE Firm Accuses Synopsys of Breaching Exclusivity Agreement
Sunstone Partners: We Had a Letter of Intent to Buy Synopsys' Security Testing Unit
April 12th, 2024 — Source or Source or Source

Ransomware roundup: Possible Change Healthcare double extortion, LockBit reorganizes and more
And in other news, CISA directs federal agencies on Microsoft breach by Russian operatives.
April 12th, 2024 — Source

Raspberry Robin Morphs, Now Spreads via Windows Script Files
Malware Platform Operators Taket Steps to Obfuscate Code
April 12th, 2024 — Source or Source or Source or Source or Source

Roku hit with second major breach of 2024, this time affecting 576,000 users
This is the second credential stuffing incident since March.
April 12th, 2024 — Source

Roku says 576,000 user accounts hacked after second security incident
Streaming giant Roku has confirmed a second security incident in as many months, with hackers this time able to compromise more than half a million Roku user accounts.
April 12th, 2024 — Source or Source

Security engineer jailed for 3 years for $12M crypto hacks
Shakeeb Ahmed, a cybersecurity engineer convicted of stealing around $12 million in crypto, was sentenced on Friday to three years in prison.
April 12th, 2024 — Source

Sisense's data breach is serious enough that CISA is investigating. Here's what you need to do
A major breach left Sisense customer credentials open to hackers.
April 12th, 2024 — Source

Sophos Study: 94% of Ransomware Victims Have Their Backups Targeted By Attackers
Research has found that criminals can demand higher ransom when they compromise an organisation"s backup data in a ransomware attack. Discover advice from security experts on how to properly protect your backup.
April 12th, 2024 — Source

State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls
A state-sponsored threat actor has been exploiting a zero-day in Palo Alto Networks firewalls for the past two weeks.
April 12th, 2024 — Source

The US government confirms Russian hacker attack on Microsoft stole government emails
In January 2024, Microsoft issued an alert stating that a hacker group believed to be state sponsored by Russia managed to access the email accounts of its top executives. This week, the US government revealed that that some of the emails between government agencies and Microsoft were taken by the group as part of this attack.
April 12th, 2024 — Source

Threat Actors Manipulate GitHub Search to Deliver Malware
Checkmarx warns of a new attack relying on GitHub search manipulation to deliver malicious code.
April 12th, 2024 — Source

US Cyber Command Expanded 'Hunt Forward' Operations in 2023
US Cyber Mission Force Led 22 Defensive Cyber Operations in 2023, Commander Says
April 12th, 2024 — Source or Source or Source or Source or Source

US think tank Heritage Foundation hit by cyberattack
Conservative think tank The Heritage Foundation said on Friday that it experienced a cyberattack earlier this week.
April 12th, 2024 — Source

Wiz Acquires Gem Security, Pushes Security Tools Consolidation
Financial terms of the translation were not disclosed but reports out of Tel Aviv valued the deal in the range of $350 million.
April 12th, 2024 — Source

Zscaler extends zero trust SASE and eliminates the need for firewall-based segmentation
Zscaler has signed an agreement to acquire Airgap Networks. Combining Zscaler"s zero trust SD-WAN and Airgap Networks" agentless segmentation technology will transform how enterprises implement zero trust segmentation to IoT/OT devices, and critical infrastructure across branches, campuses, factories, and data centers, including east-west connectivity.
April 12th, 2024 — Source

Internet — Security Issues — April 11th, 2024

Alethea Raises $20 Million for Disinformation Detection and Mitigation Solution
Alethea has raised $20 million in Series B funding for its technology designed to detect and mitigate disinformation.
April 11th, 2024 — Source

Apple drops term 'state-sponsored' attacks from its threat notification policy
Apple has warned its users in India and 91 other countries that they were possible victims of a "mercenary spyware attack," ditching the phrase "state-sponsored" it used in its previous alerts to refer to such malware attacks.
April 11th, 2024 — Source

AppViewX CERT+ helps organizations identify and renew certificates before they expire
AppViewX announced new functionality in the AppViewX CERT+ certificate lifecycle management automation product that helps organizations prepare for Google's proposed 90-day TLS certificate validity policy.
April 11th, 2024 — Source

Breach Roundup: Sisense Supply Chain Attack
Also: A Romanian Botnet and Alcohol Counselor Monument Settles With US FTC Over Ads
April 11th, 2024 — Source or Source or Source or Source or Source

Change Healthcare Attack 'Devastating' to Doc Practices
AMA Survey Finds 80% of Practices Lost Revenue From Unpaid Claims
April 11th, 2024 — Source or Source or Source or Source

CISA says Sisense hack impacts critical infrastructure orgs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.
April 11th, 2024 — Source

CISA warns about Sisense data breach
Business intelligence / data analytics software vendor Sisense has apparently suffered a data breach that spurred the company and the US Cybersecurity and Infrastructure Security Agency to push the company's customers to "reset credentials and secrets potentially exposed to, or used to access, Sisense services."
April 11th, 2024 — Source

CISA Warns Russian Microsoft Hackers Targeted Federal Emails
US Cyber Defense Agency Instructs Agencies to Fortify Systems Amid Microsoft Breach
April 11th, 2024 — Source or Source or Source or Source

Conservative Revolt in the House Blocks Effort to Reauthorize a Key US Spy Tool
A bill that would reauthorize Section 702 of the Foreign Intelligence Surveillance Act was blocked by a conservative revolt.
April 11th, 2024 — Source

Cryptohack Roundup: Google Sues Alleged Crypto App Crooks
Also: Terraform Labs Liable in US Court for Civil Fraud
April 11th, 2024 — Source or Source or Source or Source or Source

Data Access Platform PVML Launches With $8 Million in Funding
Tel Aviv startup banks seed funding for technology to help organizations connect, secure, and provide access to multiple data sources.
April 11th, 2024 — Source

Devious 'man in the middle' hacks on the rise: How to stay safe
A few precautions go a long way.
April 11th, 2024 — Source

Digimarc and DataTrails join forces to provide proof of digital content authenticity
Digimarc and DataTrails have partnered to deliver a fully integrated content protection solution to fortify digital content using advanced digital watermarks in tandem with cryptographic proofs, or fingerprints.
April 11th, 2024 — Source

Google Cloud Unveils New AI-Powered Security Capabilities
Google adds AI to cloud security features and announces other security capabilities for cloud customers.
April 11th, 2024 — Source

Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities
Google releases a Chrome 123 update to resolve three high-severity memory safety vulnerabilities.
April 11th, 2024 — Source

Half of UK Firms, Charities Failed to Report Cyber Incidents
Survey: SMBs, Charities Mostly Targeted With Phishing, Online Impersonation in 2023
April 11th, 2024 — Source or Source or Source or Source or Source

Identity Security and How to Reduce Risk During M&A
SailPoint's Lori Diesen on Transitioning to SaaS-Based Identity Security
April 11th, 2024 — Source or Source

IMF: Financial Firms Lost $12 Billion to Cyberattacks in Two Decades
The financial sector has suffered over 20,000 cyberattacks in two decades, causing more than $12 billion in losses.
April 11th, 2024 — Source

Inside AWS's Crusade Against IP Spoofing and DDoS Attacks
SecurityWeek speaks to Tom Scholl, VP and distinguished engineer at AWS, on how the organization tackles IP Spoofing and DDoS attacks.
April 11th, 2024 — Source

Ivanti empowers IT and security teams with new solutions and enhancements
Ivanti released Ivanti Neurons for External Attack Surface management (EASM), which helps combat attack surface expansion with full visibility of external-facing assets and actionable intelligence on exposures.
April 11th, 2024 — Source

Knostic Emerges From Stealth With Enterprise Gen-AI Access Controls
Startup Knostic emerges from stealth mode with $3.3 million in funding and a gen-AI access control product for enterprises.
April 11th, 2024 — Source

Large businesses struggle to tackle cyber threats
Large businesses are finding it significantly more difficult to manage their cybersecurity than their smaller counterparts, according to new research from passwordless authentication company IDEE.
April 11th, 2024 — Source

LastPass: Hackers targeted employee in failed deepfake CEO call
LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer.
April 11th, 2024 — Source

New Malwarebytes tool lets you see where your data is exposed
With so many data breaches having taken place it's almost inevitable that at least some of your personal information has been exposed online. But finding out exactly what can be tricky.
April 11th, 2024 — Source

Optics giant Hoya hit with $10 million ransomware demand
A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack.
April 11th, 2024 — Source

Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption
Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls.
April 11th, 2024 — Source

PVML raises $8 million to offer protection for enterprise data
PVML unveils its platform for secure AI-powered data access and $8 million in Seed funding led by NFX with participation from FJ Labs and Gefen Capital.
April 11th, 2024 — Source

Ransomware group maturity should influence ransom payment decision
Your organization has been hit by ransomware and a decision has to be made on whether or not to make the ransom payment to get your data decrypted, deleted from attackers' servers, and/or not leaked online.
April 11th, 2024 — Source

Simbian Emerges From Stealth With $10 Million to Build Autonomous AI-Based Security Platform
Simbian aims to build a fully autonomous security platform that lets humans make the strategic decisions while AI implements those decisions.
April 11th, 2024 — Source

Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets
The US government issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics tools.
April 11th, 2024 — Source

US Cyber Force Assisted Foreign Governments 22 Times in 2023
USCYBERCOM's Cyber National Mission Force participated in 22 foreign hunt forward operations in 2023.
April 11th, 2024 — Source

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft
The US government says Midnight Blizzard's compromise of Microsoft corporate email accounts "presents a grave and unacceptable risk to federal agencies."
April 11th, 2024 — Source

US government urges Sisense customers to reset credentials after hack
U.S. cybersecurity agency CISA is warning Sisense customers to reset their credentials and secrets after the data analytics company reported a security incident.
April 11th, 2024 — Source

US says Russian hackers stole federal government emails during Microsoft cyberattack
U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that Russian government-backed hackers stole emails from several U.S. federal agencies as a result of an ongoing cyberattack at Microsoft.
April 11th, 2024 — Source

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program
With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks.
April 11th, 2024 — Source

Will AI be listening in on your future job interview? On law, technology and privacy
The law and Artificial Intelligence (AI) applications need to be better aligned to ensure our personal data and privacy are protected. Ph.D. candidate Andreas Häuselmann can see opportunities with AI, but dangers if this does not happen.
April 11th, 2024 — Source

Wiz Buys Startup Gem Security for $350M to Spot Cloud Issues
Buying CDR Startup Gem Will Help Wiz Address Needs of SecOps, Incident Responders
April 11th, 2024 — Source or Source or Source

Zscaler Buys Airgap Networks to Fuel Segmentation in IoT, OT
Deal Will Thwart Lateral Movement of Malicious Traffic Inside of Corporate Networks
April 11th, 2024 — Source or Source or Source or Source or Source or Source

Internet — Security Issues — April 10th, 2024

530k Impacted by Data Breach at Wisconsin Healthcare Organization
The personal information of 500,000 people was compromised in a data breach at Group Health Cooperative of South Central Wisconsin.
April 10th, 2024 — Source

AT&T Data Breach Update: 51 Million Customers Impacted
The recent AT&T data breach impacts 51 million customers, the company tells Maine's attorney general.
April 10th, 2024 — Source

CISA Releases Malware Next-Gen Analysis System for Public Use
CISA's Malware Next-Gen system is now available for any organization to submit malware samples and other suspicious artifacts for analysis.
April 10th, 2024 — Source

Cloud Computing - Gain Network-Level Control From Anywhere
Why Moving to the Cloud Is a Strategic Gain for Federal Agencies
April 10th, 2024 — Source or Source or Source

Cohesity teams up with Intel to integrate confidential computing into Data Cloud Services
Cohesity has announced it is collaborating with Intel to bring Intel's confidential computing capabilities to the Cohesity Data Cloud. Leveraged with Fort Knox, Cohesity's cyber vault service, this data-in-use encryption innovation will be the first of its kind in the data management industry.
April 10th, 2024 — Source

Script to Load Info Stealer
Proofpoint Spots Novel Threat Against German Organizations
April 10th, 2024 — Source or Source or Source or Source or Source

Cyera Gets $300M at $1.4B Valuation to Fuel Safe AI Adoption
Series C Funding Round Aims to Transform Data Protection, Empower Safe Use of AI
April 10th, 2024 — Source or Source or Source

Eclypsium Automata discovers vulnerabilities in IT infrastructure
Eclypsium launches Automata, a new AI-assisted feature for its digital supply chain security platform.
April 10th, 2024 — Source

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux
Fortinet has released patches for a dozen vulnerabilities, including a critical-severity remote code execution flaw in FortiClientLinux.
April 10th, 2024 — Source

Index Engines CyberSense 8.6 detects malicious activity
Index Engines announced the latest release of its CyberSense software, with version 8.6 delivering a revamped user interface to support smarter recovery from ransomware attacks, new custom Advanced Threshold Alerts to proactively detect unusual activity, and AI-powered detection of ransomware-based data corruption to accelerate recovery and minimize business disruption.
April 10th, 2024 — Source

IT pros targeted with malicious Google ads for PuTTY, FileZilla
An ongoing malvertising campaign is targeting IT administrators looking to download system utilities such as PuTTY (a free SSH and Telnet client) and FileZilla (a free cross-platform FTP application).
April 10th, 2024 — Source

Malicious Visual Studio projects on GitHub push Keyzetsu malware
Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments.
April 10th, 2024 — Source

Microsoft Patches Two Zero-Days Exploited for Malware Delivery
Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware.
April 10th, 2024 — Source

Nearly 534,000 Affected in Data Theft at Managed Care Org
Wisconsin Nonprofit Says Attackers Also Tried to Encrypt Systems, But They Failed
April 10th, 2024 — Source or Source or Source or Source or Source

New covert SharePoint data exfiltration techniques revealed
Varonis Threat Labs researchers have uncovered two techniques attackers can use can use for covert data and file exfiltration from companies' SharePoint server.
April 10th, 2024 — Source

Russia Tops Global Cybercrime Index, New Study Reveals
Russia, Ukraine, China and US All Top 'First-Ever World Cybercrime Index'
April 10th, 2024 — Source or Source or Source or Source or Source

Should We Just Accept the Lies We Get From AI Chatbots?
NYC's New Chatbot, Hallucinating LLMs Just Can't Be Fixed, Says Linguistics Expert
April 10th, 2024 — Source or Source or Source or Source or Source

Silent Surge: The Sudden Rise in Synthetic Business Fraud
Experts Say Fraud Related to Fake Businesses Has Grown 150% in the Past Year
April 10th, 2024 — Source or Source or Source

Sprinto Raises $20 Million for Automated Risk and Compliance Platform
Risk and compliance solutions provider Sprinto has raised $20 million in a Series B funding round led by Accel.
April 10th, 2024 — Source

The real battle for data privacy begins when you die
In 2012 a 15-year-old girl died in Berlin after being hit by a subway train. Her bereaved parents asked Facebook to turn over her private messages in hopes of understanding whether her death was a suicide or an accident.
April 10th, 2024 — Source

Thousands of LG TVs Possibly Exposed to Remote Hacking
Many LG TVs may be vulnerable to remote hacking due to a series of vulnerabilities found by Bitdefender researchers.
April 10th, 2024 — Source

US Bipartisan Privacy Bill Contains Cybersecurity Mandates
American Privacy Rights Act Has Genuine Chance of Becoming Law
April 10th, 2024 — Source

US CISA Aims to Expand Automated Malware Analysis Support
US Cyber Defense Agency Scales Next-Generation Malware Analysis Platform
April 10th, 2024 — Source or Source or Source or Source

Vultr Sovereign Cloud and Private Cloud delivers data control to nations and enterprises
Vultr launched Vultr Sovereign Cloud and Private Cloud in response to the increased importance of data sovereignty and the growing volumes of enterprise data being generated, stored and processed in even more locations — from the public cloud to edge networks and IoT devices, to generative AI.
April 10th, 2024 — Source

Wiz Buys Startup Gem Security for $350M to Spot Cloud Issues
Buying CDR Startup Gem Will Help Wiz Address Needs of SecOps, Incident Responders
April 10th, 2024 — Source or Source

World-first 'Cybercrime Index' ranks countries by cybercrime threat level
Following three years of intensive research, an international team of researchers have compiled the first ever "World Cybercrime Index," which identifies the globe's key cybercrime hotspots by ranking the most significant sources of cybercrime at a national level.
April 10th, 2024 — Source

Internet — Security Issues — April 6th, 2024

House to Take up Bill to Reauthorize Crucial US Spy Program as Expiration Date Looms
Section 702 of the Foreign Intelligence Surveillance Act expires on April 19.
April 6th, 2024 — Source

Price of zero-day exploits rises as companies harden products against hackers
A startup is now offering millions of dollars for tools to hack iPhones, Android devices, WhatsApp, and iMessage
April 6th, 2024 — Source

US Health Dept warns hospitals of hackers targeting IT help desks
The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.
April 6th, 2024 — Source

Internet — Security Issues — April 5th, 2024

3 healthcare organizations that are building cyber resilience
From 2018 to 2023, healthcare data breaches have increased by 93 percent. And ransomware attacks have grown by 278 percent (PDF) over the same period. Healthcare organizations can't afford to let preventable breaches slip by. Globally, the average cost of a healthcare data breach has reached $10.93 million.
April 5th, 2024 — Source

5 ways to strengthen healthcare cybersecurity
Ransomware attacks are targeting healthcare organizations more frequently. The number of costly or cyberattacks on US hospitals has doubled

. So how do you prevent these attacks? Keep reading to learn five ways you can strengthen security at your organization. But first, let's find out what's at stake.
April 5th, 2024 — Source

A Vulnerability in Broadcom Brocade Fabric OS Could Allow for Arbitrary Code Execution
A vulnerability has been discovered in Broadcom Brocade Fabric OS that could allow for arbitrary code execution. Broadcom Brocade Fabric OS is the storage area networking firmware for Brocade Communications Systems' Fibre Channel switch and Fibre Channel directors. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged-on user or obtain root level privileges.
April 5th, 2024 — Source

Acuity confirms hackers stole non-sensitive govt data from GitHub repos
Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive data.
April 5th, 2024 — Source

Acuity Responds to US Government Data Theft Claims, Says Hackers Obtained Non-Sensitive Info
Acuity, the tech firm from which hackers claimed to have stolen State Department and other government data, confirms hack, but says stolen info is old.
April 5th, 2024 — Source

Almost a quarter of consumers consider cybersecurity when choosing a bank
What factors do you take into account when choosing a bank? How good the interest they offer on your savings is perhaps? Whether there's a convenient branch nearby? How easy the website is to navigate? A new study shows that 23 percent of US and UK consumers say that a bank's approach to cybersecurity is a factor when they consider opening an account.
April 5th, 2024 — Source

Cisco Warns of Vulnerability in Discontinued Small Business Routers
Cisco says it will not release patches for a cross-site scripting vulnerability impacting end-of-life small business routers.
April 5th, 2024 — Source

Cloudflare Enters Observability Space With Baselime Purchase
Acquiring Baselime Will Give Developers Better Visibility Into Serverless Platforms
April 5th, 2024 — Source or Source or Source or Source

Cybersecurity Firms Raised $2.3 Billion in Q1 2024: Report
Cybersecurity companies raised $2.3 billion in funding in Q1 2024, a 20% decrease compared to the same period of 2023, according to Pinpoint.
April 5th, 2024 — Source

Different Types Of Cyberattacks And How To Best Protect Yourself From Them
An estimated 800,000 people are hacked each year — and you could be one of them. Cybercriminals are increasingly growing their attack surface, thanks to explosive growth in cloud and mobile technologies, the Internet of Things, and artificial intelligence. With a cyber attack occurring every 39 seconds, it's essential to know how they occur and how you can avoid becoming a criminal's next victim.
April 5th, 2024 — Source

Filipino Hacktivists Destroy Technology Agency Servers
Attackers Dismantle Department's Server Infrastructure, Delete Up to 25TB of Data
April 5th, 2024 — Source

Hackers Can Use AI Hallucinations to Spread Malware
A Fake Software Library Made Up by a ChatBot Was Downloaded More Than 35,000 Times
April 5th, 2024 — Source or Source or Source or Source or Source

In Other News: 100,000 Affected by CISA Breach, Microsoft AI Copilot Ban, Nuclear Site Prosecution
Noteworthy stories that might have slipped under the radar: the CISA hack could impact 100,000 people, Microsoft AI Copilot banned by US House, UK nuclear site prosecution.
April 5th, 2024 — Source

ISMG Editors: Breaking Down OT Cybersecurity Challenges
Also: Implications of a Critical Linux Utility Backdoor; Focus on Cloud Security
April 5th, 2024 — Source or Source or Source or Source or Source

Ivanti CEO pledges to "fundamentally transform" its hard-hit security model
Part of the reset involves AI-powered documentation search and call routing.
April 5th, 2024 — Source

Lens Maker Hoya Scrambling to Restore Systems Following Cyberattack
Japanese lens maker Hoya says production processes and ordering systems were disrupted by a cyberattack.
April 5th, 2024 — Source

Magento Vulnerability Exploited to Deploy Persistent Backdoor
Attackers are exploiting a recent Magento vulnerability to deploy a persistent backdoor on ecommerce websites.
April 5th, 2024 — Source

Medical Device Cyberthreat Modeling: Top Considerations
Threat Modeling Expert Adam Shostack on Critical Mistakes to Avoid
April 5th, 2024 — Source or Source or Source or Source or Source

Microsoft says China-based hackers are using AI-assisted efforts to sow division in the US
Microsoft has had its own issues with China-based hackers that have accessed information from government email accounts that used Outlook. However, the company's Microsoft Threat Analysis Center (MTAC) has also been monitoring actors based in China that have been using social networks to post false information to US citizens.
April 5th, 2024 — Source

NIST Grants $3.6 Million to Boost US Cybersecurity Workforce
NIST announced $3.6 million in grants for 18 education and community organizations to build the future cybersecurity workforce.
April 5th, 2024 — Source

Panera Bread week-long IT outage caused by ransomware attack
Panera Bread's recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer.
April 5th, 2024 — Source

Phishing Attacks Targeting Political Parties, Germany Warns
Escalation of Cyberespionage Likely Tied to Upcoming European Elections
April 5th, 2024 — Source or Source or Source or Source

