Top

Privacy protection, Security

Chinese ‘connected’ cars are a national security threat, says Biden

February 29, 2024

Via: The Register

Concerned over the chance that Chinese-made cars could pose a future threat to national security, Biden’s administration is proposing plans to probe potential threats posed by “connected” vehicles made in the Middle Kingdom. In a statement this morning, the US […]


Privacy protection, Security

Meta’s pay-or-consent model hides ‘massive illegal data processing ops’: lawsuit

February 29, 2024

Via: The Register

Consumer groups are filing legal complaints in the EU in a coordinated attempt to use data protection law to stop Meta from giving local users a “fake choice” between paying up and consenting to being profiled and tracked via data […]


Cyber warfare, Cyber-crime

Uncle Sam tells nosy nations to keep their hands off Americans’ personal data

February 28, 2024

Via: The Register

US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans’ sensitive personal information and government-related data to adversarial countries including China and Russia. In addition to the executive […]


Hacker, Threats & Malware

LockBit Bounces Back Shortly After Takedown and Police Trolling

February 28, 2024

Via: SecureWorld

In a coordinated international law enforcement operation on February 19, the notorious LockBit ransomware gang had its Dark Web infrastructure seized by authorities. LockBit is accused of extorting hundreds of companies and organizations globally by encrypting their data and demanding […]


Cyber-crime, Malware

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

February 28, 2024

Via: Security Affairs

The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations […]


Email security, Security

Unmasking 2024’s Email Security Landscape

February 28, 2024

Via: Security Affairs

In the ever-shifting digital arena, staying ahead of evolving threat trends is paramount for organizations aiming to safeguard their assets. Amidst this dynamic landscape, email stands as a primary battleground for cyber defense. VIPRE Security Group’s latest report, “Email Security […]


Threats & Malware, Virus & Malware

China warns of fake digital currency wallets fleecing netizens

February 27, 2024

Via: The Register

China’s Ministry of Industry and Information Technology has warned local netizens that fake wallet apps for the nation’s central bank digital currency (CBDC) are already circulating and being abused by scammers. The digital renminbi – aka the e-Yuan or e-CNY […]


Network security, Security

Broadcom builds a better SASE out of VMware VeloCloud and Symantec

February 27, 2024

Via: The Register

Broadcom has delivered on its 2023 teaser of integration between VMware’s SD-WAN and Symantec’s Security Service Edge, by today debuting the “VMware VeloCloud SASE, Secured by Symantec” at Mobile World Congress in Barcelona. The Symantec Security Service Edge is already […]


Network security, Security

NIST updates Cybersecurity Framework after a decade of lessons

February 27, 2024

Via: The Register

After ten years operating under the original model, and two years working to revise it, the National Institute of Standards and Technology (NIST) has released version 2.0 of its Cybersecurity Framework (CSF). Unlike the original, which was designed with critical […]


Cloud security, Security

Russia-linked APT29 switched to targeting cloud services

February 27, 2024

Via: Security Affairs

A joint advisory issued by cybersecurity agencies of Five Eyes (US, UK, Australia, Canada and New Zealand) warns that Russia-linked APT29 threat actors (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) have switched to targeting cloud […]


Editorial

Tackling Healthcare Cyber Threats in 2024

February 27, 2024

Via: Mary Gamet

Healthcare cybersecurity is a significant concern for organizations in the industry due to regulations like HIPAA, HITECH Act, and PHI. In 2022, Check Point Research counted 1463 cyberattacks on a weekly average. That is a 74% increase from 2021. US […]


Access control, Security

Data watchdog tells off outsourcing giant for scanning staff biometrics despite ‘power imbalance’

February 26, 2024

Via: The Register

A data protection watchdog in the UK has issued an enforcement notice to stop Serco from using facial recognition tech and fingerprint scanning to monitor staff at 38 leisure centers it runs. During an investigation, the Information Commissioner’s Office, Britain’s […]


Privacy protection, Security

Bitdefender Cryptomining Protection detects malicious cryptojacking attempts

February 26, 2024

Via: Help Net Security

Bitdefender announced Cryptomining Protection, a cryptomining management feature that allows users to both protect against malicious cryptojacking and manage their own legitimate cyptomining initiatives on their Windows PCs. According to a 2023 report, cryptojacking attacks have increased nearly 400% year […]


Cyber-crime, Malware

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

February 23, 2024

Via: DataBreach Today

Expect attackers to continue refining their tactics for maximizing profits via a grab bag of the same strategies, including forcibly encrypting systems and charging for a decryptor, stealing data and threatening to dump it, creating scary public personae, or a […]


Network security, Security

AT&T Says the Outage to Its US Cellphone Network Was Not Caused by a Cyberattack

February 23, 2024

Via: Security Week

The outage knocked out cellphone service for thousands of its users across the U.S. starting early Thursday before it was restored. AT&T blamed the incident on an error in coding, without elaborating. “Based on our initial review, we believe that […]


Data loss, Threats & Malware

Giant leak reveals Chinese infosec vendor I-Soon is one of Beijing’s cyber-attackers for hire

February 22, 2024

Via: The Register

A cache of stolen documents posted to GitHub appears to reveal how a Chinese infosec vendor named I-Soon offers rent-a-hacker services for Beijing. The trove appeared on GitHub last week and contains hundreds of documents documenting I-Soon’s activities. Analysis of […]


Application security, Security

Apple Strengthens iMessage Security with Post-Quantum Encryption

February 22, 2024

Via: SecureWorld

Apple announced this week that it is implementing post-quantum cryptography in its iMessage platform to protect against potential future attacks powered by quantum computers. The new encryption protocol, called PQ3, will roll out later this year. According to an Apple […]


Threats & Malware, Virus & Malware

LockBit registered nearly 200 “affiliates” over the past two years

February 22, 2024

Via: Tech Xplore

More information about the business operations of the LockBit ransomware gang have emerged, a day after the UK National Crime Agency (NCA) and partners were able to apparently disrupt the group and deface its leak site. According to The Register, […]


Threats & Malware, Vulnerabilities

Multiple XSS flaws in Joomla can lead to remote code execution

February 22, 2024

Via: Security Affairs

The maintainers of the Joomla! Project released Joomla 5.0.3 and 4.4.3 versions that addressed the following vulnerabilities in the popular content management system (CMS): [20240201] –CVE-2024-21722 Core – Insufficient session expiration in MFA management views: The MFA management features did […]


Network security, Security

A common goal for European cyber security

February 21, 2024

Via: The Register

It was growing threat levels and an increase in reported cybersecurity attacks since digitalization which pushed the European Union to introduce the original Network and Information Security (NIS) Directive in 2016. The rules at the time went some way towards […]