Top

Tag: Cybersecurity


Data loss, Threats & Malware

Christie’s confirms RansomHub crooks stole data on 45K clients

June 10, 2024

Via: The Register

Auction house to the wealthy Christie’s says 45,798 people were affected by its recent cyberattack and resulting data theft. That’s according to public filings made with US state attorneys general on Friday, which also included template letters that are being […]


Network security, Security

26% of organizations lack any form of IT security training

June 7, 2024

Via: Help Net Security

26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results of regular […]


Data loss, Threats & Malware

Cybercriminals raid BBC pension database, steal records of over 25,000 people

May 30, 2024

Via: The Register

The BBC has emailed more than 25,000 current and former employees on one of its pension schemes after an unauthorized party broke into a database and stole their personal data. Names, national insurance numbers, dates of birth, sexes, and home […]


Hacker, Threats & Malware

IT worker sued over ‘vengeful’ cyber harassment of policeman who issued a jaywalking ticket

May 30, 2024

Via: The Register

In an ongoing civil lawsuit, an IT worker is accused of launching a “destructive cyber campaign of hate and revenge” against a police officer and his family after being issued with a ticket for jaywalking. The allegations against John Christopher […]


Threats & Malware, Virus & Malware

Auction house Christie’s confirms criminals stole some client data

May 28, 2024

Via: The Register

The revelation follows an incident from earlier in May that forced the auction house’s online bidding system offline, an event which the company said at the time was due to a “technology security issue.” It also closely follows the RansomHub […]


Threats & Malware, Vulnerabilities

NCSC CTO: Broken market must be fixed to usher in new tech

May 16, 2024

Via: The Register

National Cyber Security Centre (NCSC) CTO Ollie Whitehouse kicked off day two of Britain’s cyber watchdog’s annual shindig, CYBERUK, with a tirade about the tech market, pulling it apart to demonstrate why he believes it’s at fault for many of […]


Threats & Malware, Vulnerabilities

NHS Digital hints at exploit sightings of Arcserve UDP vulnerabilities

May 14, 2024

Via: The Register

The UK’s NHS is warning of the possibility that vulnerabilities in Arcserve Unified Data Protection (UDP) software are being actively exploited. Originally disclosed in March, the three vulnerabilities all had proof of concept (PoC) exploit code released the day after […]


Cyber-crime, Malware

Europol confirms incident following alleged auction of staff data

May 13, 2024

Via: The Register

Europol is investigating a cybercriminal’s claims that they stole confidential data from a number of the agency’s sources. Among the sources referenced by the cybercriminal, the Europol Platform for Experts (EPE) is confirmed to be the main subject of the […]


Threats & Malware, Vulnerabilities

The importance of the Vulnerability Operations Centre for cybersecurity

April 19, 2024

Via: TechRadar

Traditional cybersecurity is laser-focused on incident detection and response. In other words, it’s built around a Security Operations Centre (SOC). That’s no bad thing in itself. Read between the lines, however, and that assumes we’re waiting on the threats to […]


Access control, Security

Are passwordless systems the future of authentication?

April 11, 2024

Via: TechRadar

Passwords serve as the first line of defense against data breaches, yet individuals often exhibit poor habits when it comes to selecting or updating their passwords regularly. Despite widespread requirements for secure passwords across applications and websites, research indicates that […]


Hacker, Threats & Malware

LockBit Bounces Back Shortly After Takedown and Police Trolling

February 28, 2024

Via: SecureWorld

In a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]


Network security, Security

NIST updates Cybersecurity Framework after a decade of lessons

February 27, 2024

Via: The Register

After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]


Cloud security, Security

Russia-linked APT29 switched to targeting cloud services

February 27, 2024

Via: Security Affairs

A joint advisory issued by cybersecurity agencies of Five Eyes (US, UK, Australia, Canada and New Zealand) warns that Russia-linked APT29 threat actors (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) have switched to targeting cloud […]


Editorial

Tackling Healthcare Cyber Threats in 2024

February 27, 2024

Via: Mary Gamet

Healthcare cybersecurity is a significant concern for organizations in the industry due to regulations like HIPAA, HITECH Act, and PHI. In 2022, Check Point Research counted 1463 cyberattacks on a weekly average. That is a 74% increase from 2021. US […]


Data loss, Threats & Malware

Wyze admits 13,000 users could have viewed strangers’ camera feeds

February 20, 2024

Via: The Register

Smart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]


Application security, Security

OpenAI, Microsoft Disrupt Nation-State Actors’ Malicious Use of AI

February 20, 2024

Via: SecureWorld

OpenAI and Microsoft recently collaborated to identify and disrupt several nation-state actors who were attempting to use AI services for malicious cyber activities. According to Microsoft, the disrupted threat actors were affiliated with China, Iran, North Korea, and Russia. Their […]


Cyber-crime, Malware

U.S., U.K. Authorities Take Down Notorious LockBit Ransomware Operation

February 20, 2024

Via: SecureWorld

In a massive coordinated effort, law enforcement agencies from the United States and United Kingdom have dismantled the infrastructure of the notorious LockBit ransomware gang. LockBit has been linked to more than $100 million in ransom payments from victims across […]


Threats & Malware, Vulnerabilities

Zoom stomps critical privilege escalation bug plus 6 other flaws

February 15, 2024

Via: The Register

Video conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a critical privilege escalation flaw. Tracked as CVE-2024-24691 with a CVSS score of 9.6, Zoom says the vulnerability may enable privilege escalation […]


Cyber-crime, Malware

Bumblebee malware wakes from hibernation, forgets what year it is, attacks with macros

February 14, 2024

Via: The Register

The Bumblebee malware loader seemingly vanished from the internet last October, but it’s back and – oddly – relying on a vintage vector to try and gain access. First spotted in 2022 by researchers at Proofpoint – who identified it […]


Threats & Malware, Virus & Malware

China’s Volt Typhoon spies broke into emergency network of ‘large’ US city

February 14, 2024

Via: The Register

The Chinese government’s Volt Typhoon spy team has apparently already compromised a large US city’s emergency services network and has been spotted snooping around America’s telecommunications’ providers as well. According to a report on Tuesday by industrial cybersecurity biz Dragos, […]