Sanction the use of cyberweapons, not the weapons themselves, concludes expert review
A recent analysis by Helene Pleil, research associate at the Digital Society Institute (DSI) at ESMT Berlin, alongside colleagues from Technical University Darmstadt, outlines that rapid technological progress, a lack of political will and uniform definitions, as well as the dual use of cyber tools, are the main challenges facing effective cyber arms control which is vital for foreign and security policy.
April 5th, 2024 — Source

Sophisticated Latrodectus Malware Linked to 2017 Strain
New Malware With Ties to IcedID Loader Evades Detection, Gains Persistence
April 5th, 2024 — Source or Source or Source or Source or Source

The Antisocial Network Review
A funny, disturbing documentary about the modern internet
April 5th, 2024 — Source

The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack
Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services.
April 5th, 2024 — Source

This backdoor almost infected Linux everywhere: The XZ Utils close call
For the first time, an open-source maintainer put malware into a key Linux utility. We're still not sure who or why - but here's what you can do about it.
April 5th, 2024 — Source

Trellix ZTS enables organizations to strengthen cyber resilience
Trellix announced the Trellix Zero Trust Strategy (ZTS) Solution, available immediately worldwide.
April 5th, 2024 — Source

Vietnamese Threat Actor Targeting Financial Data Across Asia
CoralRaider Looks for Social Media Accounts That Contain Payment Information
April 5th, 2024 — Source or Source or Source or Source

Internet — Security Issues — April 4th, 2024

AI and telecom breakthroughs dominate 'Innovation of the Year' category for 2024 GeekWire Awards
It's a big year for artificial intelligence, telecom advances, and tools designed to make these emerging technologies safe and transparent, judging from the finalists in the category of Innovation of the Year.
April 4th, 2024 — Source

AI Deepfakes Rising as Risk for APAC Organisations
A cyber security expert from Tenable has called on large tech platforms to do more to identify AI deepfakes for users, while APAC organisations may need to include deepfakes in risk assessments.
April 4th, 2024 — Source

An anonymous coder nearly hacked a big chunk of the internet. How worried should we be?
Outside the world of open-source software, it's likely few people would have heard about XZ Utils, a small but widely used tool for data compression in Linux systems. But late last week, security experts uncovered a serious and deliberate flaw that could leave networked Linux computers susceptible to malicious attacks.
April 4th, 2024 — Source

Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7
Cyber security operatives have been warned to look at the specific ransomware threats facing their country and industry, while closing down common pathways being used by skilled access brokers.
April 4th, 2024 — Source

Avast One Silver allows users to tailor their coverage based upon their personal preferences
Avast released a new product tier to the Avast One suite: Avast One Silver. The new offering takes a modular approach to cyber security, allowing people to tailor their coverage based upon their needs, personal preferences, or risk profiles.
April 4th, 2024 — Source

Breach Roundup: Omni Hotels Acknowledges Cyber Incident
Also: Insurer Predicts Ransomware for Cars, Offers to Cover Towing Costs
April 4th, 2024 — Source or Source or Source or Source or Source

Cancer center suffers major data breach by hackers affecting patient information
It is never a pleasure to talk about there being (yet) another entity that has suffered through a major data breach. But there is an additional amount of weight that comes with it being a cancer research center. Showing how long some of these groups can be when it comes to selecting targets. In this case, it was the City of Hope (cancer research center).
April 4th, 2024 — Source

Cloud Threat Detection Firm Permiso Raises $18 million
Cloud security firm provides a detection platform able to detect and predict the likely behavior of 'bad' identities.
April 4th, 2024 — Source

Computer scientists discover gap in the latest security mechanisms used by some chips
Over the past few years, hardware manufacturers have developed technologies that ought to make it possible for companies and governmental organizations to process sensitive data securely using shared cloud computing resources. Known as confidential computing, this approach protects sensitive data while it is being processed by isolating it in an area that is impenetrable to other users and even to the cloud provider.
April 4th, 2024 — Source

Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems
A critical OS command injection in Progress Flowmon can be exploited to gain remote, unauthenticated access to the system.
April 4th, 2024 — Source

Cyberattack Causes Disruptions at Omni Hotels
Omni Hotels & Resorts tells customers that recent disruptions have been caused by a cyberattack that forced it to shut down systems.
April 4th, 2024 — Source

DOE Looks to Universities to Fix Energy Sector Cybersecurity
Energy Department Invests in Next Generation of Cyber Talent to Find New Solutions
April 4th, 2024 — Source or Source or Source or Source or Source

Five ways AI can boost your data backups
In the event of a data emergency -- say, a cyber attack or a natural disaster shutting down a data center -- no organization wants to worry about whether they have secure, up-to-date backups, and whether they can be easily recovered.
April 4th, 2024 — Source

Government review criticizes Microsoft for security lapses in "preventable" Exchange hack
An incident that "should never have occurred"
April 4th, 2024 — Source

Health Data Thefts Keep Coming; Millions Affected in 2024
Latest Exfiltration and Hacking Incidents Highlight Health Sector Cyber Challenges
April 4th, 2024 — Source or Source or Source or Source

Hoya's optics production and orders disrupted by cyberattack
Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline on Saturday.
April 4th, 2024 — Source

Ivanti CEO Vows Cybersecurity Makeover After Zero-Day Blitz
Ivanti releases a carefully scripted YouTube video and an open letter from chief executive Jeff Abbott vowing to fix the entire security organization.
April 4th, 2024 — Source

Ivanti vows to transform its security operating model, reveals new vulnerabilities
Ivanti has released patches for new DoS vulnerabilities affecting Ivanti Connect Secure (SSL VPN solution) and Ivanti Policy Secure (NAC solution), some of which could also lead to execution of arbitrary code or information disclosure.
April 4th, 2024 — Source

Microsoft, Okta, CyberArk Lead Workforce Identity Rankings
OneLogin Departs Forrester's Leaderboard as User Experience Takes Center Stage
April 4th, 2024 — Source

Microsoft's Security Chickens Have Come Home to Roost
News analysis: SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China's audacious Microsoft's Exchange Online hack and isn't at all surprised by the findings.
April 4th, 2024 — Source

New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset
New HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks.
April 4th, 2024 — Source

New privacy-preserving robotic cameras obscure images beyond human recognition
From robotic vacuum cleaners and smart fridges to baby monitors and delivery drones, the smart devices being increasingly welcomed into our homes and workplaces use vision to take in their surroundings, taking videos and images of our lives in the process.
April 4th, 2024 — Source or Source or Source or Source or Source or Source

NIST awards $3.6 million to address the cybersecurity workforce gap
The US Department of Commerce's National Institute of Standards and Technology (NIST) has awarded cooperative agreements totaling nearly $3.6 million aimed at building the workforce needed to safeguard enterprises from cybersecurity risks.
April 4th, 2024 — Source

Omni Hotels suffer prolonged IT outage due to cyberattack
Texas-based Omni Hotels & Resorts has been responding to a cyberattack that started last Friday, which resulted in the unavailability of many of its IT systems.
April 4th, 2024 — Source

Pixel Phone Zero-Days Exploited by Forensic Firms
Google this week patched two Pixel phone zero-day vulnerabilities actively exploited by forensic companies to obtain data from devices.
April 4th, 2024 — Source

Ransomware gang did steal residents' confidential data, UK city council admits
INC Ransom emerges as a growing threat as some ex-LockBit/ALPHV affiliates get new gigs
April 4th, 2024 — Source or Source or Source or Source or Source or Source

Should I disconnect my PC from the internet when I have a virus?
It is often recommended to disconnect the internet connection in the event of a virus attack. But is it really sensible or even necessary to disconnect the computer from the internet?
April 4th, 2024 — Source

SurveyLama Data Breach Impacts 4.4 Million Users
Data breach impacting users' personal information prompts survey rewards platform SurveyLama to reset passwords.
April 4th, 2024 — Source

Texas Police Busted a Man With Fake Apple Items Worth Over $20,000
Day after cops seized fake Apple products alongside counterfeit items worth £600,000 in Northern Ireland during two connected raids conducted in Belfast and Portadown on March 28, 2024, a guy from Texas has been charged with trademark counterfeiting after being discovered in possession of counterfeit Apple items valued at over $20,000.
April 4th, 2024 — Source

The best antivirus software and apps you can buy
Cyber threats are everywhere, which means you need to protect your devices. We found the best antivirus software and apps that will help keep you safe and secure.
April 4th, 2024 — Source

The Biggest Takeaways from Recent Malware Attacks
Among the never-ending list of malicious software that threat actors use in cyber attacks are viruses, worms, trojans, ransomware, spyware, and adware. Today's malware is not just about causing immediate damage; some programs get embedded within systems to siphon off data over time, disrupt operations strategically, or lay the groundwork for massive, coordinated attacks.
April 4th, 2024 — Source

The White House is Wrong: Section 702 Needs Drastic Change
With Section 702 of the Foreign Intelligence Surveillance Act set to expire later this month, the White House recently released a memo objecting to the SAFE Act—legislation introduced by Senators Dick Durbin and Mike Lee that would reauthorize Section 702 with some reforms.
April 4th, 2024 — Source

US Cancer Center Data Breach Impacting 800,000
City of Hope is notifying 800,000 individuals of a data breach impacting their personal and health information.
April 4th, 2024 — Source

Zoom Paid Out $10 Million via Bug Bounty Program Since 2019
Video conferencing giant Zoom has paid out $10 million through its bug bounty program since it was launched in 2019.
April 4th, 2024 — Source

Internet — Security Issues — April 2nd, 2024

3 UK Cyber Security Trends to Watch in 2024
Staying up to date with the latest in cyber security has arguably never been more paramount than in 2024. Financial services provider Allianz named cyber attacks this year's biggest risk for business in the U.K. and a top concern for businesses of all sizes for the first time.
April 2nd, 2024 — Source

AT&T data leaked: 73 million customers affected
AT&T has confirmed that the data set leaked on the dark web some two weeks ago does, indeed, contain "AT&T data-specific fields".
April 2nd, 2024 — Source

Biden, Xi Discuss Key Security Concerns in Bilateral Call
U.S. and Chinese Leaders Discuss Global Security Issues in Wide-Ranging Call
April 2nd, 2024 — Source or Source or Source or Source

Best Home Security Systems of 2024
Save yourself the hassle of researching home security. We've tested all the top systems, and these are the best.
April 2nd, 2024 — Source

Boat Dealer MarineMax Confirms Data Breach
MarineMax confirms suffering a data breach as a result of a recent ransomware attack, with the attackers claiming to have obtained 180,000 files.
April 2nd, 2024 — Source

Fastly Bot Management protects websites, apps, and valuable data from malicious automated traffic
Fastly introduced Fastly Bot Management to help organizations combat automated "bot" attacks at the edge and significantly reduce the risk of fraud, DDoS attacks, account takeovers, and other online abuse.
April 2nd, 2024 — Source

Feds Ask Telcos: How Are You Combating Location Tracking?
Federal Communications Commission Responds to Persistent Surveillance Problems
April 2nd, 2024 — Source or Source or Source or Source or Source

Firewalla launches protection for Wi-Fi 7 networks
The introduction of Wi-Fi 7 -- IEEE 802.11be to its friends -- marks a step forward in wireless speeds to cope with the five and 10 gigabit capabilities of fiber networks.
April 2nd, 2024 — Source

Fortinet upgrades its real-time network security operating system
Fortinet announced the latest version of its FortiOS operating system and other major enhancements to the company's cybersecurity platform, the Fortinet Security Fabric.
April 2nd, 2024 — Source

Heartbleed is 10 Years Old -- Farewell Heartbleed, Hello QuantumBleed!
Heartbleed made most certificates vulnerable. The future problem is that quantum decryption will make all certificates and everything else using RSA encryption vulnerable to everyone.
April 2nd, 2024 — Source

Hotel Self Check-In Kiosks Exposed Room Access Codes
Self check-in kiosks at Ibis Budget hotels were affected by a vulnerability that exposed keypad codes that could be used to enter rooms.
April 2nd, 2024 — Source

How AI Helps Assess Credit Risk, Navigate Complex Processes
Synechron's Ivan Perić on Mitigating Credit Issues, Ensuring Regulatory Compliance
April 2nd, 2024 — Source or Source or Source or Source or Source

How Meta's global head of safety approaches online age verification
Antigone Davis explains Meta's push for laws making app store providers responsible for age verification, and why its Quest VR store is a model.
April 2nd, 2024 — Source

How to Hire, Retain and Inspire Exceptional Employees
Leading Means Admitting What You Don't Know - And Other Tips for Leaders
April 2nd, 2024 — Source or Source or Source or Source

INC Ransom claims to be behind 'cyber incident' at UK city council
This follows attack on NHS services in Scotland last week
April 2nd, 2024 — Source

Judge Certifies 'Contract Class' in CareFirst Breach Lawsuit
Proposed Class Action in Cyberattack Has Faced Many Legal Ups and Downs Since 2015
April 2nd, 2024 — Source or Source or Source or Source or Source

LogRhythm Axon enhancements improve data management and operational efficiency
Recent global research reveals 61% of organizations still rely on manual and time-intensive methods for sharing security status updates. In response, LogRhythm announced its 8th consecutive quarterly release. The latest innovations to LogRhythm Axon facilitate seamless dashboard and search import/export to community repositories, bridging the communication gap.
April 2nd, 2024 — Source

Netskope CEO on What Platformization Means for Cybersecurity
CEO Sanjay Beri on What Distinguishes Genuine Integration From Mere Aggregation
April 2nd, 2024 — Source

New Chrome feature aims to stop hackers from using stolen cookies
Google announced a new Chrome security feature called 'Device Bound Session Credentials' that ties cookies to a specific device, blocking hackers from stealing and using them to hijack users' accounts.
April 2nd, 2024 — Source

OWASP Data Breach Caused by Server Misconfiguration
The OWASP Foundation says a wiki misconfiguration exposed resumes filed over a decade ago by aspiring members.
April 2nd, 2024 — Source

Prudential Financial Data Breach Impacts 36,000
Prudential Financial says the names, addresses, and ID numbers of over 36,000 were stolen in a February data breach.
April 2nd, 2024 — Source

Rubrik files to go public following alliance with Microsoft
Cloud cyber resilience model could raise $700M despite $278M losses
April 2nd, 2024 — Source

Security Flaw in WP-Members Plugin Leads to Script Injection
A cross-site scripting vulnerability in the WP-Members Membership plugin could allow attackers to inject scripts into user profile pages.
April 2nd, 2024 — Source

TechCrunch Minute: AT&T data breach prompts millions of passcodes to be reset
Death, taxes, and regular, terrifying cybersecurity leaks. Those are the facts of life, as the latest AT&T data breach is teaching us yet again. A TechCrunch investigation into leaked customer data from the American telco giant has led to AT&T resetting certain customer account passcodes to prevent them from being at risk.
April 2nd, 2024 — Source

Winnti's new UNAPIMON tool hides malware from security software
The Chinese 'Winnti' hacking group was found using a previously undocumented malware called UNAPIMON to let malicous processes run without being detected.
April 2nd, 2024 — Source

Veracode acquires Longbow Security to help organizations reduce application risk
Veracode announced the acquisition of Longbow Security, a pioneer in security risk management for cloud-native environments.
April 2nd, 2024 — Source

Internet — Security Issues — March 29th, 2024

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
A vulnerability (CVE-2024-3094) in XZ Utils, the XZ format compression utilities included in most Linux distributions, may "enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely," Red Hat warns.
March 29th, 2024 — Source or Source

DHS Calls Political Campaigns 'Ripe Target' for Cyberattacks
Foreign Adversaries Increasingly See Campaigns as Prime for Hacking, Official Says
March 29th, 2024 — Source or Source or Source or Source or Source

Energy Department Invests $15 Million in University Cybersecurity Centers
The US Department of Energy announces $15 million funding for university-based electric power cybersecurity centers.
March 29th, 2024 — Source

Federal Elections Commission Considers Regulating AI
FEC Commissioner Says Group Is Exploring How to Regulate Campaign Deepfakes
March 29th, 2024 — Source or Source or Source or Source

Feds Warn of Credential Harvesting Threats in Healthcare
HHS Says Tried-and-True Hacker Methods Can Compromise Patient Data, Safety
March 29th, 2024 — Source or Source or Source or Source or Source

From Despair to Disruption: Zafran Takes on Cyber Mitigation
Amid COVID-19 Ransomware Woes, Sanaz Yashar's Frustration Sparked Zafran's Birth
March 29th, 2024 — Source or Source or Source or Source or Source

ISMG Editors: Apple's Antitrust Showdown With the Feds
Legal Expert Jonathan Armstrong Unpacks Issues in Big Tech, Ransomware, AI and More
March 29th, 2024 — Source or Source or Source or Source or Source

Malware Flood Causes PyPI to Temporarily Halt New Accounts
Hackers Are Now Using Code Repositories as Malware Vectors
March 29th, 2024 — Source or Source or Source or Source or Source

ShadowRay Attack Strikes AI Workloads
Thousands of AI Workloads Compromised Amid CVE Vulnerability Dispute
March 29th, 2024 — Source or Source or Source or Source or Source

The Complexity and Need to Manage Mental Well-Being in the Security Team
It is the CISO's responsibility to build and maintain a high functioning team in a difficult environment -- cybersecurity is a complex, continuous, and adversarial environment like none other outside of military conflict.
March 29th, 2024 — Source

UK Nuclear Cleanup Site Faces Criminal Cybersecurity Charges
Probe Finds 'Largest and Most Hazardous Nuclear Site' Violated Security Laws
March 29th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — March 28th, 2024

AppViewX partners with Fortanix to address critical enterprise security challenges
AppViewX and Fortanix announced a partnership to offer cloud-delivered secure digital identity management and code signing.
March 28th, 2024 — Source

Malwarebytes adds AI to its business security offering
Malwarebytes is adding an AI feature to its Security Advisor, part of the ThreatDown tool aimed at helping IT teams make better use of their resources.
March 28th, 2024 — Source

Activision investigating password-stealing malware targeting game players
Video game giant Activision is investigating a hacking campaign that's targeting players with the goal of stealing their credentials, TechCrunch has learned.
March 28th, 2024 — Source

Breach Roundup: Russian Organizations Losing Microsoft Cloud
Also: Hackers Target Apple Password Reset Flaw
March 28th, 2024 — Source or Source or Source or Source

Can You Legally Record Audio or Video in Your Home? We've Got the Answers
Our guide can help you avoid the risk of lawsuits (or worse) for breaking privacy rules. Here are the laws you should know about and the practices to follow for home security cameras.
March 28th, 2024 — Source

CD Projekt Says 2023 Was Second Best Year in Its History While Posting $120 Million in Net Profits
Cyberpunk and Witcher developer calls 2023 a success despite last summer's layoffs.
March 28th, 2024 — Source

Chinese Cyberspies Targeting ASEAN Entities
Two Chinese cyberespionage groups have been targeting entities and member countries affiliated with ASEAN.
March 28th, 2024 — Source

CISA Moving Forward With Cyber Incident Reporting Rules Impacting 316,000 Entities
CISA is seeking comment on the implementation of CIRCIA, which will cost $2.6 billion and will impact 316,000 entities.
March 28th, 2024 — Source

Cisco Patches DoS Vulnerabilities in Networking Products
Cisco has released patches for multiple IOS and IOS XE software vulnerabilities leading to denial-of-service (DoS).
March 28th, 2024 — Source

Coro Raises $100 Million for All-in-One Security Platform
Coro has raised $100 million in Series D funding for its enterprise-grade platform tailored for the small- and mid-sized market.
March 28th, 2024 — Source

Coro, building cybersecurity for SMBs, locks down $100M at a $750M valuation
Enterprises and other large organizations have long been a lucrative and obvious target for cybercriminals, but in recent years — thanks to more sophisticated breach techniques and the rise of AI — small and medium businesses are now also very much on the map.
March 28th, 2024 — Source

Cryptohack Roundup: Sam Bankman-Fried Gets 25-Year Sentence
Also: US Sanctions for Russia-Linked DeFi, Coinbase Can't Escape SEC Lawsuit
March 28th, 2024 — Source or Source or Source or Source or Source

Cyberespionage Campaign Targets Government, Energy Entities in India
Threat intelligence firm EclecticIQ documents the delivery of malware phishing lures to government and private energy organizations in India.
March 28th, 2024 — Source

Cybersecurity Mesh: Overcoming Data Security Overload
A significant cybersecurity challenge arises from managing the immense volume of data generated by numerous IT security tools, leading organizations into a reactive rather than proactive approach.
March 28th, 2024 — Source

Details and Lessons Learned From the Ransomware Attack on the British Library
Although the attack on the national library of the UK occurred five months ago, the Library's infrastructure won't be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin.
March 28th, 2024 — Source

Federal Elections Commission Considers Regulating AI
FEC Commissioner Says Group Is Exploring How to Regulate Campaign Deepfakes
March 28th, 2024 — Source

Feds Seek Secure-by-Design Armageddon for SQL Injection Bugs
Hackers Continue to Abuse Easily Preventable Vulnerability to Cause Massive Damage
March 28th, 2024 — Source or Source or Source or Source

Fortify your finances: A tactical guide to shielding against scams in 2024
Online shopping and banking may bring more convenience, but if you're not careful they can paint a target on your back.
March 28th, 2024 — Source

Hackers Developing Malicious LLMs After WormGPT Falls Flat
Crooks Are Recruiting AI Experts to Jailbreak Existing LLM Guardrails
March 28th, 2024 — Source or Source or Source or Source or Source

How AI Is Shaping an Inclusive and Diverse Future
AI's Transformative Impact and Challenges in Developing Regions
March 28th, 2024 — Source or Source or Source or Source or Source

INC Ransom claims responsibility for attack on NHS Scotland
Sensitive documents dumped on leak site amid claims of 3 TB of data stolen in total
March 28th, 2024 — Source

OMB Issues First Governmentwide AI Risk Mitigation Rules
Guidance Calls for Agencies to Appoint Chief AI Officers, Set Up Governance Boards
March 28th, 2024 — Source or Source or Source or Source or Source

Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2023-24955 -- a code injection vulnerability that allows authenticated attackers to execute code remotely on a vulnerable Microsoft SharePoint Server -- to its KEV catalog and is demanding that US federal civilian agencies implement the patch for it by April 16.
March 28th, 2024 — Source

PostgreSQL pioneer's latest brainchild promises time travel to dodge ransomware
Michael Stonbraker on the neat side effects of putting an operating system on top of a database
March 28th, 2024 — Source

Securing SMBs Globally: Coro Raises $100M to Go Into Europe
Series D Funding Will Strengthen Coro's Channel Program, European Market Presence
March 28th, 2024 — Source or Source or Source or Source or Source

Splunk Patches Vulnerabilities in Enterprise Product
Splunk patches high-severity vulnerabilities in Enterprise, including an authentication token exposure issue.
March 28th, 2024 — Source

The Witcher "Polaris" Still Pre-Production, Witcher Remake, Cyberpunk Sequel in Concept Phase
2023 was CDPR's second-best year ever, thanks to the sales of the Cyberpunk 2077: Phantom Liberty expansion, which managed to move 5 million copies, which is added to the 20 million in sales for the original Cyberpunk 2077. CDPR has also announced that The Witcher series surpassed 75 million units sold last year. So, yes, if you're doing the math (75 million for the Witcher, 25 million for Cyberpunk) CDPR has now sold over 100 million games. Not bad!
March 28th, 2024 — Source

Truck ELD hacking could put millions of vehicles at risk
The trucking industry is facing a critical cybersecurity threat that could impact millions of vehicles on the road. Electronic Logging Devices (ELDs), mandated for use in the United States and increasingly adopted worldwide, are essential for tracking drivers' hours to comply with work-hour regulations.
March 28th, 2024 — Source

UnitedHealth Admits Patient Data Was 'Taken' in Mega Attack
US Government Offers $10M Bounty to Track Down Leadership of BlackCat Crime Group
March 28th, 2024 — Source or Source or Source

US critical infrastructure cyberattack reporting rules inch closer to reality
After all, it's only about keeping the essentials on -- no rush
March 28th, 2024 — Source

US Offering $10 Million Reward for Information on Change Healthcare Hackers
The US is offering a reward of up to $10 million for information on BlackCat ransomware affiliates that targeted US critical infrastructure.
March 28th, 2024 — Source or Source

Zafran Emerges From Stealth With Risk and Mitigation Platform, $30M in Funding
Zafran has emerged from stealth mode with a risk and mitigation platform and $30 million in funding from Sequoia Capital and Cyberstarts.
March 28th, 2024 — Source

Snowflake Data Clean Rooms helps organizations preserve the privacy of their data
Snowflake introduced Snowflake Data Clean Rooms to customers in AWS East, AWS West, and Azure West, revolutionizing how enterprises of all sizes can securely share data and collaborate in a privacy-preserving manner to achieve high value business outcomes in the Data Cloud.
March 28th, 2024 — Source

These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb
One might say this is a wurst case scenario
March 28th, 2024 — Source

Threat Indicators Show 2024 Is Already Promising to be Worse Than 2023
In just the first two months of 2024, threat intelligence firm Flashpoint has logged dramatic increases in all major threat indicators.
March 28th, 2024 — Source

Zero-day exploitation surged in 2023, Google finds
2023 saw attackers increasingly focusing on the discovery and exploitation of zero-day vulnerabilities in third-party libraries (libvpx, ImagelO) and drivers (Mali GPU, Qualcomm Adreno GPU), as they can affect multiple products and effectively offer more possibilities for attack.
March 28th, 2024 — Source

Internet — Security Issues — March 27th, 2024

AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022)
Attackers are leveraging a vulnerability (CVE-2023-48022) in Anyscale's Ray AI software to compromise enterprise servers and saddle them with cryptominers and reverse shells.
March 27th, 2024 — Source

AI Opens Fraud Detection Gap, Says US Treasury
Department Says It May Contribute Its Own Data for Training Models
March 27th, 2024 — Source or Source or Source or Source or Source

Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect.
March 27th, 2024 — Source

AU10TIX's Digital ID suite identifies potentially fraudulent activities
AU10TIX announced the expansion of its Digital ID solution, which enables businesses to securely verify IDs of all types, including physical, digital, eID, verifiable credentials, and more.
March 27th, 2024 — Source

Brexit benefit: Porsche Boxster and Cayman axed in Europe, but survive in the UK!
Cybersecurity regulations mean the Porsche 718-generation sports cars will be killed-off this year on the continent
March 27th, 2024 — Source

Businesses still not ready for new DMARC rules
Despite them being widely publicized, Source" target="new" class="RM1">Google and Yahoo's new email rules still risk catching out many businesses.
March 27th, 2024 — Source

Change Healthcare Wake-Up Call: Is Sector Too Codependent?
Denise Anderson and Errol Weiss of Health-ISAC Discuss Critical Cyber Issues
March 27th, 2024 — Source or Source or Source or Source or Source

Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own
Google ships a security-themed Chrome browser refresh to fix flaws exploited at the CanSecWest Pwn2Own hacking contest.
March 27th, 2024 — Source

CISA Seeks Public Input on Cyber Incident Reporting Rules
US Cyber Defense Agency Proposes 72-Hour Reporting Rule for Covered Entities
March 27th, 2024 — Source or Source or Source or Source or Source

CISA: Second SharePoint Flaw Disclosed at Pwn2Own Exploited in Attacks
CISA says a second SharePoint vulnerability demonstrated last year at Pwn2Own, CVE-2023-24955, has been exploited in the wild.
March 27th, 2024 — Source

Code Execution Flaws Haunt NVIDIA ChatRTX for Windows
Artificial intelligence computing giant NVIDIA patches flaws in ChatRTX for Windows and warns of code execution and data tampering risks.
March 27th, 2024 — Source

CyberArk Secure Browser helps prevent breaches resulting from cookie theft
CyberArk launched CyberArk Secure Browser, an identity-centric secure browser, providing enhanced security and privacy alongside a familiar, productive user experience.
March 27th, 2024 — Source

Enhancing cyber security in financial services: Simulated cyber attacks
Simulated attacks allow financial institutions to test their incident response capabilities, evaluate the effectiveness of their security controls and identify areas for improvement
March 27th, 2024 — Source

Enterprise cybersecurity's lateral movement 'blind spot' [Q&A]
A lot of time, attention, and investment is spent on creating strong perimeters and endpoint defenses to prevent malicious actors from gaining access to corporate networks.
March 27th, 2024 — Source

French cyberdefence chief warns Paris Olympics a 'target'
The head of France's national cybersecurity agency said the Paris Olympics would be a "target" this year including for foreign states interested in "disrupting the opening ceremony or causing problems on public transport".
March 27th, 2024 — Source

Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working
Despite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns.
March 27th, 2024 — Source

Google: Spyware vendors behind 50% of zero-days exploited in 2023
Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.
March 27th, 2024 — Source

iSoon Leak Shows Links to Chinese APT Groups
The Firm Is Operating Alongside RedHotel, RedAlpha and Poison Carp
March 27th, 2024 — Source or Source or Source or Source or Source

Malwarebytes adds AI functionality to ThreatDown Security Advisor
Malwarebytes has added AI functionality to its Security Advisor, available in every ThreatDown Bundle.
March 27th, 2024 — Source

More than 17 billion records compromised in 2023
Last year saw a 34.5 percent year-on-year increase in reported data breach incidents, with over 17 billion records compromised according to a new report from Flashpoint.
March 27th, 2024 — Source

More than half of organizations fall victim to cyberattacks
The latest Cybersecurity Readiness Index from Cisco shows that 53 percent of the respondents report falling victim to a cyber incident this past year, and many leaders (73 percent) believe that they will be a victim of a cybersecurity incident in the next 12-24 months.
March 27th, 2024 — Source

New Regulations Pose Compliance Challenges
How to Navigate New SEC Rules
March 27th, 2024 — Source or Source or Source or Source or Source

New variant of "TheMoon" malware enslaves thousands of insecure Asus routers into a malicious proxy
Cybercriminals have partnered in a novel botnet-as-a-service operation
March 27th, 2024 — Source

NTIA Pushes for Independent Audits of AI Systems
Accountability Needed to Unleash Full Potential of AI, Says NTIA Administrator
March 27th, 2024 — Source or Source or Source or Source or Source

On the Increase: Zero-Days Being Exploited in the Wild
Espionage Groups and Commercial Surveillance Vendors Tied to Many Zero-Day Exploits
March 27th, 2024 — Source or Source or Source or Source or Source

Organizations Informed of 10 Vulnerabilities in Rockwell Automation Products
In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products.
March 27th, 2024 — Source

Ransomware as a Service and the Strange Economics of the Dark Web
Ransomware is changing, fast. The past three months have seen dramatic developments among the ransomware ecosystem to include the takedown of LockBit's ransomware blog, BlackCat exiting the ecosystem, and the emergence of several smaller ransomware groups.
March 27th, 2024 — Source

Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters
Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters.
March 27th, 2024 — Source

States step in to hasten provider recovery in wake of Change Healthcare cyberattack
Washington, Maryland and New Mexico have leveraged funding opportunities and regulatory tools to ease the burden on providers still struggling to operate with claims payments disrupted.
March 27th, 2024 — Source

Street newspaper appears to have Big Issue with Qilin ransomware gang
The days of cybercriminals having something of a moral compass are over
March 27th, 2024 — Source

Turning to a Career in Cybersecurity
Cyberthreats Are Rampant, Expertise Is Needed, and the Rewards Are Great
March 27th, 2024 — Source or Source or Source or Source or Source

Tycoon 2FA - The Criminals' Favorite Platform for MFA Theft
Phishing-as-a-Service Platform Lets Hackers Impersonate More Than 1,100 Domains
March 27th, 2024 — Source or Source or Source or Source or Source

Why our data might need protection from the future: Apple's 'Post-Quantum' security move
Computing giant Apple recently announced it was taking steps to protect the more than 1 billion people worldwide who use its iMessage app—from a threat that doesn't yet exist.
March 27th, 2024 — Source

Internet — Security Issues — March 25th, 2024

APT29 hit German political parties with bogus invites and malware
APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared.
March 25th, 2024 — Source

Data Protection Fines: UK Privacy Watchdog Updates Guidance
Regulator Emphasizes Upside of Transparency, Downside of Intentional Infringement
March 25th, 2024 — Source or Source or Source or Source or Source

Gartner Warns IAM Professionals Cyber Security Depends on Them
The rise of remote work, access via third-party providers and machine identities are just three reasons why cyber security depends on good identity and access management, Gartner has said.
March 25th, 2024 — Source

Hospitals Lobby Feds to Clarify Breach Duties in UHG Attack
AHA Wants Change Healthcare on Hook for Notification in Potential Breach
March 25th, 2024 — Source or Source or Source or Source or Source

Interos Resilience Watchtower enables companies to monitor vulnerabilities
Interos announced Interos Resilience Watchtower, a personalized risk technology that evolves organizations from monitoring to action.
March 25th, 2024 — Source

Leen Banks Early Stage Funding for Data Security Technology
Leen Security, a new startup building technology to help reduce chaos in the data security space, has banked a $2.8 million pre-seed funding.
March 25th, 2024 — Source

Over 100 Organizations Targeted in Recent 'StrelaStealer' Attacks
More than 100 organizations in the US and EU have been targeted in recent StrelaStealer infostealer campaigns.
March 25th, 2024 — Source

Preparing for a post-quantum security landscape [Q&A]
As widely available quantum computing draws closer, organizations need to consider the extent to which their supply chain presents risks and start building in post quantum readiness to their risk assessments.
March 25th, 2024 — Source

Report Urges Congress to Form an Armed Cyber Military Branch
Research Shows Military Suffers From Disjointed Cyber Operations Amid New Threats
March 25th, 2024 — Source or Source or Source or Source or Source

Scammers steal millions from FTX, BlockFi claimants
Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds.
March 25th, 2024 — Source

Tech trade union confirms cyberattack behind IT, email outage
Systems have been pulled offline as a precaution
March 25th, 2024 — Source

The AI Revolution and White-Collar Workers
Will AI Be a Catalyst for Innovation or a Source of Displacement?
March 25th, 2024 — Source or Source or Source or Source or Source

Time to examine the anatomy of the British Library ransomware nightmare
Mistakes years in the making tell a universal story that must not be ignored
March 25th, 2024 — Source

The OODA Loop: The Military Model That Speeds Up Cybersecurity Response
The OODA Loop can be used both by defenders and incident responders for a variety of use cases such as threat assessment, threat monitoring, and threat hunting.
March 25th, 2024 — Source

TikTok national security briefings "deeply troubling" and should be made public -- senators
Two senators who have received classified TikTok national security briefings say that the information revealed to them has left them "deeply troubled."
March 25th, 2024 — Source

UK blames China for massive breach of voter data
The U.K. government has blamed China for a 2021 cyberattack that compromised the personal information of millions of U.K. voters.
March 25th, 2024 — Source

UK Discloses Chinese Espionage Activities
Deputy Prime Minister Says Violet Typhoon Is Behind Attacks on UK Politicians
March 25th, 2024 — Source or Source or Source or Source

US sanctions APT31 hackers behind critical infrastructure attacks
The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security (MSS) as cover in attacks against U.S. critical infrastructure organizations.
March 25th, 2024 — Source

US Treasury Slaps Sanctions on China-Linked APT31 Hackers
The US Treasury Department sanctions a pair of Chinese hackers linked to "malicious cyber operations targeting US critical infrastructure sectors."
March 25th, 2024 — Source

White House Nominates First Assistant Secretary of Defense for Cyber Policy
Michael Sulmeyer has been nominated by the White House as the first assistant secretary of defense for cyber policy at the Pentagon.
March 25th, 2024 — Source

Why Endpoint Security Tools Are Still Such a Challenge
LinkedIn Chief Security Architect Calls for More Integration of Devices, Identities
March 25th, 2024 — Source or Source or Source or Source or Source

Vulnerability in virtual reality systems identified
A team of computer scientists at the University of Chicago has uncovered a potential vulnerability in virtual reality systems—one that could allow a hacker to insert what the team describes as an "inception layer" between a user's VR Home Screen and their VR User/Server.
March 25th, 2024 — Source

Internet — Security Issues — March 22nd, 2024

39,000 Websites Infected in 'Sign1' Malware Campaign
Over 39,000 websites have been infected with the Sign1 malware that redirects visitors to scam domains.
March 22nd, 2024 — Source

AI Is Making Payment Fraud Better, Faster and Easier
AI Is Also Making Traditional Scams More Convincing, Warns Visa
March 22nd, 2024 — Source or Source or Source or Source or Source

Apple Sued for Prioritizing Market Dominance Over Security
Lawsuit Says Apple Stifles Innovation, Degrades Security, Suppresses Protections
March 22nd, 2024 — Source or Source or Source or Source or Source

Apple Silicon has a hardware-level exploit that could leak private data
Fortunately, the odds are fairly low you'll have to worry about the theoretical threat in practice.
March 22nd, 2024 — Source

Apple's unfixable CPU exploit: 3 practical security takeaways
Intel and AMD have already had vulnerabilities exposed. Now it's Apple's turn—giving consumers much to ponder.
March 22nd, 2024 — Source

Biden's Economic Team Warns of AI Risks and Job Displacement
US Council of Economic Advisers Includes AI Section in Newly Released Report
March 22nd, 2024 — Source or Source or Source or Source

BlueFlag Security Emerges From Stealth With $11.5M in Funding
BlueFlag Security emerges from stealth mode with $11.5 million in a seed funding round led by Maverick Ventures and Ten Eleven Ventures.
March 22nd, 2024 — Source or Source or Source

'Brain Weasels': Impostor Syndrome in Cybersecurity
There are several attributes that tie the cybersecurity community together--namely our collective passion for solving complex problems in order to reduce harm -- but one has stood out prominently over the years: impostor syndrome.
March 22nd, 2024 — Source

China relaxes cross-border data rules after concern from foreign businesses
Ahead of a a high-profile business forum in Beijing which Apple CEO Tim Cook is attending, China has relaxed rules governing cross-border data flows, addressing a key concern of foreign businesses that had complained previous regulations were disrupting their operations.
March 22nd, 2024 — Source

CISA: Here's how you can foil DDoS attacks
In light of the rise of "DDoS hacktivism" and the recent DDoS attacks aimed at disrupting French and Alabama government websites, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its guidance of how governmental entities (but also other organizations) should respond to this type of attacks.
March 22nd, 2024 — Source

CISOs: Make Sure Your Team Members Fit Your Company Culture
Why? Because 'Culture Eats Strategy for Breakfast,' as the Saying Goes
March 22nd, 2024 — Source or Source or Source

Cryptohack Roundup: Ray Eviscerates Bankman-Fried
Also: CryptoFX Ponzi Scheme, North Korean Hackers Gonna Hack
March 22nd, 2024 — Source or Source or Source

Denial-of-Service Attack Could Put Servers in Perpetual Loop
Researchers Spot Vulnerability in Application-Layer Communication Protocol
March 22nd, 2024 — Source or Source or Source

Ex-Secret Service agent and convicted hacker share stage at GISEC Global
A former United States Secret Service Agent and a Vietnamese former-hacker-turned-cybersecurity-specialist are set to reunite for the first time at GISEC Global 2024 to discuss their unique cat-and-mouse-style chase, which ultimately resulted in an arrest and conviction.
March 22nd, 2024 — Source

GitLab Acquires Oxeye to Bolster SAST in DevSecOps Workflow
Acquisition Promises Enhanced Application Security and Reduced False Positives
March 22nd, 2024 — Source

Hackers can exploit flaw in Apple M-series processors
Security researchers have found a serious exploit in all Apple M-series processors. The hard-wired flaw could potentially could be used by hackers to get user credit card information or read encrypted messages.
March 22nd, 2024 — Source

In Other News: Google's PQC Threat Model, Keyboard Sounds Expose Data, AI Roadmap
Noteworthy stories that might have slipped under the radar: Google's post-quantum cryptography threat model, keyboard typing sounds can expose data, DHS publishes AI roadmap.
March 22nd, 2024 — Source

Investors' pledge to fight spyware undercut by past investments in US malware maker
Cyber investors announced commitments to fighting spyware, but at least one firm previously invested in an exploit maker
March 22nd, 2024 — Source

ISMG Editors: How Will the Quantum Era Reshape Cybersecurity?
Also: US Regulators Backtrack on Web Tracker Privacy; ISMG's RSA 2024 Coverage
March 22nd, 2024 — Source or Source

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days
UNC5174 Exploited F5 BIG-IP and ScreenConnect Vulnerabilities
March 22nd, 2024 — Source or Source or Source or Source or Source

Mozilla just ditched its privacy partner because its CEO is tied to data brokers
Mozilla will no longer partner with Onerep to help users find and take down personal information exposed on the web.
March 22nd, 2024 — Source or Watch Video

New 'GoFetch' Apple CPU Attack Exposes Crypto Keys
Researchers detail GoFetch, a new side-channel attack impacting Apple CPUs that could allow an attacker to obtain secret keys.
March 22nd, 2024 — Source

Nursing Home Declares Bankruptcy, Blames Recent Cyberattacks
Also, Senate Bill Proposes Payment Relief for Firms Meeting Cyber 'Standards'
March 22nd, 2024 — Source or Source or Source

Ransomware Group Takes Credit for Attack on Boat Dealer MarineMax
The Rhysida ransomware group has taken credit for the cyberattack on MarineMax and is offering to sell stolen data for 15 bitcoin.
March 22nd, 2024 — Source

Revenue Cycle Firm Settles GitHub PHI Breach Lawsuit for $7M
Class Action Settlement Also Calls for MedData to Enhance Its Security Program
March 22nd, 2024 — Source or Source or Source or Source or Source

Russian APT29 Hackers Caught Targeting German Political Parties
Russia's APT29 hacking group is expanding targets to political parties in Germany using a new backdoor variant tracked as Wineloader.
March 22nd, 2024 — Source

Russian hackers target German political parties with WineLoader malware
Researchers are warning that a notorious hacking group linked to Russia's Foreign Intelligence Service (SVR) is targeting political parties in Germany for the first time, shifting their focus away from the typical targeting of diplomatic missions.
March 22nd, 2024 — Source

Russian Nation-State Hacker Targets German Political Parties
Latest APT29 Campaign Uses a Previously Unseen Malware Backdoor
March 22nd, 2024 — Source or Source or Source

Saflok Lock Vulnerability Can Be Exploited to Open Millions of Doors
Vulnerability in Dormakaba's Saflok electronic locks allow hackers to forge keycards and open millions of doors.
March 22nd, 2024 — Source

Synopsys Greenlights Sale of $525M Application Security Unit
Software Integrity Business Could Fetch More Than $3B, Attract Private Equity Firms
March 22nd, 2024 — Source or Source

The Huge Security Hack That Might Make Travelers Feel Less Safe In Hotels
Hackers are always looking for new avenues to or steal vital personal information, and any sufficiently-advanced computer system can serve as one of those avenues for malicious purposes.
March 22nd, 2024 — Source

UK Official: AI in Defense Sector Is Not About Killer Robots
It Will Do Low-Level Tasks to Free Up Pros to Make Decisions, Say Researchers
March 22nd, 2024 — Source or Source or Source or Source or Source

UN Adopts US-Led International AI Safety Resolution
The Non-Binding Resolution Calls for 'Safe, Secure, and Trustworthy AI Systems'
March 22nd, 2024 — Source or Source or Source or Source or Source

US Government Issues New DDoS Mitigation Guidance
CISA, the FBI, and MS-ISAC have released new guidance on how federal agencies can defend against DDoS attacks.
March 22nd, 2024 — Source

US organizations targeted with emails delivering NetSupport RAT
Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via "nuanced" exploitation and by using an advanced detection evasion method.
March 22nd, 2024 — Source

Vulnerability found in Apple's Silicon M-series chips -- and it can't be patched
Hackers can harvest encryption keys from Macs and MacBooks.
March 22nd, 2024 — Source

Which comes first? The pentest or the bug bounty program? [Q&A]
Bug bounty and penetration testing programs are often grouped as interchangeable, but they perform distinct functions.
March 22nd, 2024 — Source

Which Cyber Vendor Will Be First Off the IPO Starting Block?
Cato Networks, Rubrik, Snyk Are Interested in Going Public, But Have No Firm Plans
March 22nd, 2024 — Source or Source

