Top

Tag: Cybersecurity


Network security, Security

Government Shutdown Could Severely Impact U.S. Cybersecurity

September 29, 2023

Via: Security Affairs

As the clock ticks down to another potential shutdown of the U.S. federal government, concerns are mounting over the impact such an event could have on the cybersecurity of the United States. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), […]


Threats & Malware, Vulnerabilities

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

September 29, 2023

Via: Security Affairs

US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it […]


Network security, Security

Norton Small Business wants to keep your start-up safe from security threats

September 28, 2023

Via: TechRadar

Cybersecurity powerhouse Norton has just announced a new security suite aimed purely at small and medium-sized businesses (SMB). The company says Norton Small Business can offer SMBs the same level of security enjoyed by large enterprises, without needing a separate […]


Cyber-crime, Malware

Exela Stealer malware uses Discord to steal Windows users data

September 27, 2023

Via: TechRadar

Cybersecurity researchers Cyble have recently uncovered a new malware strain for Windows, capable of stealing sensitive data from infected devices. # The malware is called Exela, and apparently, it’s using Discord to deliver the stolen information to its operators. The […]


Cyber-crime, Malware

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

September 27, 2023

Via: Security Affairs

Following the recently announced data leak from Sony, the notorious ransomware syndicate Ransomed.vc announced a new victim today in face of the largest Japanese telecommunication giant NTT Docomo. Notably, the announcement came almost synchronously with the publication of the new […]


Data loss, Threats & Malware

Many firms aren’t reporting breaches to the proper authorities

September 26, 2023

Via: TechRadar

A concerning amount of companies are pretty woeful in reporting the cyberattacks and breaches they suffer, both internally and externally. Research conducted by Keeper Security found that nearly half (48%) of the IT and security leaders it surveyed that have […]


Network security, Security

Balancing cybersecurity with convenience and progress

September 25, 2023

Via: Help Net Security

Changing approaches to cybersecurity have led to slow but steady progress in defense and protection. Still, competing interests create a growing challenge for cybersecurity decision makers and practitioners, according to CompTIA. The state of cybersecurity Most business and technology professionals […]


Mobile, Mobile security

Code alterations more prevalent in Android apps than iOS

September 22, 2023

Via: Help Net Security

57% of all monitored apps are under attack, with gaming (63%) and FinServ (62%) apps facing the highest risk, according to Digital.ai. The study found no correlation between an app’s popularity and likelihood of being attacked but found Android apps […]


Network security, Security

Cisco spends $28B on data cruncher Splunk in cybersecurity push

September 21, 2023

Via: The Register

Cisco is making its most expensive acquisition ever – by far – with an announcement it’s buying data crunching software firm Splunk for $157 per share, or approximately $28 billion (£22.8b). The transaction, which Cisco said it expects to close […]


Cyber warfare, Cyber-crime

International Criminal Court hit in cyber-attack amid Russia war crimes probe

September 20, 2023

Via: The Register

The International Criminal Court said crooks breached its IT systems last week, and that attack isn’t over yet, with the ICC saying the “cybersecurity incident” is still ongoing. In a statement shared via the site formerly known as Twitter, the […]


Data loss, Threats & Malware

The Clorox Company admits cyberattack causing ‘widescale disruption’

September 19, 2023

Via: The Register

The Clorox Company, makers of bleach and other household cleaning products, doesn’t expect operations to return to normal until near month end as it combs over “widescale disruption to operations” caused by cyber baddies. The $2 billion turnover biz, whose […]


Threats & Malware, Virus & Malware

New cryptojacking attacks target uncommon AWS instances

September 19, 2023

Via: TechRadar

Cybersecurity researchers from Sysdig recently uncovered a new cryptojacking campaign that targeted uncommon Amazon Web Services (AWS) services. Cryptojacking is a type of cyberattack in which the threat actor secretly installs a cryptocurrency miner on a target endpoint. While not […]


Network security, Security

Former CIO accuses Penn State of faking cybersecurity compliance

September 18, 2023

Via: The Register

Last October, Pennsylvania State University (Penn State) was sued by a former chief information officer for allegedly falsifying government security compliance reports. The lawsuit, recently unsealed, is a qui tam complaint (in Latin “who as well,”) meaning it was filed […]


Data loss, Threats & Malware

GAO Report Reveals IRS’s Limited Control Over Taxpayer Data Handling

September 18, 2023

Via: SecureWorld

The U.S. Internal Revenue Service (IRS) is entrusted with the vital responsibility of safeguarding sensitive taxpayer information. Recent incidents of potential unauthorized access to or disclosure of this data have raised concerns and prompted a thorough review by the Government […]


Cloud security, Security

Cloud changes are to blame for nearly all cyber-attacks

September 18, 2023

Via: TechRadar

Of all the vulnerabilities an organization’s system has, the majority sit within its cloud environment, a new report from cybersecurity researchers Unit 42, part of Palo Alto Networks, has found. As per the report, four in five (80%) of all […]


Cloud security, Security

Netskope joins MXDR by Deloitte to expand strategic alliance

September 12, 2023

Via: Help Net Security

Netskope has unveiled that its existing strategic alliance with Deloitte has expanded with the addition of Netskope to the Managed Extended Detection and Response (MXDR) by Deloitte platform. The new Netskope module on MXDR by Deloitte will include advanced cloud […]


Threats & Malware, Vulnerabilities

CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities

September 8, 2023

Via: The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. “Nation-state advanced […]


Network security, Security

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024

September 7, 2023

Via: The Hacker News

By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity […]


Threats & Malware, Virus & Malware

Researchers Warn of Cyber Weapons Used by Lazarus Group’s Andariel Cluster

September 5, 2023

Via: The Hacker News

The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there […]


Editorial

Security for Smart Vehicles: Safeguarding the Automotive Industry’s Digital Evolution

August 31, 2023

Via: Rassell Neal

As with every other industry, the automotive sector has seen a massive uptick in cyberthreats since its digital transformation started to pick up pace. The incorporation of Internet of Things (IoT) devices, infotainment systems, autonomous driving, and other connected technologies […]