Threats & Malware, Vulnerabilities
April 19, 2024
Via: TechRadarTraditional cybersecurity is laser-focused on incident detection and response. In other words, it’s built around a Security Operations Centre (SOC). That’s no bad thing in itself. Read between the lines, however, and that assumes we’re waiting on the threats to […]
April 11, 2024
Via: TechRadarPasswords serve as the first line of defense against data breaches, yet individuals often exhibit poor habits when it comes to selecting or updating their passwords regularly. Despite widespread requirements for secure passwords across applications and websites, research indicates that […]
February 28, 2024
Via: SecureWorldIn a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]
February 27, 2024
Via: The RegisterAfter ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]
February 27, 2024
Via: Security AffairsA joint advisory issued by cybersecurity agencies of Five Eyes (US, UK, Australia, Canada and New Zealand) warns that Russia-linked APT29 threat actors (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) have switched to targeting cloud […]
February 27, 2024
Via: Mary GametHealthcare cybersecurity is a significant concern for organizations in the industry due to regulations like HIPAA, HITECH Act, and PHI. In 2022, Check Point Research counted 1463 cyberattacks on a weekly average. That is a 74% increase from 2021. US […]
February 20, 2024
Via: The RegisterSmart home security camera slinger Wyze is telling customers that a cybersecurity “incident” allowed thousands of users to see other people’s camera feeds. Thanks to a helpful Reg reader who sent a customer email over to us, we know that […]
Application security, Security
February 20, 2024
Via: SecureWorldOpenAI and Microsoft recently collaborated to identify and disrupt several nation-state actors who were attempting to use AI services for malicious cyber activities. According to Microsoft, the disrupted threat actors were affiliated with China, Iran, North Korea, and Russia. Their […]
February 20, 2024
Via: SecureWorldIn a massive coordinated effort, law enforcement agencies from the United States and United Kingdom have dismantled the infrastructure of the notorious LockBit ransomware gang. LockBit has been linked to more than $100 million in ransom payments from victims across […]
Threats & Malware, Vulnerabilities
February 15, 2024
Via: The RegisterVideo conferencing giant Zoom today opened up about a fresh batch of security vulnerabilities affecting its products, including a critical privilege escalation flaw. Tracked as CVE-2024-24691 with a CVSS score of 9.6, Zoom says the vulnerability may enable privilege escalation […]
February 14, 2024
Via: The RegisterThe Bumblebee malware loader seemingly vanished from the internet last October, but it’s back and – oddly – relying on a vintage vector to try and gain access. First spotted in 2022 by researchers at Proofpoint – who identified it […]
Threats & Malware, Virus & Malware
February 14, 2024
Via: The RegisterThe Chinese government’s Volt Typhoon spy team has apparently already compromised a large US city’s emergency services network and has been spotted snooping around America’s telecommunications’ providers as well. According to a report on Tuesday by industrial cybersecurity biz Dragos, […]
Threats & Malware, Virus & Malware
February 14, 2024
Via: The RegisterPrudential Financial, the second largest life insurance company in the US and eight largest worldwide, is dealing with a digital break-in that exposed some internal company and customer records to a criminal group. The Fortune Global 500 and Fortune 500 […]
February 14, 2024
Via: The RegisterOpenAI has shut down five accounts it asserts were used by government agents to generate phishing emails and malicious software scripts as well as research ways to evade malware detection. Specifically, China, Iran, Russia, and North Korea were apparently “querying […]
February 13, 2024
Via: The RegisterThe number of senior business executives stymied by an ongoing phishing campaign continues to rise with cybercriminals registering hundreds of cloud account takeovers (ATOs) since spinning it up in November. Researchers from Proofpoint listed many C-suite roles as prime targets […]
Data loss, Network security, Threats & Malware
February 12, 2024
Via: The RegisterWillis Lease Finance Corporation has admitted to US regulators that it fell prey to a “cybersecurity incident” after data purportedly stolen from the biz was posted to the Black Basta ransomware group’s leak blog. The form 8-K filed with the […]
February 12, 2024
Via: The RegisterThe Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can’t figure out whether members’ data was stolen. According to an update shared with members late last […]
February 12, 2024
Via: The RegisterNearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week. Payments outfits Viamedis and Almerys both experienced breaches of their […]
Threats & Malware, Vulnerabilities
February 9, 2024
Via: The RegisterWe’ve had to write the word “Fortinet” so often lately that we’re considering making a macro just to make our lives a little easier after what the company’s reps will surely agree has been a week sent from hell. It […]
Threats & Malware, Vulnerabilities
February 8, 2024
Via: The RegisterResearchers suspect the criminals behind the Raspberry Robin malware are now buying exploits for speedier cyberattacks. An exploit developer is thought by infosec pros to be either on the Raspberry Robin payroll or a close contact that sells them to […]