Internet — Security Issues — March 20th, 2024

1 in 4 Organizations Shut Down OT Operations Due to Cyberattacks: Survey
A Palo Alto Networks survey shows many industrial organizations experience cyberattacks and 1 out of 4 has shut down OT operations.
March 20th, 2024 — Source

300,000 Systems Vulnerable to New Loop DoS Attack
Academic researchers describe a new application-layer loop DoS attack affecting Broadcom, Honeywell, Microsoft and MikroTik.
March 20th, 2024 — Source

A perfect storm: Assessing the deadly impact of climate-driven flooding and cyber attacks
Society is now in an era in which climate change and cyber insecurity are regular threats to life and property. In tandem, the two have the potential to be especially deadly.
March 20th, 2024 — Source

Apex Legends hacker said he hacked tournament games 'for fun'
On Sunday, the world of video games was shaken by a hacking and cheating scandal.
March 20th, 2024 — Source

Apiiro and Secure Code Warrior join forces for developer training integration
Apiiro has announced a product integration and partnership with Secure Code Warrior to extend its ASPM technology and processes to the people layer. The partnership combines Apiiro's deep code analysis and risk context with Secure Code Warrior's agile learning catalog to deliver developer training directly to developers in their tools and workflows.
March 20th, 2024 — Source

Atlassian Patches Critical Vulnerability in Bamboo Data Center and Server
Atlassian releases patches for two dozen vulnerabilities, including a critical-severity bug in Bamboo Data Center and Server.
March 20th, 2024 — Source

Chrome 123, Firefox 124 Patch Serious Vulnerabilities
Chrome and Firefox security updates released on Tuesday resolve a critical-severity and multiple high-severity vulnerabilities.
March 20th, 2024 — Source

Compliance failings leave enterprises vulnerable to data breaches
A new report from Thales reveals that 43 percent of enterprises failed a compliance audit last year, with those companies 10 times more likely to suffer a data breach.
March 20th, 2024 — Source

ControlUp Secure DX reduces endpoint management complexity
ControlUp announced Secure DX, a real-time scanning, detection, and remediation solution that improves the security posture of endpoint devices without compromising the digital employee experience.
March 20th, 2024 — Source

Cyber fusion -- what is it and why is it important for security? [Q&A]
Today's IT security teams face several key challenges. Tasked with combating the rising volume and frequency of sophisticated cyber threats, they are bombarded with a tsunami of alerts generated by countless security tools that deliver little context or value-add insight.
March 20th, 2024 — Source

Cyberattacks are targeting US water systems, warns EPA and White House
States are being asked to assess vulnerabilities at water utilities following attacks linked to the Chinese and Iranian governments.
March 20th, 2024 — Source

Cybersecurity attacks have the potential to infiltrate medical devices and cripple health care, expert warns
The cyberattack on Change Healthcare last month should serve as a wake-up call for the health care industry, which needs to focus on securing its infrastructure, says Kevin Fu, a Northeastern University professor of electrical and computer engineering and cybersecurity adviser to the White House.
March 20th, 2024 — Source

Cybersecurity in the UK: Government Sees Improvements Slow
Survey Finds Too Many Under-Engaged Boards, Reactive Attitudes, Low Appetite for AI
March 20th, 2024 — Source or Source or Source or Source or Source

DataDome Account Protect provides security for login and registration endpoints
DataDome launched DataDome Account Protect. This solution targets the growing threat of account takeovers and fake account creations that organizations worldwide face, providing robust security for login and registration endpoints against account-based attacks for business fraud purposes.
March 20th, 2024 — Source

DevSecOps: Bridging the Gap Between Speed and Security
The article covers how DevSecOps merges security with DevOps, focusing on quick, secure software development through automation and ongoing security checks.
March 20th, 2024 — Source

Elon Musk's X suspends users who post alleged name of alt-right comic creator
'StoneToss' webcomics frequently feature antisemitism, racism, and anti-LGBTQ sentiment.
March 20th, 2024 — Source

Email Bomb Attacks: Filling Up Inboxes and Servers Near You
HHS: Bot-Driven Attacks Can Overwhelm Email Servers, Networks and Disrupt Workflow
March 20th, 2024 — Source or Source or Source or Source or Source

First 'Cyberflasher' Convicted in England Gets Year in Prison for Sending Explicit Photo
The Crown Prosecution Service (CPS) in the United Kingdom has sentenced the first criminal as part of its new Online Safety Act that outlawed sending unsolicited photos of genitalia, otherwise known as "cyberflashing."
March 20th, 2024 — Source

Five Eyes Agencies Issue New Alert on Chinese APT Volt Typhoon
Government agencies in the Five Eyes countries warn critical infrastructure entities of Chinese state-sponsored hacking group Volt Typhoon.
March 20th, 2024 — Source

Glassdoor is tying real names to anonymous profiles without consent
That's probably the last place you would ever want your real name to be stored.
March 20th, 2024 — Source

Glassdoor reportedly attaches real names to anonymous accounts
The site where you can be honest about your employer might not be your friend.
March 20th, 2024 — Source

Growing AceCryptor attacks in Europe
ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023.
March 20th, 2024 — Source

Hacker Caught Stealing Personal Data of 132,000 Individuals Pleads Guilty
Idaho man pleads guilty to hacking charges over cyberattacks he conducted in 2017 and 2018, which involved data theft and extortion.
March 20th, 2024 — Source

Ivanti fixes critical Standalone Sentry bug reported by NATO
Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.
March 20th, 2024 — Source

Ivanti fixes RCE vulnerability reported by NATO cybersecurity researchers (CVE-2023-41724)
Ivanti has fixed a critical RCE vulnerability (CVE-2023-41724) in Ivanti Standalone Sentry that has been reported by researchers with the NATO Cyber Security Centre.
March 20th, 2024 — Source

Microsoft Hires Influential AI Figure Mustafa Suleyman to Head up Consumer AI Business
Microsoft hired Mustafa Suleyman to head up its new AI business, adding an influential figure to its pool of talent leading the charge to build a technology that Suleyman views as both as a boon and threat to humanity.
March 20th, 2024 — Source

Nirmata Policy Manager combats cloud security threats
Nirmata announced new features for its flagship product, Nirmata Policy Manager. With today's increasing cloud security threats, detecting intrusions is no longer enough -- the damage may already be done. That's why Nirmata has developed Nirmata Policy Manager to proactively avert threats by eliminating security and compliance misconfigurations across Kubernetes clusters, CI/CD pipelines, and cloud services.
March 20th, 2024 — Source

Portnox Conditional Access for Applications improves data security for organizations
Portnox introduced its Conditional Access for Applications solution. Available as part of the Portnox Cloud platform, Conditional Access for Applications delivers easy-to-implement passwordless authentication, endpoint risk posture assessment, and automated endpoint remediation for organizations seeking to harden their application security posture.
March 20th, 2024 — Source

Privacy in the AI era: How do we protect our personal information?
The AI boom, including the advent of large language models (LLMs) and their associated chatbots, poses new challenges for privacy. Is our personal information part of a model's training data? Are our prompts being shared with law enforcement? Will chatbots connect diverse threads from our online lives and output them to anyone?
March 20th, 2024 — Source

Proofpoint: APAC Employees Are Choosing Convenience, Speed Over Cyber Security
Risky cyber security behaviours are putting employees at risk of phishing and other attacks, according to Proofpoint research, with many employees still unclear security is their responsibility, too.
March 20th, 2024 — Source

Quantum Computing: A New Dawn for Encryption Vulnerabilities
Expert Perspectives on Protecting Data and Developing Quantum-Safe Cryptography
March 20th, 2024 — Source or Source or Source or Source or Source

RaaS groups increasing efforts to recruit affiliates
Smaller RaaS groups are trying to recruit new and "displaced" LockBit and Alphv/BlackCat affiliates by foregoing deposits and paid subscriptions, offering better payout splits, 24/7 support, and other "perks".
March 20th, 2024 — Source

Researchers surprised by penned fish responses to robots
Norway leads the world when it comes to the use of robots in the aquaculture sector. But how do these robots actually impact on the fish? Cyberneticist Eleni Kelasidi is surprised by just how much.
March 20th, 2024 — Source

Risk Management Firm CyberSaint Raises $21 Million
Cyber risk management firm CyberSaint has raised $21 million in Series A funding, bringing the total investment to $29 million.
March 20th, 2024 — Source

Securing Cloud Infrastructure: Leveraging Key Management Technologies
This article explores the world of secure key management, the intricacies of KMS and HSM, their benefits, use cases, key considerations, and best practices.
March 20th, 2024 — Source

Serial extortionist of medical facilities pleads guilty to cybercrime charges
Robert Purbeck even went as far as threatening a dentist with the sale of his child's data
March 20th, 2024 — Source

SMBs are easy targets for cyberattacks
Despite cybersecurity threats being on the rise, many small and medium businesses (SMBs) still lack basic security measures, according to AI security company Cyber Upgrade.
March 20th, 2024 — Source

Spa Grand Prix email account hacked to phish banking info from fans
Hackers hijacked the official contact email for the Belgian Grand Prix event and used it to lure fans to a fake website promising a €50 gift voucher.
March 20th, 2024 — Source

Stalkerware usage surging, despite data privacy concerns
At least 31,031 people affected last year
March 20th, 2024 — Source

Tactics for Battling Attacks by Russia's Midnight Blizzard
As Nation-State Group Hacks Big Targets, Trellix's John Fokker Details Defenses
March 20th, 2024 — Source or Source or Source or Source or Source

The best free VPN for cybersecurity and streaming
Take your pick without spending a penny.
March 20th, 2024 — Source

The most prevalent malware behaviors and techniques
An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence.
March 20th, 2024 — Source

The Widening Career Opportunities for New College Graduates
New Grads Can Analyze IoT Data, Bring Talent and Innovative Thinking to Workplace
March 20th, 2024 — Source or Source or Source or Source or Source or Source

US CISA Urges Preventative Actions Against Volt Typhoon
Make Sure You Have Logs, Five Eyes Alliance Says
March 20th, 2024 — Source or Source or Source or Source or Source

US Expands Global Coalition on Commercial Spyware Misuse
White House Announces New Allies in Fight Against Misuse of Commercial Spyware
March 20th, 2024 — Source or Source or Source or Source or Source

US Sanctions 'Key Actors' in Russian Disinformation Campaign
Treasury Department Sanctions Heads of Russian 'Influence-for-Hire' Firms
March 20th, 2024 — Source or Source or Source or Source

US task force aims to plug security leaks in water sector
US government is urging state officials to band together to improve the cybersecurity of the country's water sector amid growing threats from foreign adversaries.
March 20th, 2024 — Source

Venafi Firefly with SPIFFE capability enables security teams to ensure governance and reduce risk
Venafi introduced SPIFFE (Secure Production Identity Framework For Everyone) support for Venafi Firefly, Venafi's lightweight workload identity issuer designed to support modern, highly distributed cloud native workloads.
March 20th, 2024 — Source

Which Cyber Vendor Will Be First Off the IPO Starting Block?
Cato Networks, Rubrik, Snyk Are Interested in Going Public, But Have No Firm Plans
March 20th, 2024 — Source or Source

White House Calls on States to Boost Cybersecurity in Water Sector
The White House is calling on state environmental, health, and homeland security agencies to convene on safeguarding water systems.
March 20th, 2024 — Source

White House warns of cyberattacks targeting critical US water systems
Water plants can be an easy target for hackers
March 20th, 2024 — Source

Why are your Windows Defender antivirus scans slow? Here's how to find out
If the scan of your hard drive with Microsoft Defender seems to take forever, it's worth finding out why.
March 20th, 2024 — Source

Why Cybereason Is Making Its 3rd Round of Layoffs Since 2022
Among Those Leaving Is Zohar Alon, Who Was Hired in 2023 to Spearhead Product, R&D
March 20th, 2024 — Source or Source or Source or Source or Source

Zoom Compliance Manager helps organizations fulfill regulatory requirements
Zoom announces Zoom Compliance Manager, an all-in-one offering that provides archiving, eDiscovery, legal hold, and information protection capabilities to help organizations fulfill regulatory requirements and mitigate organizational communications compliance risks across the Zoom platform.
March 20th, 2024 — Source

Internet — Security Issues — March 18th, 2024

7 Quick Wins to Boost Cyber Defenses with Microsoft Copilot
Corporate and cybersecurity leaders are starting to realize AI can be a pivotal ally in the fight against rising cyber threats. To illustrate, Microsoft Copilot for Security is already helping to streamline and enhance security operations and empower teams with AI-driven insights and efficiencies.
March 18th, 2024 — Source or Source or Source or Source or Source

43 million workers potentially affected in France Travail data breach
French national unemployment agency France Travail (formerly Pôle emploi) and Cap emploi, a government employment service for people with disabilities, have suffered a data breach that might have exposed personal data of 43 million people.
March 18th, 2024 — Source

AI in the Trenches
Customer Outcomes Using Microsoft Copilot for Security
March 18th, 2024 — Source or Source or Source or Source or Source

AI Infused with XDR, SIEM, and Threat Intelligence Set to Reshape Cybersecurity
Today's security tools capture a wealth of data. Yet when incidents occur, threat data from siloed platforms can take hours or days to gather, analyze and act upon. Correlating threat data takes time, as does developing the right remediation plans, stopping the attack, and sharing the results with colleagues.
March 18th, 2024 — Source or Source or Source or Source or Source

Apex Legends eSports event postponed by hacking claims
Organizers of the Apex Legends Global Series eSports tournament have postponed an event after two competitors appeared to be hacked while playing separate games during the North American finals.
March 18th, 2024 — Source

Apex Legends players worried about RCE flaw after ALGS hacks
Electronic Arts has postponed the North American (NA) finals of the ongoing Apex Legends Global Series (ALGS) after hackers compromised players mid-match during the tournament.
March 18th, 2024 — Source

BigID Raises $60M, Eyes M&A Around Data Security, Compliance
Data Security Vendor Retains Unicorn Status With Riverwood Capital-Led Growth Round
March 18th, 2024 — Source or Source or Source or Source or Source

Cash-Strapped Women's Clinic Sues UnitedHealth Over Attack
Lawsuit Claims Change Healthcare Outage Is Pushing Clinic, Others Into Bankruptcy
March 18th, 2024 — Source or Source or Source or Source or Source

Chinese Earth Krahang hackers breach 70 orgs in 23 countries
A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat (APT) group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries.
March 18th, 2024 — Source

Cisco Completes $28 Billion Acquisition of Splunk
The networking giant paid $157 per share in cash for Splunk, a powerhouse in data analysis, security and observability tools, in a deal first announced in September 2023.
March 18th, 2024 — Source

Cryptographic algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B information - ITSP.40.111
Cryptographic algorithms for UNCLASSIFIED, PROTECTED A, and PROTECTED B information is an UNCLASSIFIED publication issued by the Head, Canadian Centre for Cyber Security (Cyber Centre) and provides an update to and supersedes the previously published version. For more information, email, or phone:
March 18th, 2024 — Source

Don't be like these 900+ websites and expose millions of passwords via Firebase
Warning: Poorly configured Google Cloud databases spill billing info, plaintext credentials
March 18th, 2024 — Source

Fujitsu Data Breach Impacts Personal, Customer Information
Fujitsu says hackers infected internal systems with malware, stole personal and customer information.
March 18th, 2024 — Source

Fujitsu finds malware on company systems, investigates possible data breach
Fujitsu Limited, the largest Japanese IT services provider, has announced that several of the company's computers have been compromised with malware, leading to a possible data breach.
March 18th, 2024 — Source or Source

Fujitsu: Miscreants infected our systems with malware, may have stolen customer info
Sneaky software slips past shields, spurring scramble
March 18th, 2024 — Source

Fujitsu says it found malware on its corporate network, warns of possible data breach
Company apologizes for the presence of malware on company computers.
March 18th, 2024 — Source

Hacker Conversations: Stephanie 'Snow' Carruthers, Chief People Hacker at IBM X-Force Red
The desire to be a hacker is usually innate, and commonly emerges in early life. This did not happen with Snow: she was a married freelance special effects makeup artist when it all began.
March 18th, 2024 — Source

Health insurers split with US over relief after cyberattack
Health insurers and U.S. government officials are expected to meet next week to hash out differences over how to assist cash-strapped medical practices, as a cyberattack last month continues to hold up billions of dollars in payments.
March 18th, 2024 — Source

How the New NIST 2.0 Guidelines Help Detect SaaS Threats
The SaaS ecosystem has exploded in the six years since the National Institute of Standards and Technology's (NIST) cybersecurity framework 1.1 was released. Back in 2016-2017, when version 1.1 was initially drafted, SaaS held a small but significant place in the software market.
March 18th, 2024 — Source

IMF Emails Hacked
The International Monetary Fund (IMF) detects a cybersecurity incident that involved nearly a dozen email accounts getting hacked.
March 18th, 2024 — Source

IMF Investigating Cyber Incident Affecting Email Accounts
International Monetary Fund Provides Update After Detecting February Cyber Incident
March 18th, 2024 — Source or Source or Source

Infosec teams must be allowed to fail, argues Gartner
But failing to recover from incidents is unforgivable because 'adrenalin does not scale'
March 18th, 2024 — Source

Know Your Business Context Before Trying Microsegmentation
Hudl's CISO on Why Microsegmentation Isn't for Everyone on the Path to Zero Trust
March 18th, 2024 — Source

LockBit ransomware group member sentenced to four years for infecting over 1,000 systems
He must also pay a $635,000 fine
March 18th, 2024 — Source

Loft Labs simplifies multi-cluster Kubernetes management for Rancher users
Loft Labs announced vCluster for Rancher, enabling self-service virtual Kubernetes cluster creation and management for teams already using Rancher for Kubernetes management.
March 18th, 2024 — Source

Major Apex Legends Tournament Thrown Into Chaos By Hackers
Over the weekend, the hero shooter game Apex Legends, made by EA and Respawn Entertainment, held a tournament that was reportedly compromised by hackers. Multiple players' systems were breached, and game cheats such as X-ray vision and aimbots were installed.
March 18th, 2024 — Source

Microsoft announces collaboration with NVIDIA to accelerate healthcare and life sciences innovation with advanced cloud, AI and accelerated computing capabilities
Microsoft Corp. is expanding its collaboration with NVIDIA to bring the power of generative AI, the cloud and accelerated computing to healthcare and life sciences organizations. The collaboration will bring together the global scale, security and advanced computing capabilities of Microsoft Azure with NVIDIA DGX Cloud and the NVIDIA Clara suite of computing platforms, software and services to help healthcare and life sciences organizations accelerate innovation and improve patient care.
March 18th, 2024 — Source

Moldovan Operator of Credential Marketplace Sentenced to US Prison
Sandu Diaconu has been sentenced to 42 months in prison for operating a marketplace for compromised credentials.
March 18th, 2024 — Source

Nissan breach exposed data of 100,000 individuals
Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them.
March 18th, 2024 — Source

Pentagon Received Over 50,000 Vulnerability Reports Since 2016
Since 2016, the US DoD has received over 50,000 submissions through its vulnerability disclosure program.
March 18th, 2024 — Source

PoC Published for Critical Fortra Code Execution Vulnerability
A critical directory traversal vulnerability in Fortra FileCatalyst Workflow could lead to remote code execution.
March 18th, 2024 — Source

Ransomware Groups: Trust Us. Uh, Don't.
Review of Attacks Finds Inconsistent Data Leaks and Victim Naming, Broken Promises
March 18th, 2024 — Source or Source or Source or Source or Source

Ransomware Hackers May Be Exploiting Aiohttp Library Bug
The Python Library Flaw Allows Directory Traversal Attacks
March 18th, 2024 — Source or Source or Source or Source or Source

Security Bite: Here's what malware your Mac can remove
Ever wonder what malware can your Mac detect and remove without any third-party software? Recently, security researchers have correlated some bizarre macOS YARA rules used by the built-in XProtect suite with their public names. Here's what malware it looks for...
March 18th, 2024 — Source

Team develops blockchain-based method to protect and manage personal data on the internet
Entering a website and accepting cookies is a very common and oft-repeated gesture when navigating the Internet. But this small action, which is often done automatically and without thought, entails security risks: By consenting to cookies, you lose control over your sensitive information, as you cannot review the conditions you have just accepted.
March 18th, 2024 — Source

Tech giant Fujitsu says it was hacked, warns of data breach
Multinational technology giant Fujitsu confirmed a cyberattack in a statement Friday, and warned that hackers may have stolen personal data and customer information.
March 18th, 2024 — Source

TMChecker Tool Lowers Barrier for Malicious Hacking
Tool Is Available for $200 a Month on Hacking Forums
March 18th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — March 15th, 2024

43 Million Possibly Impacted by French Government Agency Data Breach
Recent data breach at unemployment agency France Travail (Pôle Emploi) could impact 43 million people.
March 15th, 2024 — Source

AI-Led Edge Computing Spends to Reach $350B Soon
Artificial intelligence is turning everything it touches into a golden investment opportunity. Edge computing - which is set to play a pivotal role in deploying AI, according to International Data Corp. - is in line to receive $350 billion worth of investments by 2027.
March 15th, 2024 — Source or Source or Source or Source or Source

As if working at Helldesk weren't bad enough, IT helpers now targeted by cybercrims
Wave of Okta attacks mark what researchers are calling the biggest security trend of the year
March 15th, 2024 — Source

Codezero Raises $3.5 Million for DevOps Security Solution
Secure enterprise microservices development firm Codezero raises $3.5 million in seed funding.
March 15th, 2024 — Source

Criminals take over family's Cricket account and drain their bank and investment apps
We've been trying to warn you about how real the threat of SIM Swapping is. By obtaining a SIM connected to your mobile account, a thief can use a burner phone, insert the SIM card, and take over your apps including financial apps. As a result, these criminals will drain your bank accounts, and max out your credit cards. It's scary, to be sure.
March 15th, 2024 — Source

Dark web election posts up almost 400 percent
The number of new posts on dark web forums about elections surged by 394 percent in 2023 compared to 2022, research released this week by cybersecurity firm NordVPN reveals. And in the first two months of 2024 alone, users have already published almost half as many posts.
March 15th, 2024 — Source

Discontinued Security Plugins Expose Many WordPress Sites to Takeover
Thousands of WordPress sites are at risk of takeover due to a critical privilege escalation vulnerability in two closed MiniOrange plugins.
March 15th, 2024 — Source

Experts Say Chinese Safes Pose Risks to US National Security
A senior U.S. senator is raising concerns that Beijing may be able to gain unauthorized access to commercial electronic safes made in China and used by the American public.
March 15th, 2024 — Source or Source or Source or Source

Google Chrome gets real-time phishing and malware protection with upgraded Safe Browsing feature
It will be available on all desktop and mobile platforms by the end of this month
March 15th, 2024 — Source

Illicit Credentials Marketplace Admin Gets 42-Month Sentence
A co-administrator of an illicit online marketplace received a 42-month prison sentence in U.S. federal court after pleading guilty to two criminal counts that could have put him in prison for 15 years.
March 15th, 2024 — Source or Source or Source or Source or Source

In Other News: CISA Hacked, Chinese Lock Backdoors, Exposed Secrets
Noteworthy stories that might have slipped under the radar: CISA hacked via Ivanti vulnerabilities, Chinese electronic lock backdoors, secrets exposed on GitHub.
March 15th, 2024 — Source

International Monetary Fund email accounts hacked in cyberattack
The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year.
March 15th, 2024 — Source

ISMG Editors: Inside the Politics of US Cybersecurity
In the latest weekly update, Grant Schneider of Venable LLP joined three Information Security Media Group editors to discuss the future of U.S. federal cybersecurity and privacy legislation, AI integration and recent CISA developments - all set against a backdrop of political complexities.
March 15th, 2024 — Source or Source or Source or Source or Source

McDonald's: Global outage was caused by "configuration change"
McDonald's has blamed a third-party service provider's configuration change, not a cyberattack, for the global outage that forced many of its fast-food restaurants to close.
March 15th, 2024 — Source

Microsoft is once again harassing Chrome users with malware-like Bing ads
Microsoft is back to its classic tactics of harassing users to make them switch from competing services. Multiple posts on Reddit and other social media report that the company is once pedaling malware-like popup banners asking Chrome users to set Bing as the default search engine in exchange for free access to GPT-4.
March 15th, 2024 — Source

Pentagon Appoints New Chief Artificial Intelligence Officer
The first-ever head of the Pentagon's Chief Digital and Artificial Intelligence Office is stepping down from his post in April after building the newly created division into a highly influential component of the department and its operations.
March 15th, 2024 — Source or Source or Source or Source

Pressure Mounts on Meta to Scrap 'Pay or OK' Model in EU
Facebook's attempt to navigate European privacy regulations by giving users a fee-based opt-out from behavioral advertising triggered backlash from more than a dozen European politicians who accused the social media giant of treating human rights as a commodity.
March 15th, 2024 — Source or Source or Source or Source or Source

Protecting Medical Devices Against Future Cyberthreats
Healthcare organizations and makers of medical devices need to think about how to safeguard their critical medical gear against future cyberthreats, including the looming dangers posed by quantum computing, said Mike Nelson, global vice president of digital trust at security firm DigiCert.
March 15th, 2024 — Source or Source or Source or Source or Source

QNAP Systems Patches Critical Vulnerability
QNAP Systems on Saturday released a patch for a critical bug that allows unauthorized access to devices without authentication.
March 15th, 2024 — Source or Source or Source or Source or Source

Ransomware Groups' Data Leak Blogs Lie: Stop Trusting Them
Ransomware gangs are not reliable sources of information. Groups that run data leak blogs - and not all do - use them to pressure new and future victims into paying for the promise of either a decryptor or a pledge to delete stolen data.
March 15th, 2024 — Source or Source or Source or Source or Source

Sophos: Cyber Security Professional Burnout Is Widespread, Creating Risk for APAC Organisations
Burnout and fatigue among cyber professionals are leading to flow-on consequences like more data breaches, employee apathy to cyber duties and turnover of cyber workforces during a skills crisis.
March 15th, 2024 — Source

The SAFE Act to Reauthorize Section 702 is Two Steps Forward, One Step Back
Section 702 of the Foreign Intelligence Surveillance Act (FISA) is one of the most insidious and secretive mass surveillance authorities still in operation today. The Security and Freedom Enhancement (SAFE) Act would make some much-needed and long fought-for reforms, but it also does not go nearly far enough to rein in a surveillance law that the federal government has abused time and time again.
March 15th, 2024 — Source

Threat Detection Report: Cloud Attacks Soar, Mac Threats and Malvertising Escalate
Red Canary's 2024 Threat Detection Report is based on analysis of almost 60,000 threats across 216 petabytes of telemetry from over 1,000 customers' endpoints.
March 15th, 2024 — Source

Transforming a Cyber Program in the Aftermath of an Attack
In the aftermath of a ransomware attack several years ago, Hackensack Meridian Health embarked on transforming its cybersecurity program with the support of top leadership and increased funding and staff and by implementing critical security tools and best practices, said CISO Mark Johnson.
March 15th, 2024 — Source or Source or Source or Source or Source

Why Are There Fewer Women Than Men in Cybersecurity?
The underrepresentation of women in cybersecurity is a complex issue that reflects broader societal, educational and workplace factors. Despite the critical importance of cybersecurity in safeguarding our digital world, women are significantly underrepresented in this field. This disparity not only highlights industry-wide issues of equality and diversity, but it also underscores a missed opportunity for cybersecurity teams to benefit from a wider range of perspectives and skills.
March 15th, 2024 — Source or Source or Source or Source or Source

Why Wiz Wants to Buy Cloud Startup Gem Security for $350M
Cloud security phenom Wiz's reported that it is pursuing an additional $800 million in funding just a year after raising $300 million in capital - a move that surprised industry observers.
March 15th, 2024 — Source or Source or Source or Source or Source

You May Need Your COLA Letter This Year. Where to Find It
If you accidentally tossed your cost-of-living adjustment letter from the Social Security Administration, we can help.
March 15th, 2024 — Source

Zscaler Expands AI Security Capabilities by Acquiring Avalor
Zscaler bought a data security startup led by a longtime Salesforce executive to help customers stay ahead of threats by beefing up data quality and AI models.
March 15th, 2024 — Source or Source or Source

Internet — Security Issues — March 14th, 2024

Amid paralyzing ransomware attack, feds probe UnitedHealth's HIPAA compliance
UnitedHealth said it will cooperate with the probe as it works to restore services.
March 14th, 2024 — Source

As Attackers Refine Tactics, 'Speed Matters,' Experts Warn
Advanced attackers increasingly feel the need for speed, sometimes requiring "only a couple of hours between compromise and exfiltration" of data.
March 14th, 2024 — Source or Source or Source

Ballistic Ventures Closes $360 Million Cybersecurity-Focused Fund
Venture capital firm Ballistic Ventures closed an oversubscribed $360 million fund that will be used to fund cybersecurity companies.
March 14th, 2024 — Source

Bill That Could Ban TikTok Passed in the House. Here's What to Know
The House passed legislation that would ban TikTok if its China-based owner ByteDance doesn't sell its stakes in the popular social media platform within six months of the bill's enactment.
March 14th, 2024 — Source

Boat Dealer MarineMax Hit by Cyberattack
MarineMax, one of the world's largest retailers of recreational boats and yachts, discloses a cyberattack.
March 14th, 2024 — Source

BotGuard Raises $13 Million to Protect Against Harmful Web Traffic
BotGuard OU raises $13 million in Series A funding to help hosting providers filter traffic and protect infrastructures.
March 14th, 2024 — Source

Breach Roundup: US FCC Authorizes IoT Cybersecurity Label
Every week, Information Security Media Group rounds up cybersecurity incidents and breaches around the world. This week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.
March 14th, 2024 — Source or Source or Source or Source or Source

Cado Security enables organizations to investigate and respond to potential M365 threats
Cado Security announced that the Cado platform now enables customers to acquire Microsoft 365 Unified Audit Log (UAL) to help investigate and respond to Microsoft 365 compromises such as business email compromise (BEC), account takeover (ATO), and insider threats.
March 14th, 2024 — Source

Chrome's Standard Safe Browsing Now Has Real-Time URL Protection
Chrome's standard Safe Browsing protections now provide real-time malicious site detection and Password Checkup on iOS now flags weak passwords.
March 14th, 2024 — Source

Cisco Patches High-Severity IOS RX Vulnerabilities
Cisco releases patches for high-severity denial-of-service and elevation of privilege vulnerabilities in IOS RX software.
March 14th, 2024 — Source

Cloud Network Security with Agility and Scale on a Platform
Agility, scale and consumption - these are three business benefits brought to cloud network security by Palo Alto Networks Software Firewalls. Tiffany Henry and Katherine Rigdon of Palo Alto Networks showcase these features and the value of finding them all on a single platform.
March 14th, 2024 — Source or Source or Source or Source or Source

Concentric AI introduces Copilot data risk module
Concentric AI announced its new Copilot data risk module that delivers data security governance of Copilot data inputs and outputs to ensure that sensitive data -- from financial information to IP to business data -- remains protected within the organization.
March 14th, 2024 — Source

Critical FortiClient EMS vulnerability fixed, (fake?) PoC for sale (CVE-2023-48788)
A recently fixed SQL injection vulnerability (CVE-2023-48788) in Fortinet's FortiClient Endpoint Management Server (EMS) solution has apparently piqued the interest of many: Horizon3's Attack Team means to publish technical details and a proof-of-concept exploit for it next week, and someone is attempting to sell a PoC for less than $300 via GitHub.
March 14th, 2024 — Source

Cryptohack Roundup: Crypto Losses Mount as Phishing Rages
Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, amounts for crypto and phishing losses were released, the Bitcoin Fog operator was convicted, the EU approved rules to strengthen sanctions, the federal government sought to recover losses linked to pig butchering, and the Philippines blocked unlicensed crypto websites.
March 14th, 2024 — Source or Source or Source or Source

Cyber Madness Bracket Challenge -- Register to Play
SecurityWeek's Cyber Madness Bracket Challenge is a contest designed to bring the community together in a fun, competitive way through one of America's top sporting events.
March 14th, 2024 — Source

Elevate Your Security Posture: Grafana for Real-Time Security Analytics and Alerts
This article provides a detailed walkthrough on setting up Grafana for real-time security monitoring, crafting insightful dashboards, and configuring effective alerts.
March 14th, 2024 — Source

Feds Launch Investigation Into Change Healthcare Attack
UnitedHealth Group has yet to publicly confirm whether the cyberattack on its Change Healthcare IT services unit has resulted in a data breach. That's not stopping federal regulators from launching a full-fledged investigation into a massive compromise of protected health information potentially affecting millions of individuals.
March 14th, 2024 — Source or Source or Source or Source or Source

Four Common CI/CD Pipeline Vulnerabilities
The continuous integration/continuous delivery (CI/CD) pipeline can contain numerous vulnerabilities for hackers to exploit. Here's how to address them.
March 14th, 2024 — Source

French unemployment agency data breach impacts 43 million people
France Travail is the French governmental agency responsible for registering unemployed individuals, providing financial aid, and assisting them in finding jobs.
March 14th, 2024 — Source

Government Launches Probe Into Change Healthcare Data Breach
The HHS is investigating whether protected health information was compromised in the Change Healthcare data breach.
March 14th, 2024 — Source

Hackers Hiding Keylogger, RAT Malware in SVG Image Files
Threat actors are hiding malware in SVG image files to evade detection and deliver ransomware, download a banking Trojan and distribute malware.
March 14th, 2024 — Source or Source or Source or Source

Halo Security Dark Web Monitoring identifies and mitigates potential exposures
Halo Security intoduced its new Dark Web Monitoring feature. This addition further enhances the company's external security platform, allowing security teams to gain insights into potential threats originating from the dark web.
March 14th, 2024 — Source

HHS opens investigation into UnitedHealth cyberattack
Following a cyberattack on one of the nation's largest health insurers that's thrown health care payments into disarray and likely exposed reams of private patient data, the U.S. Department of Health and Human Services said Wednesday it has begun an investigation into the incident.
March 14th, 2024 — Source

Immutability: A boost to your security backup
As the volume of data continues to increase and the threat landscape continues to evolve, it is increasingly important for organizations to protect backup data from unwanted deletion. Threats today can take the form of a malicious insider deleting backup data or a targeted cyberattack on the backups themselves.
March 14th, 2024 — Source

LockBit ransomware kingpin gets 4 years behind bars
Canadian-Russian said to have turned to a life of cybercrime during pandemic, now must pay the price -- literally
March 14th, 2024 — Source

Maybe It's a Health Care Election After All
Julie Rovner is chief Washington correspondent and host of KFF Health News' weekly health policy news podcast, "What the Health?" A noted expert on health policy issues, Julie is the author of the critically praised reference book "Health Care Politics and Policy A to Z," now in its third edition.
March 14th, 2024 — Source

Microsoft's AI-Powered Copilot for Security Set for Worldwide Release
Microsoft announces that its Copilot for Security generative AI security solution will become generally available on April 1.
March 14th, 2024 — Source

Nissan confirms ransomware attack exposed data of 100,000 people
Nissan Oceania is warning of a data breach impacting 100,000 people after suffering a cyberattack in December 2023 that was claimed by the Akira ransomware operation.
March 14th, 2024 — Source

Nissan Data Breach Affects 100,000 Individuals
Nissan is notifying roughly 100,000 individuals of a data breach resulting from a ransomware attack conducted by the Akira cybercrime group.
March 14th, 2024 — Source

Perception Point GPThreat Hunter allows cybersecurity experts to focus on in-depth investigations
Perception Point launched its latest innovation, GPThreat Hunter, an addition to the company's comprehensive security stack.
March 14th, 2024 — Source

Planning for Healthcare IT Resiliency on a Regional Basis
It's critical for hospitals and other firms to not only prepare for how they will respond to a cyberattack, but also consider the regional impact if a neighboring provider of services needed in the community is disrupted by a serious cyber incident, said Margie Zuk of Mitre.
March 14th, 2024 — Source or Source or Source or Source or Source

PoC for critical Arcserve UDP vulnerabilities published (CVE-2024-0799, CVE-2024-0800)
Arcserve has fixed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution that can be chained to upload malicious files to the underlying Windows system.
March 14th, 2024 — Source

QuProtect Core Security secures Cisco routers against quantum threats
QuSecure unveiled QuProtect Core Security, a product designed to fortify existing Cisco router-to-router communications against emerging quantum threats.
March 14th, 2024 — Source

Shadow AI -- Should I be Worried?
Overzealous policies and blanket bans on AI tools risk forcing users underground to use unknown tools with unknown consequences.
March 14th, 2024 — Source

Some QNAP NAS devices affected by a critical vulnerability, updates available right now
The company is once again scrambling to improve security of its network OSes
March 14th, 2024 — Source

StopCrypt: Most widely distributed ransomware evolves to evade detection
A new variant of StopCrypt ransomware (aka STOP) was spotted in the wild, employing a multi-stage execution process that involves shellcodes to evade security tools.
March 14th, 2024 — Source

Study exposes failings of measures to prevent illegal content generation by text-to-image AI models
Researchers at NYU Tandon School of Engineering have revealed critical shortcomings in recently-proposed methods aimed at making powerful text-to-image generative AI systems safer for public use.
March 14th, 2024 — Source

UK Council's Vision: Set High Standards in Cybersecurity
Six years after it was founded, the government-backed U.K. Cyber Security Council is taking a multipronged approach to building professionalism in the industry. Board Chair Claudia Natanson discussed the council's journey, its role in shaping industry standards and efforts to foster diversity and narrow the skills gap.
March 14th, 2024 — Source or Source or Source or Source or Source

US to probe Change Healthcare's data protection standards as lawsuits mount
Services slowly coming back online but providers still struggling
March 14th, 2024 — Source

Why HHS' Cybersecurity Goals Aren't Necessarily Voluntary
Healthcare sector entities need to focus their attention on meeting the "voluntary" essential and enhanced cybersecurity performance goals set out by federal regulators before those recommendations become regulatory mandates, said Kate Pierce, virtual information security officer at Fortified Heath Security.
March 14th, 2024 — Source or Source or Source or Source or Source

Zscaler Acquires Avalor for $350 Million
Zscaler acquires Avalor, a risk management platform powered by Data Fabric for Security, for $350 million.
March 14th, 2024 — Source

Zscaler buys Avalor to bring more AI into its security tools
Zscaler, a cloud security company with headquarters in San Jose, California, has acquired cybersecurity startup Avalor 26 months after its founding, reportedly for $310 million in cash and equity.
March 14th, 2024 — Source or Source or Source

Internet — Security Issues — March 11th, 2024

British Library pushes the cloud button, says legacy IT estate cause of hefty rebuild
Five months in and the mammoth post-ransomware recovery has barely begun
March 11th, 2024 — Source

Broadcom Merges Symantec and Carbon Black Into New Business Unit
Fresh off its $69 billion acquisition of VMware, Broadcom creates an Enterprise Security Group unit that merges Symantec and Carbon Black.
March 11th, 2024 — Source

Critical Considerations for AI Developments in Healthcare
Artificial intelligence has enormous potential for transforming and reimagining all aspects of healthcare but mitigating the risks requires a collaborative, comprehensive approach that prioritizes data security, regulatory compliance and ethical considerations, said Sunil Dadlani, CIO and CISO at Atlantic Health System.
March 11th, 2024 — Source or Source or Source or Source or Source

Cynerio extends Healthcare Cybersecurity Platform to improve patient data protections
As data breaches continue to expose sensitive healthcare information, with over 118 million patients impacted in the United States in 2023, Cynerio has extended its commitment to enhancing cybersecurity in the healthcare sector.
March 11th, 2024 — Source

Equilend warns employees their data was stolen by ransomware gang
New York-based securities lending platform EquiLend Holdings confirmed in data breach notification letters sent to employees that their data was stolen in a January ransomware attack.
March 11th, 2024 — Source

EU's use of Microsoft 365 found to breach data protection rules
A lengthy investigation into the European Union's use of Microsoft 365 has found the Commission breached the bloc's data protection rules through its use of the cloud-based productivity software.
March 11th, 2024 — Source

If your Business Needs Cybersecurity, you Should Become the Expert
Cybercrime is more rampant than ever these days, and it's not just big companies that need to worry about it. Individuals and small businesses owe it to themselves to invest in cybersecurity, too.
March 11th, 2024 — Source

Italian Data Regulator Launches Probe Into OpenAI's Sora
The Italian data protection regulator opened a privacy inquiry to Sora, OpenAI's newly announced text-to-video artificial intelligence model.
March 11th, 2024 — Source or Source or Source or Source or Source

Kremlin accuses America of plotting cyberattack on Russian voting systems
Don't worry, we have a strong suspicion Putin's still gonna win
March 11th, 2024 — Source

Microsoft: Russian hackers accessed internal systems, code repositories
Midnight Blizzard (aka APT29), a group of Russian hackers tied to the country's Foreign Intelligence Service (SVR), has leveraged information stolen from Microsoft corporate email systems to burrow into the company's source code repositories and internal systems.
March 11th, 2024 — Source

Okta says data leaked on hacking forum not from its systems
Okta denies that its company data was leaked after a threat actor shared files allegedly stolen during an October 2023 cyberattack on a hacker forum.
March 11th, 2024 — Source

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks
150,000 systems possibly impacted by the recent Fortinet vulnerability ​​CVE-2024-21762, but there is still no evidence of widespread exploitation.
March 11th, 2024 — Source

Recent TeamCity Vulnerability Exploited in Ransomware Attacks
Servers impacted by recently patched TeamCity vulnerability CVE-2024-27198 targeted in ransomware attacks and abused for DDoS.
March 11th, 2024 — Source

Researchers expose Microsoft SCCM misconfigs usable in cyberattacks
Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller.
March 11th, 2024 — Source

SecurityWeek Cyber Insights 2024 Series
SecurityWeek talks to hundreds of industry experts from dozens of companies covering seven primary topics.
March 11th, 2024 — Source

Software Reliability Firm Steadybit Raises $6 Million
Steadybit was founded in 2019 and has now raised a total of $13.8 million in funding.
March 11th, 2024 — Source

The best security keys you can buy: Expert tested
We tested the best security keys that can help keep your online accounts safe from hackers and phishing attacks.
March 11th, 2024 — Source

UK Conservatives Say 'No' to Cyber Insurance Backstop
The Conservative government of British Prime Minister Rishi Sunak says it won't champion a reinsurance plan for cyber insurance similar to flood insurance, telling a parliamentary committee that it believes government action would "damage competition."
March 11th, 2024 — Source or Source or Source or Source or Source

Ultimate Member Plugin Flaw Exposes 100,000 WordPress Sites to Attacks
A high-severity XSS vulnerability in the Ultimate Member plugin allows attackers to inject scripts into WordPress sites.
March 11th, 2024 — Source

Why Wiz Is Pursuing Its 2nd Massive Funding Round in 2 Years
Just a year after becoming the world's most valuable venture-backed cybersecurity company, Wiz is back at it again.
March 11th, 2024 — Source

Internet — Security Issues — March 8th, 2024

Banning Ransom Payments: Calls Grow to 'Figure Out' Approach
How might banning ransomware victims from paying a ransom to their attacker work in practice?
March 8th, 2024 — Source or Source or Source or Source or Source

Change Healthcare registers pulse after crippling ransomware attack
Remaining services are expected to return in the coming weeks after $22M ALPHV ransom
March 8th, 2024 — Source

Chinese Cyberspies Target Tibetans via Watering Hole, Supply Chain Attacks
Chinese APT Evasive Panda compromises a software developer's supply chain to target Tibetans with malicious downloaders.
March 8th, 2024 — Source

CISA Outlines Efforts to Secure Open Source Software
Concluding a two-day OSS security summit, CISA details key actions to help improve open source security.
March 8th, 2024 — Source

Cisco patches Secure Client VPN flaw that could reveal authentication tokens (CVE-2024-20337)
Cisco has fixed two high-severity vulnerabilities affecting its Cisco Secure Client enterprise VPN and endpoint security solution, one of which (CVE-2024-20337) could be exploited by unauthenticated, remote attackers to grab users' valid SAML authentication token.
March 8th, 2024 — Source

Cybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holes
Plus: CISA pulls plug on couple of systems feared compromised
March 8th, 2024 — Source

Defense Unicorns Raises $35 Million for National Security Software Solutions
Sapphire Ventures and Ansa Capital have invested $35 million in national security systems software startup Defense Unicorns.
March 8th, 2024 — Source

Identiv releases bitse.io 3.0, simplifying the deployment of IoT applications
Identiv launched bitse.io 3.0, the latest iteration of its global IoT connecting cloud platform. The updated platform offers advanced features designed to transform applications in supply chain management, brand protection, and customer engagement.
March 8th, 2024 — Source

In SOTU, Biden Calls for Ban on AI Voice Impersonations
US President Urges Congress to Harness AI While Protecting 'From Its Peril'
March 8th, 2024 — Source or Source or Source or Source or Source or Source

Is there a better way of protecting your digital life? [Q&A]
The nature of the modern world means that we all have lots of different accounts to manage various services.
March 8th, 2024 — Source

ISMG Editors: Our Pledge to You in a New Era of Journalism
In the latest weekly update, Information Security Media Group editors discussed the cyberattack at Change Healthcare that's sending shock waves through the U.S. healthcare sector, Palo Alto's strategic pivot and its far-reaching implications for the industry, and new developments in tech and journalism at ISMG.
March 8th, 2024 — Source or Source or Source or Source or Source

Microsoft falls victim to yet another deceitful exploit by cybercriminals in less than 2 months
Russian hackers gain access to Microsoft's source code and internal systems.
March 8th, 2024 — Source

Russian state-sponsored hackers compromised Microsoft source code repositories
The previously disclosed attack is worse than initially thought - and it's ongoing
March 8th, 2024 — Source

Microsoft says Kremlin-backed hackers accessed its source and internal systems
Midnight Blizzard is now using stolen secrets in follow-on attacks against customers.
March 8th, 2024 — Source

Microsoft Says Russian Gov Hackers Stole Source Code After Spying on Executive Emails
Microsoft says the Midnight Blizzard APT group may still be poking around its internal network after stealing source code, spying on emails.
March 8th, 2024 — Source

Microsoft says Russian hackers breached its systems, accessed source code
Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.
March 8th, 2024 — Source

Microsoft says Russian hackers stole source code after spying on its executives
Microsoft's nation-state security incident continues to be a headache for the company.
March 8th, 2024 — Source

NIST Cybersecurity Framework: A Cheat Sheet for Professionals
The US National Institute of Standards and Technology's framework defines federal policy, but it can be used by private enterprises, too. Here's what you need to know.
March 8th, 2024 — Source

Password-cracking botnet has taken over WordPress sites to attack using the visitor's browser
Researcher Denis Sinegubko concludes that 41,800 passwords are being attempted per-site.
March 8th, 2024 — Source

Quantum Attack Protection Added to HP Business PCs
An upgraded ESC security chip makes the firmware of several HP business PCs resilient to quantum computer attacks.
March 8th, 2024 — Source

Reach Security Raises $20M to Help Manage Cybersecurity Products
California startup banks $20 million Series A financing for technology to help businesses manage the maze of security tools and products.
March 8th, 2024 — Source

Russian spies keep hacking into Microsoft in 'ongoing attack,' company says
On Friday, Microsoft said Russian government hackers continue to break into its systems using information obtained during a hack last year. This time, the Russian hackers dubbed Midnight Blizzard have targeted Microsoft's source code and other internal systems, the company said.
March 8th, 2024 — Source

Russian State Hackers Penetrated Microsoft Code Repositories
A Russian state hack against Microsoft was more serious than initially supposed, Microsoft acknowledged in a Friday disclosure to federal regulators.
March 8th, 2024 — Source or Source or Source or Source or Source

Russian state-sponsored hackers keep trying to infiltrate Microsoft
They've targeted the company's source code and other internal systems.
March 8th, 2024 — Source

Some Change Healthcare IT Services Will Be Back by Mid-March
UnitedHealth Group expects certain key IT systems and services affected by the Feb. 21 cyberattack on its Change Healthcare unit to begin regaining functionality over the next week to 10 days. As of now, pharmacy services, such as electronic prescribing with claims submission and payment transmissions, have been restored.
March 8th, 2024 — Source or Source or Source

Spyware makers express concern after US sanctions spyware veteran
In announcing the sanctions, U.S. Treasury officials accused Dilian and Hamou of developing and selling spyware that was then used to target Americans, including U.S. government employees, as well as policy experts and journalists — actions that enabled human rights violations around the world.
March 8th, 2024 — Source

State AGs Send Letter to Meta Asking It to Take 'Immediate Action' on User Account Takeovers
A group of 40 state attorneys general have sent a letter to Meta expressing concern over Facebook and Instagram account takeovers.
March 8th, 2024 — Source

Swiss cheese security? Play ransomware gang milks government of 65,000 files
Classified docs, readable passwords, and thousands of personal information nabbed in Xplain breach
March 8th, 2024 — Source

UK Lawmakers Reject Privacy Limits for Bulk Data Collection
A last-ditch attempt by British lawmakers to amend a bill expanding electronic communication interception by the U.K. intelligence agencies failed despite concerns over pervasive surveillance.
March 8th, 2024 — Source or Source or Source or Source or Source

Unpatched Sceiner Smart Lock Vulnerabilities Allow Hackers to Open Doors
Multiple vulnerabilities in Sceiner firmware allow attackers to compromise smart locks and open doors.
March 8th, 2024 — Source

White House Advisory Team Backs Cybersecurity Tax Incentives
The federal government should extend tax incentives to critical infrastructure owners and operators as part of an effort to drive enhanced cybersecurity, a White House advisory board recommended Thursday.
March 8th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — March 6th, 2024

Apple Fixes iOS Kernel Zero-Days Being Exploited in the Wild
Apple pushed out an emergency security update for two critical zero-day flaws that attackers are using to carry out memory corruption attacks on iPhone and iPad devices.
March 6th, 2024 — Source or Source or Source

Apple fixes two actively exploited iOS zero-days (CVE-2024-23225, CVE-2024-23296)
Apple has fixed two iOS zero-day vulnerabilities (CVE-2024-23225, CVE-2024-23296) exploited by attackers in the wild.
March 6th, 2024 — Source

BlackCat Ransomware Gang Suspected of Pulling Exit Scam
The BlackCat ransomware gang announces shutdown as an affiliate accuses theft of $22 million ransom payment.
March 6th, 2024 — Source

Canada's anti-money laundering agency offline after cyberattack
The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) has announced that a "cyber incident" forced it to take its corporate systems offline as a precaution.
March 6th, 2024 — Source

Capita says 2023 cyberattack costs a factor as it reports staggering £100M+ loss
Additional cuts announced, sparking fears of further layoffs
March 6th, 2024 — Source

Cisco Releases Open Source Backplane Traffic Visibility Tool for OT
Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT.
March 6th, 2024 — Source or Source or Source or Source

Cloud Security Firm Sweet Security Raises $33 Million, 6 Months After Emerging From Stealth
Sweet Security announces a $33 million Series A funding round just six months after emerging from stealth with an initial $12 million seed funding.
March 6th, 2024 — Source

Cloudflare Boosts Cloud Connectivity with Nefeli Acquisition
Cloudflare purchased a multi-cloud networking startup founded by a former Cisco executive to enable better network and security management within the cloud.
March 6th, 2024 — Source or Source or Source or Source or Source or Source

Cloudflare Magic Cloud Networking simplifies security and management of public clouds
Cloudflare introduced Magic Cloud Networking, a simple, secure and scalable way for businesses to connect and secure their public cloud environments.
March 6th, 2024 — Source

Cyber Insights 2024: OT, ICS and IIoT
In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that cannot be ignored by nation states.
March 6th, 2024 — Source

Deepwatch increases flexibility with its open security data architecture
Deepwatch introduced its open security data architecture, which provides customers with their choice of cloud and local data sources, including support for a broad range of Security Information and Event Management (SIEM) solutions as well as data lake, XDR, and MDR solutions.
March 6th, 2024 — Source

DPRK Hackers Breach South Korean Chipmakers, Steal Designs
South Korean intelligence has alluded to North Korean cyber actors conducting a series of attacks targeting the country's leading semiconductor manufacturing companies. Suspected nation-state actors accessed sensitive product designs and photos of production facilities - information that could help the regime modernize its chip-making capabilities for military applications.
March 6th, 2024 — Source or Source or Source or Source or Source

Duvel says it has "more than enough" beer after ransomware attack
Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company's bottling facilities.
March 6th, 2024 — Source

EU looks to AI to battle cyber threats
The European Union is poised to use artificial intelligence and other tools to create a "cyber shield" protecting critical infrastructure and sectors from threats, officials said Wednesday.
March 6th, 2024 — Source

Europe Vows to Unify the Fight Against Cyberthreats
The European Parliament and the council of direct European national governments reached a political agreement Tuesday on a proposal that seeks to improve the trading bloc's ability to mitigate cyberthreats.
March 6th, 2024 — Source or Source or Source or Source or Source

False Positives: The Unwanted Side of Antivirus Protection
Have you ever been annoyed by your antivirus software telling you that a perfectly harmless file is infected with malware? That's what we call a false positive, and it can be a real pain in the ASCII. False Positives are not only annoying but can be downright destructive - Personally, while testing a known AV product once - it detected my NTUser.dat as a virus rendering the system unbootable.
March 6th, 2024 — Source

FBI: Critical infrastructure suffers spike in ransomware attacks
Jump in overall cybercrime reports, $60M-plus reportedly lost to extortionists alone, Feds reckon
March 6th, 2024 — Source

Fraud Alert versus Credit Freeze: Which One Should You Use?
Make it more difficult for hackers to open accounts in your name by setting up a fraud alert or freezing your credit.
March 6th, 2024 — Source

Fresh $100 Million Claroty Funding Brings Total to $735 Million
XIoT cybersecurity company Claroty has raised another $100 million at a reported valuation of $2.5 billion.
March 6th, 2024 — Source

George Kurtz: There's a Difference Between Price, Total Cost
CEO George Kurtz said Palo Alto Networks' strategy of offering free products won't neutralize CrowdStrike's advantage around total cost of ownership, thanks to superior architecture.
March 6th, 2024 — Source or Source or Source or Source or Source

Governments not keen on pushing citizen-facing AI services, for obvious reasons
As soon as public sector implements GenAI, someone will do their best to break it... or even flirt with it
March 6th, 2024 — Source

Hacked WordPress sites use visitors' browsers to hack other sites
Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors' browsers to bruteforce passwords for other sites.
March 6th, 2024 — Source

Hackers impersonate U.S. government agencies in BEC attacks
A gang of hackers specialized in business email compromise (BEC) attacks and tracked as TA4903 has been impersonating various U.S. government entities to lure targets into opening malicious files carrying links to fake bidding processes.
March 6th, 2024 — Source

Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts.
March 6th, 2024 — Source

HHS Aiding Organizations Hit by Change Healthcare Cyberattack
US government lays out actions to assist healthcare providers following the highly disruptive Change Healthcare cyberattack.
March 6th, 2024 — Source

Lookout introduces SSE solution for mid-market enterprises
Lookout announced an edition of the Lookout Cloud Security Platform, the Company's Security Service Edge (SSE) solution, that specifically addresses the unique challenges and demands faced by mid-sized enterprises.
March 6th, 2024 — Source

Metomic provides data security tool for organizations that rely on Slack
Metomic announced Metomic for Slack Enterprise. By partnering with Slack, Metomic gives security teams full visibility and control of sensitive data sent across an organization's entire Slack workspace.
March 6th, 2024 — Source

Pathlock CAC helps SAP customers comply with regulations
Pathlock intorduced its SAP application and data security product suite, Cybersecurity Application Controls (CAC).
March 6th, 2024 — Source

Pentera Cloud empowers security teams to reduce exposure to cloud-native attacks
Pentera launched Pentera Cloud as part of its automated security validation platform to complement its renowned Pentera Core and Surface products.
March 6th, 2024 — Source

Privacy First and Competition
"Privacy First" is a simple, powerful idea: seeing as so many of today's technological problems are also privacy problems, why don't we fix privacy first?
March 6th, 2024 — Source

Ransomware group scams its partner out of a share of $22 million by faking an FBI takedown
Who said there is "honor among thieves?"
March 6th, 2024 — Source

Research exposes security, privacy and safety issues in female technology apps used to track fertility, monthly cycles
Experts at Royal Holloway, University of London, Newcastle University, University of London, and ETH Zurich have identified significant security, privacy, and safety issues surrounding FemTech, which can pose a potential threat to users.
March 6th, 2024 — Source

Sweet Security raises $33 million to identify and address cloud risks
Six months after coming out of stealth, Sweet Security is announcing a $33 million Series A funding round.
March 6th, 2024 — Source

What Are the Highest-Paying Cybersecurity Specialties?
In today's digital age, new career opportunities have emerged for digital protectors. Given the slope of success for the adversaries, these opportunities will continue to grow and pay more over time. They are not subject to the whims of the general economy or business budgetary trends and for those willing to dedicate their lives to safeguarding the digital corridors we all traverse, the rewards are both tangible and profound.
March 6th, 2024 — Source or Source or Source or Source or Source

Internet — Security Issues — March 4th, 2024

75+ Tech Checklists to Improve Efficiency
From malware response to cloud storage, every organization can benefit from a checklist to ensure effective and smooth operations.
March 4th, 2024 — Source

American Express credit cards exposed in third-party data breach
American Express is warning customers that credit cards were exposed in a third-party data breach after a merchant processor was hacked.
March 4th, 2024 — Source

Akamai App & API Protector enhancements detect and mitigate short DDoS attack bursts
Akamai announced significant additions to its flagship Akamai App & API Protector product, including advanced defenses against sophisticated application-layer distributed denial-of-service (DDoS) attacks.
March 4th, 2024 — Source

Are You as Competent as You Think You Are?
The Dunning-Kruger Effect and the Truth About How You Evaluate Your Career Skills
March 4th, 2024 — Source or Source or Source or Source or Source

Best Identity Theft Protection and Monitoring Services for 2024
If you suspect your identity may have been stolen, these identity theft protection services can help you.
March 4th, 2024 — Source

BlackCat ransomware turns off servers amid claim they stole $22 million ransom
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
March 4th, 2024 — Source

Change Healthcare attack latest: ALPHV bags $22M in Bitcoin amid affiliate drama
No honor among thieves?
March 4th, 2024 — Source

Cyber security tips for remote work - ITSAP.10.116
When you work in the office, you benefit from the security measures that your organization has in place to protect its networks, systems, devices, and information from cyber threats. Working remotely provides flexibility and convenience. However, remote work can weaken your organization's security efforts and put you at risk if you don't take precautions.
March 4th, 2024 — Source

Cyolo PRO simplifies remote privileged access in OT environments
Cyolo launched Cyolo PRO (Privileged Remote Operations), a hybrid secure remote access solution for Operational Technology (OT).
March 4th, 2024 — Source

Darktrace partners with Xage Security to detect threats deep inside IT and OT systems
Darktrace and Xage Security announced a new partnership to help businesses prevent cyberattacks and insider threats in critical environments.
March 4th, 2024 — Source

Experts Warn of Risks in Memory-Safe Programming Overhauls
They Say Rewriting Software Could Overwhelm Firms and Introduce New Vulnerabilities
March 4th, 2024 — Source or Source or Source or Source or Source

Fake Ransomware Gang Admits It Made Up Epic Games Hack
Calls itself "professional fraudsters."
March 4th, 2024 — Source

FCC Employees Targeted in Sophisticated Phishing Attacks
Advanced phishing kit employs novel tactics in attack targeting cryptocurrency platforms and FCC employees.
March 4th, 2024 — Source

Flipper Zero Co-Founder Talks Lax Security And Amateur Hacking, Teases New Devices
The Flipper Zero, known for its use in widespread shenaniganry, is quite the little hacking device in all actuality. This pint-size hacking device is great for cloning hotel keys, opening garages (or Tesla charging ports), adjusting TVs you lost the remote for, and other hacker-type things, especially on penetration tests, which have recently caught the eye of the Canadian government.
March 4th, 2024 — Source

German Authorities Take Down 'Crimemarket' Cybercrime Website
With over 180,000 users, Crimemarket was a trading hub for narcotics, cybercrime tools, and crimeware guides.
March 4th, 2024 — Source

GitHub push protection now on by default for public repositories
GitHub push protection -- a security feature aimed at preventing secrets such as API keys or tokens getting accidentally leaked online -- is being switched on by default for all public repositories.
March 4th, 2024 — Source

Hackers steal Windows NTLM authentication hashes in phishing attacks
The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks.
March 4th, 2024 — Source

Hikvision Patches High-Severity Vulnerability in Security Management System
A high-severity vulnerability in HikCentral Professional could lead to unauthorized access to certain URLs.
March 4th, 2024 — Source

How to see who viewed your LinkedIn profile
It takes just a few steps.
March 4th, 2024 — Source

How to stay anonymous on LinkedIn
Yes, people can see if you've viewed their profile on LinkedIn — and you can change that.
March 4th, 2024 — Source

How Traffic, State, and Organizational Data Help Fortify Your Network
Traffic data is the lifeblood of network security, representing the raw, unfiltered truth of what is happening on the network.
March 4th, 2024 — Source

Identiv ScrambleFactor provides privacy and security in restricted access environments
Identiv introduces ScrambleFactor, an addition to its high-security physical access control system (PACS) portfolio.
March 4th, 2024 — Source

Microsoft: Look to Supply Chains, Zero Trust for AI Security
Tech Giant Shares Major Threats, Potential Safeguards for Firms Using AI
March 4th, 2024 — Source or Source or Source or Source or Source or Source

Mobile-Driven Phishing Spoofs FCC, Cryptocurrency Giants
Researchers Say Hackers Used Fake Login Pages to Trick 100 Victims, Crypto Workers
March 4th, 2024 — Source or Source or Source or Source or Source

More than 100,000 GitHub repositories found spreading malicious packages
An effective way to compromise the software supply chain with developers' help
March 4th, 2024 — Source

North Korea hacks two South Korean chip firms to steal engineering data
The National Intelligence Service (NIS) in South Korea warns that North Korean hackers target domestic semiconductor manufacturers in cyber espionage attacks.
March 4th, 2024 — Source

Optum Offering Financial Aid to Some Providers Hit by Outage
But Hospital Lobby Group Contends Funding Is 'Onerous' and 'Exceedingly' Limited
March 4th, 2024 — Source or Source or Source or Source or Source

Pentagon Leaker Jack Teixeira Pleads Guilty Under a Deal That Calls for at Least 11 Years in Prison
The 22-year-old Air National Guard member admitted illegally collecting some of the nation's most sensitive secrets and sharing them with other users on Discord.
March 4th, 2024 — Source

Ransomware ban backers insist thugs must be cut off from payday
Increasingly clear number of permanent solutions is narrowing
March 4th, 2024 — Source

Ransomware Ring Hits Pharmaceutical Industry, Limiting Drug Access for Millions of Americans
ALPHV, a Russian-speaking ransomware gang, is thought to have disabled a network responsible for directing insurance claims to pharmacies.
March 4th, 2024 — Source

Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers
Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware.
March 4th, 2024 — Source

Scientists put forth a smarter way to protect a smarter grid
There's a down side to "smart" devices: They can be hacked.
March 4th, 2024 — Source

ScreenConnect flaws exploited to drop new ToddlerShark malware
The North Korean APT hacking group Kimsuky is exploiting ScreenConnect flaws, particularly CVE-2024-1708 and CVE-2024-1709, to infect targets with a new malware variant dubbed ToddlerShark.
March 4th, 2024 — Source

Secure Your API With These 16 Practices With Apache APISIX (Part 2)
Last week, we listed 16 practices to help secure one's APIs and described how to implement them with Apache APISIX. This week, we will look at the remaining practices.
March 4th, 2024 — Source

Securing software repositories leads to better OSS security
Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day.
March 4th, 2024 — Source

Silobreaker enhances threat intelligence platform with MITRE ATT&CK TTP detection capabilities
Silobreaker announced an integration with MITRE ATT&CK Matrix for Enterprise, Industrial Control Systems (ICS) and Mobile, to help organizations better understand threats associated with malware, threat actors and industries.
March 4th, 2024 — Source

The growing trend in cyberattacks against the aviation industry [Q&A]
Towards the end of last year the American Airlines pilot union was hit with a ransomware attack. This is just one of a growing number of attacks targeting the aviation sector.
March 4th, 2024 — Source

White House Recommends Memory-Safe Programming Languages and Security-by-Design
A new report promotes preventing cyberattacks by using memory-safe languages and the development of software safety standards.
March 4th, 2024 — Source

Zyxel Networks introduces affordable WiFi 7 solution for SMBs
Zyxel Networks has released its NWA130BE -- BE11000 WiFi 7 Triple-Radio NebulaFlex Access Point (AP).
March 4th, 2024 — Source

Internet — Security Issues — March 3rd, 2024

Georgia's Largest County Is Still Repairing Damage From January Cyberattack
Georgia's largest county is still repairing damage inflicted on its government offices by a cyberattack in January 2024.
March 3rd, 2024 — Source

Internet — Security Issues — March 2nd, 2024

Hackers target FCC, crypto firms in advanced Okta phishing attacks
A new phishing kit named CryptoChameleon is being used to target Federal Communications Commission (FCC) employees, using specially crafted single sign-on (SSO) pages for Okta that appear remarkably similar to the originals.
March 2nd, 2024 — Source

ISMG Editors: OpenAI's Response to The New York Times Case
Also: Addressing Scotland's Cybercrime Surge; NOC and SOC Convergence
March 2nd, 2024 — Source or Source or Source

Pentagon Leak Suspect Jack Teixeira Expected to Plead Guilty in Federal Case
The Air National Guardsman accused of leaking highly classified military documents on social media is expected to plead guilty in his federal case.
March 2nd, 2024 — Source

Internet — Security Issues — February 28th, 2024

A New Ransomware Gang Claims It Stole Source Code, Passwords And More In Epic Hack
When you get into the ransomware scene, one would think that you want to lay somewhat low while building up a decent reputation before going for the big fish. However, ransomware newcomer Mogilevich is coming out swinging with the claim that it has compromised Epic Games and made off with a good handful of data pertaining to the company.
February 28th, 2024 — Source

A ransomware group says it has stolen almost 200GB of data from Epic Games (updated)
The group has not posted any evidence supporting its claim
February 28th, 2024 — Source

Biden executive order aims to stop Russia and China from buying Americans' personal data
The bulk sale of geolocation, genomic, financial and health data will be off-limits to "countries of concern."
February 28th, 2024 — Source

Biden Executive Order Targets Bulk Data Transfers to China
New Order Tasks Department of Justice With Developing Data Transfer Protections
February 28th, 2024 — Source or Source or Source or Source or Source

Biden orders crackdown on selling Americans' personal data abroad
The broader issue of data harvesting remains an issue.
February 28th, 2024 — Source

Chinese Cyberspies Use New Malware in Ivanti VPN Attacks
Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades.
February 28th, 2024 — Source

Cloud-focused malware campaigns on the increase
As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in both sophistication and number.
February 28th, 2024 — Source

Compliance Scorecard​ collaborates with ConnectSecure to automate asset governance
Compliance Scorecard​ and ConnectSecure have joined forces to automate asset governance.
February 28th, 2024 — Source

Cyber Insights 2024: APIs -- A Clear, Present, and Future Danger
The API attack surface is expanding and API vulnerabilities are growing. AI will help attackers find and exploit API vulnerabilities at scale.
February 28th, 2024 — Source

Down, Not Out: Russian Hacktivists Claiming DDoS Disruptions
Distributed Denial-of-Service Attacks Decline as Russia-Ukraine War Continues
February 28th, 2024 — Source or Source or Source or Source or Source

Enterprise workers want more transparency around cybersecurity
The nature of cybersecurity is such that much of the work goes on in the background. People notice when there's a problem but not when there isn't.
February 28th, 2024 — Source

Epic Games Allegedly Hacked - Targeted for Ransomware
Unconfirmed reports suggest that Epic Games, the company behind Fortnite, may be the target of a ransomware attack by a relatively unknown hacker group called Mogilvich. The group has allegedly leaked information on a darknet site, claiming to have 200GB of sensitive data, including email credentials, passwords, personal identification, financial information, source code, and more.
February 28th, 2024 — Source

Epic Games: "Zero evidence" we were hacked by Mogilevich gang
Epic Games said they found zero evidence of a cyberattack or data theft after the Mogilevich extortion group claimed to have breached the company's servers.
February 28th, 2024 — Source

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack
Pepco Group has confirmed that its Hungarian business has been hit by a "sophisticated fraudulent phishing attack."
February 28th, 2024 — Source

Exabeam introduces new features to improve security analyst workflows
Exabeam announced two pioneering cybersecurity features, Threat Center and Exabeam Copilot, to its AI-driven Exabeam Security Operations Platform.
February 28th, 2024 — Source

Hackers Steal Personal Information From Pharma Giant Cencora
Pharmaceutical solutions provider Cencora discloses a cyberattack that resulted in personal information being stolen from its systems.
February 28th, 2024 — Source

Has the US Created the Wrong War Machine?
We Need Low-Cost, High-Volume Weapons Systems to Prevail in Future Conflicts
February 28th, 2024 — Source or Source or Source or Source or Source

HSCC publishes 5-year healthcare cybersecurity strategic plan
Developed over eighteen months by the Cybersecurity Working Group and government partners, the plan is a five-year health industry roadmap for addressing frequent and sophisticated cyber incidents aimed at the sector.
February 28th, 2024 — Source

IBM says their latest AI-enhanced storage platform can identify ransomware in under a minute
Fight fire with fire
February 28th, 2024 — Source

Is XDR Enough? The Hidden Gaps in Your Security Net
When evaluating XDR, consider its value based on its ability to reduce complexity and improve threat detection and response times.
February 28th, 2024 — Source

Japan warns of malicious PyPi packages created by North Korean hackers
Japan's Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware.
February 28th, 2024 — Source

LockBit ransomware returns to attacks with new encryptors, servers
The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption.
February 28th, 2024 — Source

ManageEngine partners with Check Point to help organizations tackle mobile threats
ManageEngine announced the integration between Endpoint Central, its flagship unified endpoint management solution, and Check Point's Harmony Mobile, a mobile threat defense solution, to help IT security teams automate the remediation of mobile threats.
February 28th, 2024 — Source

Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
February 28th, 2024 — Source

New Ransomware Gang Claims Responsibility for Alleged Epic Games Hack
Epic Games says there is 'zero evidence right now' that Mogilevich is behind the supposed 189GB theft.
February 28th, 2024 — Source

NinjaOne and SentinelOne integration enhances risk mitigation and IT security
NinjaOne and SentinelOne launched a bi-directional product integration that redefines endpoint protection through the merging of IT operations and security.
February 28th, 2024 — Source

NIST updates Cybersecurity Framework with Version 2.0
Billed as the first major overhaul in a decade for the National Institute of Standards and Technology's foundational risk management approach, CSF 2.0 has new resources to help organizations better position themselves to mitigate cyber threats.
February 28th, 2024 — Source

Ransomware resurgence: Tackling the new generation of cyber threats
Sadly, there has never been a better phrase than 'survival of the fittest' to describe cyber criminal groups. They are constantly refining their tactics to cause greater disruption and earn even bigger profits. The ransomware ecosystem is a resilient and lucrative business model, and attacks are causing huge pain for organizations.
February 28th, 2024 — Source

Report Says Iranian Hackers Targeting Israeli Defense Sector
Hackers Are Leveraging Israel-Hamas War to Carry Out Attacks, Researcher Tells ISMG
February 28th, 2024 — Source or Source or Source or Source or Source

Rhysida ransomware wants $3.6 million for children's stolen data
The Rhysida ransomware gang has claimed the cyberattack on Lurie Children's Hospital in Chicago at the start of the month.
February 28th, 2024 — Source

State-sponsored hackers know enterprise VPN appliances inside out
Suspected Chinese state-sponsored hackers leveraging Ivanti Connect Secure VPN flaws to breach a variety of organizations have demonstrated "a nuanced understanding of the appliance", according to Mandiant incident responders and threat hunters.
February 28th, 2024 — Source

The Role of Penetration Testing in Strengthening Cyber Defenses
Penetration testing strengthens cyber defenses by simulating attacks, identifying vulnerabilities, and enhancing security measures.
February 28th, 2024 — Source

US Government Urges Cleanup of Routers Infected by Russia's APT28
The US government says Russia's APT28 group compromised Ubiquiti EdgeRouters to run cyberespionage operations worldwide.
February 28th, 2024 — Source

What EU Antitrust Probe Around Entra ID Means for Microsoft
Rivals Say Microsoft Restricts Competition Around Identity. Will Regulators Agree?
February 28th, 2024 — Source or Source or Source or Source

What's Next for Carbon Black Now That Broadcom Sale Is Dead?
A Carbon Black-Symantec Marriage Would Combine 2 Low-Growth Endpoint Security Teams
February 28th, 2024 — SourceSource or Source or Source or Source

White House Issues Executive Order on International Data Protection
A coming White House Executive Order seeks to protect personal information by preventing the mass transfer of Americans' sensitive data to countries of concern.
February 28th, 2024 — Source

Internet — Security Issues — February 27th, 2024

70% of Australians don't feel in control of their data as companies hide behind meaningless privacy terms
Australian consumers don't understand how companies—including data brokers—track, target and profile them. This is revealed in new research on consumer understanding of privacy terms, released by the non-profit Consumer Policy Research Centre and UNSW Sydney today.
February 27th, 2024 — Source

67,000 U-Haul Customers Impacted by Data Breach
U-Haul says customer information was compromised in a data breach involving a reservation tracking system.
February 27th, 2024 — Source

An Approach To Synthetic Transactions With Spring Microservices: Validating Features and Upgrades
Learn how synthetic transactions in fintech help in assuring quality and confidence, validating business functionality post major updates or new features.
February 27th, 2024 — Source

APT29 revamps its techniques to breach cloud environments
Russian threat actors APT29 are changing their techniques and expanding their targets to access cloud environments, members of the Five Eyes intelligence alliance have warned.
February 27th, 2024 — Source

Artificial Arms Race: What Can Automation and AI do to Advance Red Teams
The best Red Team engagements are a balanced mix of technology, tools and human operators.
February 27th, 2024 — Source

AU10TIX KYB solution validates info against global registries and jurisdictions
AU10TIX launched an Know Your Business (KYB) solution that enables companies to know exactly who they are doing business with and avoid potential financial and reputational losses.
February 27th, 2024 — Source

Bitwarden Secrets Manager integrates with Ansible Playbook
Bitwarden enhanced Bitwarden Secrets Manager by integrating with Ansible Playbook.
February 27th, 2024 — Source

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws
The Black Basta and Bl00dy ransomware gangs have started exploiting two vulnerabilities in ConnectWise ScreenConnect.
February 27th, 2024 — Source

Black Basta, Bl00dy ransomware gangs join ScreenConnect attacks
The Black Basta and Bl00dy ransomware gangs have joined widespread attacks targeting ScreenConnect servers unpatched against a maximum severity authentication bypass vulnerability.
February 27th, 2024 — Source

Canada's RCMP, Global Affairs Hit by Cyberattacks
Canadian authorities are actively investigating cyberattacks impacting the RCMP network and Global Affairs Canada.
February 27th, 2024 — Source

Cyber Insights 2024: Quantum and the Cryptopocalypse
Quantum computers are coming, and will defeat current PKE encryption. But this cryptopocalypse is not dependent upon quantum computers — it could happen through other means, at any time.
February 27th, 2024 — Source

Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security
8,800 domains, many once owned by major companies, have been abused to get millions of emails past spam filters as part of SubdoMailing campaign.
February 27th, 2024 — Source

Elections in the Age of AI
CISOs Discuss AI Scams, Cyberthreats and Election Security Defenses
February 27th, 2024 — Source or Source or Source or Source or Source

Energy Department Invests $45 Million in 16 Projects to Improve Cybersecurity
The US government makes a $45 million investment in 16 projects to improve cybersecurity across the energy sector.
February 27th, 2024 — Source

FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks
Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks.
February 27th, 2024 — Source

Google Genie lets users generate AI outputs resembling video games
It's not 'Sora for video games,' but it's a step in that direction
February 27th, 2024 — Source

Groups Warn Health Sector of Change Healthcare Cyber Fallout
Some Researchers Confident ConnectWise ScreenConnect Flaw Was Exploited in Attack
February 27th, 2024 — Source

Hackers backed by Russia and China are infecting SOHO routers like yours, FBI warns
Six years on, routers remain a favorite post for concealing malicious activities.
February 27th, 2024 — Source

Hessen Consumer Center says systems encrypted by ransomware
The Hessen Consumer Center in Germany has been hit with a ransomware attack, causing IT systems to shut down and temporarily disrupting its availability.
February 27th, 2024 — Source

HSCC Issues Cyber 'Call to Action' Plan for Health Sector
5-Year Plan Details How to Raise the Bar on Health Ecosystem's Approach to Cyber
February 27th, 2024 — Source or Source or Source or Source or Source

Innovative blockchain technology balances privacy with regulatory compliance
In a recent study published in Blockchain: Research and Applications, researchers have developed a protocol called Privacy Pools that enhances privacy on blockchain transactions while complying with regulatory standards.
February 27th, 2024 — Source

Intel Unveils Next-Gen vPro Platform at MWC 2024
Empowering Business with AI-Driven Productivity and Security
February 27th, 2024 — Source

Legato Security Ensemble helps organizations prevent breaches
Legato Security launched Ensemble, a security operations platform that is poised to redefine how organizations detect, manage, and respond to threats.
February 27th, 2024 — Source

Moscow Military Hackers Used Microsoft Outlook Vulnerability
APT28 Used Hacked Ubiquiti Routers for Hashed Password Relay Attacks
February 27th, 2024 — Source or Source or Source or Source or Source

NIST Cybersecurity Framework 2.0 Officially Released
NIST releases Cybersecurity Framework 2.0, the first major update since the creation of the CSF a decade ago.
February 27th, 2024 — Source

NIST Releases First Update of its Cybersecurity Framework
After releasing the first version of its Cybersecurity Framework in 2014, the National Institute of Standards and Technology (NIST) has released its first update to the guidance document.
February 27th, 2024 — Source

NIST releases version 2.0 of cybersecurity framework
The National Institute of Standards and Technology (NIST) has updated the widely used Cybersecurity Framework (CSF), its landmark guidance document for reducing cybersecurity risk. The new 2.0 edition is designed for all audiences, industry sectors and organization types, from the smallest schools and nonprofits to the largest agencies and corporations—regardless of their degree of cybersecurity sophistication.
February 27th, 2024 — Source

NIST updates Cybersecurity Framework after a decade of lessons
The original was definitely getting a bit long in the tooth for modern challenges
February 27th, 2024 — Source

Notorious ransomware group launched cyberattack on UnitedHealth Group
A ransomware group known as Blackcat was responsible for launching a cyberattack last week at UnitedHealth Group that resulted in nationwide disruption of prescription orders, Reuters reported Feb. 26.
February 27th, 2024 — Source

Research introduces new approach for detecting deepfakes
Research published in the International Journal of Ad Hoc and Ubiquitous Computingintroduces a new approach to tackling the challenges posed by deepfake technology, which generates manipulated media content that closely resembles authentic footage.
February 27th, 2024 — Source

Russian hackers hijack Ubiquiti routers to launch stealthy attacks
Russian military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners.
February 27th, 2024 — Source

PKI Solutions introduces new version of PKI Spotlight
PKI Solutions introduced a new version of PKI Spotlight, a real-time monitoring and alerting system that provides live status, availability, configuration, and security of PKI environments (Microsoft PKI and others) and hardware security modules (HSMs).
February 27th, 2024 — Source

Top 10 Malware Q4 2023
The Cyber Threat Intelligence (CTI) team at the Multi-State Information Sharing and Analysis Center® (MS-ISAC®)
February 27th, 2024 — Source

US Gov Says Software Measurability is 'Hardest Problem to Solve'
White House calls for the "timely, complete, and consistent" publication of CVE and CWE data to help solve the security metrics problem.
February 27th, 2024 — Source

Using multimodal deep learning to detect malicious traffic with noisy labels
The success of a deep learning-based network intrusion detection systems (NIDS) relies on large-scale, labeled, realistic traffic. However, automated labeling of realistic traffic, such as by sand-box and rule-based approaches, is prone to errors, which in turn affects deep learning-based NIDS.
February 27th, 2024 — Source

VIAVI enhances Observer Sentry's exposure and vulnerability analysis
VIAVI Solutions announced the addition of traffic analysis capabilities to its Observer Sentry Software-as-a-Service-based threat exposure management solution.
February 27th, 2024 — Source

What Goes Around Comes Back Around, With Chatbots Too
Study Shows Correlation Between Polite Language, Culture and LLM Output
February 27th, 2024 — Source or Source or Source or Source or Source

White House urges developers to dump C and C++
Biden administration calls for developers to embrace memory-safe programing languages and move away from those that cause buffer overflows and other memory access vulnerabilities.
February 27th, 2024 — Source

White House: Use memory-safe programming languages to protect the nation
The White House is asking the technical community to switch to using memory-safe programming languages -- such as Rust, Python, Swift, C#, Java, and Go -- to prevent memory corruption vulnerabilities from entering the digital ecosystem.
February 27th, 2024 — Source

Internet — Security Issues — February 26th, 2024

7 Cyber Safety Tips to Outsmart Scammers
Welcome to the wild west of the digital world where cyber scammers lurk around every pixelated corner. Cybercrime isn't just a futuristic Hollywood plotline, it's a real threat that targets everyone—from wide-eyed kids to seasoned adults and wise grandparents.
February 26th, 2024 — Source

ALPHV/BlackCat responsible for Change Healthcare cyberattack
US government's bounty hasn't borne fruit as whack-a-mole game goes on
February 26th, 2024 — Source

API attacks put businesses at risk
Attacks targeting the business logic of APIs made up 27 percent of attacks in 2023, a growth of 10 percent since the previous year. Account takeover (ATO) attacks targeting APIs also increased from 35 percent in 2022 to 46 percent in 2023.
February 26th, 2024 — Source

Back from the dead: LockBit taunts cops, threatens to leak Trump docs
Officials have until March 2 to cough up or stolen data gets leaked
February 26th, 2024 — Source

Bitdefender Cryptomining Protection detects malicious cryptojacking attempts
Bitdefender announced Cryptomining Protection, a cryptomining management feature that allows users to both protect against malicious cryptojacking and manage their own legitimate cyptomining initiatives on their Windows PCs.
February 26th, 2024 — Source

Can AI boost clean energy efforts? Tech and policy leaders discuss solutions in Seattle
U.S. Energy Secretary Jennifer Granholm and Sen. Maria Cantwell met in Seattle on Friday with West Coast tech executives and leaders from national laboratories to strategize partnerships to more quickly and effectively harness artificial intelligence in the pursuit of clean energy.
February 26th, 2024 — Source

Critical Flaw in Popular 'Ultimate Member' WordPress Plugin
The vulnerability carries a CVSS severity score of 9.8/10 and affects web sites running the Ultimate Member WordPress membership plugin.
February 26th, 2024 — Source

CrowdStrike 2024 Global Threat Report: 6 Key Takeaways
Tips for mitigating the risks associated with these cyberattacks, which include cloud-environment intrusions, are provided.
February 26th, 2024 — Source

Cyber Insights 2024: Artificial Intelligence
AI will allow attackers to improve their attacks, and defenders to improve their defense. Over time, little will change — but the battle will be more intense.
February 26th, 2024 — Source

Cybersecurity Training Not Sticking? How to Fix Risky Password Habits
Organizations recognize the cybersecurity risks posed by their end-users, so they invest in security and awareness training programs to help improve security and mitigate risks. However, cybersecurity training has its limitations, especially when it comes to changing end-users' behavior around passwords.
February 26th, 2024 — Source

Data watchdog tells off outsourcing giant for scanning staff biometrics despite 'power imbalance'
2,000 employees at 38 facilities had data processed 'unlawfully', ICO says
February 26th, 2024 — Source

DataVisor introduces fraud and risk solution for financial institutions
DataVisor launched a solution designed to both detect fraud and financial crimes more effectively and to uphold sponsor bank compliance in the face of evolving regulations for Banking-as-a-Service (BaaS) offerings.
February 26th, 2024 — Source

Is It Always Legal to Record Video and Audio in Your Home? Here's What You Need to Know
When do you have the right to record with a security device in your home, and when is it a privacy violation? These tips will help you stay safe and avoid potential legal problems.
February 26th, 2024 — Source

'Fake love' crypto scammers ensnare US victims
The "wine trader" wooed her online for months with his flirtatious smile and emoji-sprinkled texts. Then he went for the kill, defrauding the Philadelphia-based tech professional out of $450,000 in a cryptocurrency romance scam.
February 26th, 2024 — Source

Feds hack LockBit, LockBit springs back. Now what?
The busted ransomware gang leader returns with a promise of vengeance
February 26th, 2024 — Source

From Open Source to Enterprise Ready: 4 Pillars to Meet Your Security Requirements
Open source is a great way to test the waters and define requirements. But when looking at putting a platform into production, an enterprise-ready solution will ensure you can keep up with business demands.
February 26th, 2024 — Source

Groups Warn Health Sector of Change Healthcare Cyber Fallout
Some Researchers Confident ConnectWise ScreenConnect Flaw Was Exploited in Attack
February 26th, 2024 — Source or Source or Source or Source

Hackers exploit 14-year-old CMS editor on govt, edu sites for SEO poisoning
Threat actors are exploiting a CMS editor discontinued 14 years ago to compromise education and government entities worldwide to poison search results with malicious sites or scams.
February 26th, 2024 — Source

How the use of mobile devices is changing the cybersecurity landscape [Q&A]
As consumers and businesses undergo a sea change shift towards mobile interfaces, embracing everything from retail to human resources management, the landscape of mobile security is experiencing a parallel transformation.
February 26th, 2024 — Source

Intel Edge Platform simplifies development and management of edge AI apps
Intel announced its new Edge Platform, a modular, open software platform enabling enterprises to develop, deploy, run, secure, and manage edge and AI applications at scale with cloud-like simplicity.
February 26th, 2024 — Source

Joint cyber security advisory warns that Russian state actors are adapting their tactics to access cloud infrastructure
The Communications Security Establishment (CSE) and its Canadian Centre for Cyber Security (Cyber Centre) joined their Five Eyes cyber security partners in issuing a joint advisory detailing tactics used by Russian Foreign Intelligence Service (SVR) actors to gain initial cloud access
February 26th, 2024 — Source

LoanDepot Ransomware Attack Exposed 16.9 Million Individuals
Lending firm LoanDepot said the personal information of 16.9 million people was stolen in a ransomware attack in early January.
February 26th, 2024 — Source or Source

LockBit Back Online as Ransomware Gang Continues to Clash with Law Enforcement
LockBit is now running from backup servers and has a new Dark Web presence after their site's recent takedown by the FBI and international partners.
February 26th, 2024 — Source

LockBit leak site is back online
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with lists of victims expected to be unveiled in the coming days.
February 26th, 2024 — Source or Source

McAfee Social Privacy Manager helps users keep their posts and personal information more private
McAfee announced the launch of Social Privacy Manager to its McAfee+ product line-up.
February 26th, 2024 — Source

Nancy Pelosi Creates a Buzz by Buying up Shares in the Cyber Security Company Palo Alto Networks (PANW)
Nancy Pelosi, a household name on the hill and, inarguably, one of the best asset managers in town with a stellar stock-picking record, has set the tongues wagging across the financial community today after disclosing a material position in the cyber security company, Palo Alto Networks.
February 26th, 2024 — Source

Navigating the 2024 IT landscape: The essential role of governance
This year, IT teams across the globe are facing a tech landscape that's undergoing a major transition. Cybersecurity has emerged as a paramount concern, with escalating threats and sophisticated cyber-attacks posing significant risks to business operations.
February 26th, 2024 — Source

NetSTAR PhishCompass combats phishing threats
NetSTAR announced an advancement in phish detection technology with the introduction of PhishCompass.
February 26th, 2024 — Source

Palo Alto Networks empowers customers with integrated private 5G solutions
Palo Alto Networks announced end-to-end private 5G security solutions and services in collaboration with leading Private 5G partners.
February 26th, 2024 — Source

Pikabot returns with new tricks up its sleeve
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign.
February 26th, 2024 — Source

Ransomware attack blamed for Change Healthcare outage stalling US prescriptions
An ongoing cyberattack at U.S. health tech giant Change Healthcare that sparked outages and disruption to hospitals and pharmacies across the U.S. for the past week was caused by ransomware, TechCrunch has learned.
February 26th, 2024 — Source

Ransomware Operation LockBit Relaunches Dark Web Leak Site
After Operation Cronos, LockBit Leader LockBitSupp Vows to Continue Hacking
February 26th, 2024 — Source or Source or Source or Source or Source

Researchers say easy-to-exploit security bugs in ConnectWise remote-access software now under mass attack
Security researchers say a pair of easy-to-exploit flaws in a popular remote-access tool used by more than a million companies around the world are now being mass exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data.
February 26th, 2024 — Source

Russian Cyberspies Targeting Cloud Infrastructure via Dormant Accounts
US government and allies expose TTPs used by notorious Russian hacking teams and warn of the targeting of dormant cloud accounts.
February 26th, 2024 — Source

Russian hackers shift to cloud attacks, US and allies warn
Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services.
February 26th, 2024 — Source

Russian Threat Actor APT29 Pivots to the Cloud for Espionage
Five Eyes Cyber Agencies Say Kremlin Hackers Are Following Victims to the Cloud
February 26th, 2024 — Source or Source or Source or Source or Source

Privacy Watchdog Cracks Down on Biometric Employee Tracking
Leisure Center Operators Ordered to Stop Using Facial and Fingerprint Recognition
February 26th, 2024 — Source or Source or Source or Source or Source

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)
The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads.
February 26th, 2024 — Source

State-Sponsored Group Blamed for Change Healthcare Breach
UnitedHealth Group is blaming a state-sponsored threat actor for a disruptive cyberattack on its subsidiary Change Healthcare.
February 26th, 2024 — Source

The Art of Ethical Hacking: Securing Systems in the Digital Age
Ethical hacking utilizes techniques for positive purposes, safeguarding digital systems from cyber threats by identifying vulnerabilities before malicious hackers.
February 26th, 2024 — Source

Web Application Security: The Ultimate Guide to Coding Best Practices
Explore best practices and core considerations for writing secure code across web applications in this all-encompassing guide.
February 26th, 2024 — Source

White House urges devs to switch to memory-safe programming languages
The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities.
February 26th, 2024 — Source or Watch Video

Internet — Security Issues — February 25th, 2024

LockBit ransomware returns, restores servers after police disruption
The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector.
February 25th, 2024 — Source

NBA Top Shot NFT scam promoted by hacked ESPN reporter's X account
"There is NO Free Airdrop happening on NBA Top Shot at this time."
February 25th, 2024 — Source

Ransomware Operation LockBit Relaunches Dark Web Leak Site
After Operation Cronos, LockBit Leader LockBitSupp Vows to Continue Hacking
February 25th, 2024 — Source or Source or Source or Source or Source

RCMP investigating cyber attack as its website remains down
The Royal Canadian Mounted Police (RCMP), Canada's national police force has disclosed that it recently faced a cyber attack targeting its networks.
February 25th, 2024 — Source

Security is hard because it has to be right all the time? Yeah, like everything else
It takes only one bottleneck or single point of failure to ruin your week
February 25th, 2024 — Source

Internet — Security Issues — February 24th, 2024

How to remove your address from the Internet
It's 2024 and "doxxing" has become a daily occurrence. Our own personal data is out there on the Internet — collected by apps and services, bought out by data brokers, and re-sold to the highest bidder.
February 24th, 2024 — Source

Internet — Security Issues — February 23rd, 2024

40 Countries Vow Not to Pay Ransomware Hackers
In a gathering of 48 countries for the third annual International Counter Ransomware Initiative summit, the U.S. and allies are pledging to not pay ransomware attacks leveraged against their individual countries.
February 23rd, 2024 — Source

230k Individuals Impacted by Data Breach at Australian Telco Tangerine
Tangerine Telecom says attackers stole the personal information of 230,000 individuals from a legacy customer database.
February 23rd, 2024 — Source

A type of cyberattack that could set your smartphone on fire using its wireless charger
A team of security experts at the University of Florida working with security audit company CertiK has found that a certain class of cyberattacks could cause a smartphone to catch fire via its wireless charger.
February 23rd, 2024 — Source

A Vulnerability in Apache OFBiz Could Allow for Remote Code Execution
A vulnerability has been discovered in the Apache OFBiz, which could allow for remote code execution. Apache OFBiz is an open source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. Successful exploitation could allow for remote code execution in the context of the Server.
February 23rd, 2024 — Source

AI Will Lead to Increase in Ransomware
With the growth of AI-based technologies, cybersecurity experts are warning about the upcoming increase in attack attempts and complexity, as cybercriminals increase their use of available tools.
February 23rd, 2024 — Source

Apple Shortcuts Vulnerability Exposes Sensitive Information
High-severity vulnerability in Apple Shortcuts could lead to sensitive information leak without user's knowledge.
February 23rd, 2024 — Source

Attackers Rush to Exploit ScreenConnect Vulnerabilities
Ransomware, Info Stealers, Backdoors and Cryptojacking
February 23rd, 2024 — Source or Source

Avast ordered to pay $16.5 million for misuse of user data
The Federal Trade Commission will require software provider Avast to pay $16.5 million and prohibit the company from selling or licensing any web browsing data for advertising purposes to settle charges that the company and its subsidiaries sold such information to third parties after promising that its products would protect consumers from online tracking.
February 23rd, 2024 — Source or Source

'Azure AI Content Safety' Service Targets Developer Online Environments
Microsoft shipped an Azure AI Content Safety service to help AI developers build safer online environments.
February 23rd, 2024 — Source

Binance Restricts 85 LockBit Crypto Wallets
Authorities Uncover 30,000 LockBit Bitcoin Addresses
February 23rd, 2024 — Source or Source or Source or Source or Source

Change Healthcare Cyber Outage Disrupts Firms Nationwide
HHS Issues Special Alert Urging Providers and Contractors to 'Stay Vigilant'
February 23rd, 2024 — Source or Source

Change Healthcare Outage Hits Military Pharmacies Worldwide
ConnectWise Denies Speculation That Hack Involved the ScreenConnect Flaw Exploit
February 23rd, 2024 — Source

CISA Offers Free 'Logging Made Easy' Tool for Diagnosing Threats
LME is a bundle of free and open source software for organizations lacking a security operations center or security information and event management (SIEM) solution, as well as lacking the security knowledge and expertise to set up an intrusion detection system, per its GitHub description.
February 23rd, 2024 — Source

Defending against distributed denial of service (DDoS) attacks -- ITSM.80.110
As technology evolves, distributed denial of service (DDoS ) attacks are becoming more sophisticated and widespread. These attacks, commonly used by cybercriminals, can cause significant financial, operational, and reputational damage to organizations worldwide. Regardless of the type of DDoS attack, the main goal is always to overwhelm and incapacitate targeted servers, services, or networks by flooding them with malicious traffic from compromised devices or networks.
February 23rd, 2024 — Source

Enabling Compliance and Security in AI-Driven, Low-Code/No-Code Development
Low-code/no-code development offers a lot of opportunities for companies across sectors, but it can also bring new security risks and compliance concerns.
February 23rd, 2024 — Source

Exploring the Nexus Between DevSecOps and Cybersecurity
Explore the vital connection between development, security practices, and the evolving landscape of cybersecurity here in this blog!
February 23rd, 2024 — Source

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn
Security experts are warning that a pair of high-risk flaws in a popular remote access tool are being exploited by hackers to deploy LockBit ransomware — days after authorities announced that they had disrupted the notorious Russia-linked cybercrime gang.
February 23rd, 2024 — Source

Hackers are hunting celebs. Digital IDs can help — but come with caveats
Decentralised digital identities offer both promise and peril
February 23rd, 2024 — Source

HHS OCR Tells Congress It Needs More Funding for HIPAA Work
Breaches and Complaints Continue to Soar as Regulatory Duties Increase
February 23rd, 2024 — Source or Source or Source

In Other News: Spyware Vendor Shutdown, Freenom-Meta Settlement, 232 Threat Groups
Noteworthy stories that might have slipped under the radar: Spyware vendor Variston is reportedly shutting down, Crowdstrike tracks 232 threat actors, Meta and Freenom reach settlement.
February 23rd, 2024 — Source

Insomniac Games alerts employees hit by ransomware data breach
Sony subsidiary Insomniac Games is sending data breach notification letters to employees whose personal information was stolen and leaked online following a Rhysida ransomware attack in November.
February 23rd, 2024 — Source

ISMG Editors: The 'New Frontier' of AI and Identity Security
Identity Security Expert Jeremy Grant Discusses Challenges, Innovations and Trends
February 23rd, 2024 — Source or Source or Source or Source or Source

LockBit ransomware gang has over $110 million in unspent bitcoin
The LockBit ransomware gang received more than $125 million in ransom payments over the past 18 months, according to the analysis of hundreds of cryptocurrency wallets associated with the operation.
February 23rd, 2024 — Source

Microsoft and OpenAI Collaborate on AI Security, Block State-Sponsored Attackers
Microsoft and OpenAI have shut down five state-sponsored hacking groups that were using OpenAI's large language models (LLMs) "in support of malicious cyber activities," per announcements this week.
February 23rd, 2024 — Source

Microsoft Defender for Cloud Adds Agentless Virtual Machine Malware Scanning
Microsoft announced on Thursday that it has added agentless malware scanning for servers hosting virtual machines.
February 23rd, 2024 — Source

Microsoft Disables App Installer Feature Amid Security Concerns
Microsoft on Thursday took steps to safeguard users by disabling the App Installer feature in Windows 10, following the discovery that threat actors were exploiting it to spread malware.
February 23rd, 2024 — Source

Microsoft Releases Red Teaming Tool for Generative AI
Microsoft releases PyRIT red teaming tool to help identify risks in generative AI through automation.
February 23rd, 2024 — Source

Microsoft Secure Future Initiative Aims To Address Cybersecurity Problems
Microsoft on Thursday announced a Secure Future Initiative (SFI) approach to dealing with cybersecurity threats.
February 23rd, 2024 — Source

No Big Reveal: Cops Don't Unmask LockBit's LockBitSupp
After Teasing 'Who Is LockBitSupp,' Cops Say He's 'Engaged With Law Enforcement'
February 23rd, 2024 — Source or Source or Source

Ofcom Unprepared to Implement UK Online Safety Bill
UK Parliamentary Committee Says the Agency Is Not Likely to Meet the 2025 Deadline
February 23rd, 2024 — Source or Source

" target="new" class="RM1">Source

Open-Source Leadership to the European Commission: CRA Rules Pose Tech and Economic Risks to EU
New cybersecurity rules for digital products proposed by the European Commission pose "unnecessary economic and technological risks to the European Union," according to a group of 12 open-source software leadership organizations.
February 23rd, 2024 — Source

Post-LockBit, How Will the Ransomware Ecosystem Evolve?
With Over $1 Billion in Annual Proceeds, Don't Expect Attackers to Give Up the Life
February 23rd, 2024 — Source or Source or Source or Source or Source

'SlashAndGrab' ScreenConnect Vulnerability Widely Exploited for Malware Delivery
ConnectWise ScreenConnect vulnerability tracked as CVE-2024-1709 and SlashAndGrab exploited to deliver ransomware and other malware.
February 23rd, 2024 — Source

Spyware leak offers 'first-of-its-kind' look inside Chinese government hacking efforts
Documents show Chinese hacking firm I-Soon hacked governments around the world
February 23rd, 2024 — Source

Thanks FedEx, This is Why we Keep Getting Phished
I've been getting a lot of those "your parcel couldn't be delivered" phishing attacks lately and if you're a human with a phone, you probably have been too. Just as a brief reminder, they look like this:
February 23rd, 2024 — Source

The impact of AI on cybersecurity
The market for AI in cybersecurity is expected to reach more than $133 billion by 2030 according to a new report from Techopedia.
February 23rd, 2024 — Source

Tips To Help GitHub Admins Prepare A Company For SOC 2 And ISO 27001 Audits
Source code protection is highly important nowadays, and when your data is well protected according to the best standards, it becomes an absolute must.
February 23rd, 2024 — Source

Toward Better Patching — A New Approach with a Dose of AI
Use of AI to cut through the noise and confusion of the current vulnerability prioritization approaches suggests an exciting future for AI-assisted operations to vulnerability triaging.
February 23rd, 2024 — Source

UnitedHealth subsidiary Optum hack linked to BlackCat ransomware
A cyberattack on UnitedHealth Group subsidiary Optum that led to an ongoing outage impacting the Change Healthcare payment exchange platform was linked to the BlackCat ransomware group by sources familiar with the investigation.
February 23rd, 2024 — Source

US FTC Imposes Strict Reporting Mandates for Global Tel*Link
New Reporting Measures Follow Data Breach Affecting Prison Communications Provider
February 23rd, 2024 — Source or Source or Source or Source

Watch Now: Cloudy With a Chance of Threats: The Active Threat Landscape in the Cloud
Join the webinar to learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.
February 23rd, 2024 — Source

Internet — Security Issues — February 21st, 2024

Alarming Security Report Warns Of An Unprecedented Surge In Ransomware Attacks
Over the past couple of years, the ransomware industry has exploded leading to millions in lost dollars to cybercriminals extorting businesses to regain access and control of their private data. It was thought to have reached a head when the Biden Administration sought to crack down on the threat at the International Counter Ransomware Summit in 2021.
February 21st, 2024 — Source

Apple Adds Post-Quantum Encryption to iMessage
Apple unveils PQ3, a new post-quantum cryptographic protocol for iMessage designed to protect communications against quantum computing attacks.
February 21st, 2024 — Source

Apple is giving iMessage a massive security update
Security so good it rivals the government...allegedly.
February 21st, 2024 — Source

Beyond Identity Device360 identifies device security risks
Beyond Identity released a new Device360 solution for continuous device security posture management.
February 21st, 2024 — Source

Biden asks Coast Guard to create an infosec port in a stormy sea of cyber threats
Oh hear us when we cry to thee for those in peril on the sea
February 21st, 2024 — Source

Biden is boosting cybersecurity at US ports, where online attacks can be more ravaging than storms
President Joe Biden on Wednesday signed an executive order and created a federal rule aimed at better securing the nation's ports from potential cyberattacks.
February 21st, 2024 — Source

Biden to Sign Executive Order Raising Maritime Cybersecurity
US Coast Guard Will Publish Proposed Rule Establishing Cybersecurity Minimums
February 21st, 2024 — Source or Source or Source

Breach at Aussie Telecom Tangerine Affects 232,000 Customers
Customer Accounts Were Secured by MFA, But Contractor's Credentials Exposed Data
February 21st, 2024 — Source or Source or Source or Source or Source

Check Point launches Quantum Force, series of AI-powered firewalls
Check Point introduces Check Point Quantum Force series: a lineup of ten firewalls designed to meet and exceed the stringent security demands of enterprise data centers, network perimeters, campuses, and businesses of all dimensions.
February 21st, 2024 — Source

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation
Security experts describe exploitation of the CVSS 10/10 flaw as "trivial and embarrassingly easy."
February 21st, 2024 — Source

Control Systems Firm PSI Struggles to Recover From Ransomware Attack
German control system solutions provider PSI Software says it is still recovering from a ransomware attack.
February 21st, 2024 — Source

Cyber Insights 2024: Ransomware
Ransomware insights: When ransomware first appeared, the term became associated with encrypting data. This is a misconception.
February 21st, 2024 — Source

Cyberattacks follow businesses to the cloud
Cloud intrusions increased by 75 percent overall last year as adversaries set their sights on the cloud through the use of valid credentials.
February 21st, 2024 — Source

Cybercriminals use identities to target enterprises
A new report from IBM X-Force Threat Intelligence highlights an emerging global identity crisis as cybercriminals double down on exploiting user identities to compromise enterprises worldwide.
February 21st, 2024 — Source

Cybersecurity and data protection: Does ChatGPT really make a difference?
An analysis published in the Journal for International Business and Entrepreneurship Development has looked at the various approaches to cybersecurity and data protection taken by key global players, namely the European Union (EU), the United States of America (U.S.), and China.
February 21st, 2024 — Source

Cybersecurity for satellites is a growing challenge as threats to space-based infrastructure grow
In today's interconnected world, space technology forms the backbone of our global communication, navigation and security systems. Satellites orbiting Earth are pivotal for everything from GPS navigation to international banking transactions, making them indispensable assets in our daily lives and in global infrastructure.
February 21st, 2024 — Source

Discord took no action against server that coordinated costly Mastodon spam attacks
Over the weekend, hackers targeted federated social networks like Mastodon to carry out ongoing spam attacks that were organized on Discord, and conducted using Discord applications. But Discord has yet to remove the server where the attacks are facilitated, and Mastodon community leaders have been unable to reach anyone at the company.
February 21st, 2024 — Source

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach
Security teams need to combine the angles of client-side and server-side detection in order to have the best chance of mitigating the risk of advanced mobile malware.
February 21st, 2024 — Source

Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes
A new Biden executive order to boost the cybersecurity of US ports highlights the risks associated with the use of Chinese cranes.
February 21st, 2024 — Source

Hack at Services Firm Hits 2.4 Million Eye Doctor Patients
As Vendor Breaches Surge, Medical Practices Need 20/20 Visibility on Third Parties
February 21st, 2024 — Source or Source or Source or Source

Hackers abuse Google Cloud Run in massive banking trojan campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban.
February 21st, 2024 — Source

How do I remove malware from my PC?
Removing malware from your PC could be simple - or not. Here's everything you need to know.
February 21st, 2024 — Source

Joomla CMS Patches Critical XSS Vulnerabilities
Millions of Websites Potentially at Risk
February 21st, 2024 — Source or Source

Law Enforcement Locks Down LockBit Ransomware Group, Arrests 2
The world's biggest ransomware syndicate has swiped more than $120 million from victims like Boeing and the United Kingdom's Royal Mail.
February 21st, 2024 — Source

LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware
Operation Cronos's 'partners' continue to trickle the criminal empire's secrets
February 21st, 2024 — Source

Microsoft expands free logging capabilities after May breach
Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023.
February 21st, 2024 — Source

Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Mozilla products, the most severe of which could allow for arbitrary code execution.
February 21st, 2024 — Source

New SSH-Snake malware steals SSH keys to spread across the network
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure.
February 21st, 2024 — Source

NSA Announces Retirement of Cybersecurity Director Rob Joyce
NSA says Rob Joyce is retiring as cybersecurity director and will be replaced by David Luber, the current deputy director of cybersecurity.
February 21st, 2024 — Source

PAM Provider Delinea Buys Fastpath
Acquisition Will Allow Delinea to Detect Overprivileged Access, Company Says
February 21st, 2024 — Source or Source or Source or Source or Source

Published CVEs predicted to increase by 25 percent in 2024
The total number of common vulnerabilities and exposures (CVEs) is expected to increase by 25 percent in 2024 to 34,888 vulnerabilities, or roughly 2,900 per month.
February 21st, 2024 — Source

Redis Servers Targeted With New 'Migo' Malware
Attackers weaken Redis instances to deploy the new Migo malware and install a rootkit and cryptominers.
February 21st, 2024 — Source

Researchers Devise 'VoltSchemer' Attacks Targeting Wireless Chargers
Researchers document VoltSchemer attacks that manipulate power voltage to take over commercial wireless chargers.
February 21st, 2024 — Source

Researchers warn high-risk ConnectWise flaw under attack is 'embarrassingly easy' to exploit
'I can't sugarcoat it — this shit is bad,' said Huntress' CEO
February 21st, 2024 — Source

Russia Announces Arrest of Medibank Hacker Tied to REvil
3 Suspects Charged With Using Sugar Ransomware, Phishing Attacks Against Russians
February 21st, 2024 — Source or Source or Source or Source or Source

Internet — Secuirty Issues — Miscellaneous

Adaptive Research & Design Co.
data recovery from crashes, viruses, electrical surges, and sabotage, on hard and floppy drives under any operating system.
Provides a Service — Source

Anti-Phishing Working Group
Committed to wiping out Internet scams and fruad.
An Article — Source

Catapult Integrated Systems
is a premier systems integrator and commercial managed Internet services provider serving northern California since 1992.
Provides a Service — Source

Data Security
Seclore is an information rights management company which helps to protect documents and information by preserving enterprise rights management.
Provides a Service — Source

European Institute for Computer Anti-Virus Research (EICAR)
leads task forces, organizes conferences, and publishes documents.
Provides Information — Source

Leprechaun Software
develops VirusBUSTER, an anti-virus software that protects PCs from boot, program, macro, and email based viruses.
Provides Information — Source

Packet Analytics
Net/FSE, Packet Analytics' network data search engine, puts the power of real time searches over terabytes of NetFlow data in the hands of security analysts. Employing sophisticated algorithms, Net/FSE reduces exposure to significant business risk by enabling security specialists to quickly and determine the extent of a network alert.
Provides a Service — Source

PhishTank
Out of the Net, into the Tank.
Provides a Service — Source

Remove Windows Script Hosting
completely from your system.
Provides Information — Source

SecureList
Kaspersky Lab presents Lab Matters, a series of webcasts that get right to the heart of some of the IT security industry's hottest topics. in the first program, two of the company's leading antimalware experts, Costin Raiu and Magnus Kalkuhl, will be giving viewers the complete lowdown on targeted attacks and discussing a host of other fascinating topics.
Provides Information — Source

Stiller Research
We provide current anti-virus news, a list of myths regarding viruses, a virus information list and a list of in-the-wild viruses.
Provides Information — Source

Symantec Security Updates
library of documents on computer viruses including the top ten list of most common viruses and new viruses to be on the alert for, as well as general virus Q&Amp;A.
Provides Information — Source

Virus Alert
for GOOD TIMES, read about these fake viruses.
Provides Information — Source

VirusTotal
VirusTotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines.
Provides a Service — Source