Stuxnet explained: The first known cyberweaponWhat is Stuxnet? Stuxnet is a powerful computer worm designed by U.S. and Israeli intelligence that to disable a key part...
Month: September 2022
Resolving conflicts between security best practices and compliance mandates
Resolving conflicts between security best practices and compliance mandatesSo, you read a great tip on the internet and think it would improve your security posture. Before...
Women in cybersecurity form non-profit organization The Forte Group
Women in cybersecurity form non-profit organization The Forte GroupA group of over 90 women working in cybersecurity roles have formed The Forte Group, a non-profit organization...
0 - CT 0 - CT - CISO Strategics - Risk & Compliance 0 - CT - Cybersecurity Vendors - Palo Alto Networks CSOonline Cyber Security News Global
Palo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solution
Palo Alto adds new SaaS compliance, threat prevention, URL filtering features to Prisma solutionCybersecurity vendor Palo Alto Networks has announced new updates to its Prisma Secure...
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million Attempts
Hackers Exploit Zero-Day in WordPress BackupBuddy Plugin in ~5 Million AttemptsA zero-day flaw in a WordPress plugin called BackupBuddy is being actively exploited, WordPress security company Wordfence has...
New Vulnerabilities Reported in Baxter’s Internet-Connected Infusion Pumps
New Vulnerabilities Reported in Baxter's Internet-Connected Infusion PumpsMultiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to...
Intro to MongoDB’s queryable encryption
Intro to MongoDB’s queryable encryptionQueryable encryption was the main attraction at MongoDB World 2022, for understandable reasons. It introduces a unique capability to reduce the attack...
Dashlane launches integrated passkey support for password manager with new in-browser passkey solution
Dashlane launches integrated passkey support for password manager with new in-browser passkey solutionPassword management vendor Dashlane has announced the introduction of integrated passkey support in its...
Remediant wants to move beyond PAM to secure enterprise networks
Remediant wants to move beyond PAM to secure enterprise networksSecurity software provider Remediant wants to move beyond basic privileged access management (PAM) to help CSOs secure...
Ragnar Locker continues trend of ransomware targeting energy sector
Ragnar Locker continues trend of ransomware targeting energy sectorThe recent attack on Greece’s largest natural gas transmission operator DESFA by ransomware gang Ragnar Locker is the...
Apple pushes out emergency updates to address zero-day exploits
Apple pushes out emergency updates to address zero-day exploitsApple has encouraged users of older mobile and desktop devices to update their software ASAP, as a vulnerability...
OpenSSF releases npm best practices to help developers tackle open-source dependency risks
OpenSSF releases npm best practices to help developers tackle open-source dependency risksThe Open Source Security Foundation (OpenSSF) has released the npm Best Practices Guide to help...
Top 12 managed detection and response solutions
Top 12 managed detection and response solutionsOf all foundational elements for information security, logging requires far more care and feeding than its fellow cornerstones such as...
How Azure Active Directory opens new authentication risks
How Azure Active Directory opens new authentication risksIt's been common knowledge for years that local Windows Active Directory networks are vulnerable to NTLM relay and pass-the-hash...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad CSOonline Cyber Security News Global
Samsung reports second data breach in 6 months
Samsung reports second data breach in 6 monthsSamsung has opened up about a data breach it detected on or around August 4, affecting the personal information...
The Heartbleed bug: How a flaw in OpenSSL caused a security crisis
The Heartbleed bug: How a flaw in OpenSSL caused a security crisisWhat is Heartbleed? Heartbleed is a vulnerability in OpenSSL that came to light in April...
‘DangerousSavanna’ Hackers Targeted Financial Institutions in Africa For Two Years
'DangerousSavanna' Hackers Targeted Financial Institutions in Africa For Two YearsThe campaign relied on spearphishing techniques to initiate infection chainsLeer másThe campaign relied on spearphishing techniques to...
Ukraine Shutters Two More Russian Bot Farms
Ukraine Shutters Two More Russian Bot FarmsFacilities used to spread Russian disinformationLeer másFacilities used to spread Russian disinformation
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News Info Security Magazine
NATO-Member Albania Cut Ties With Iran Over Cyber-Attack
NATO-Member Albania Cut Ties With Iran Over Cyber-AttackTehran denied any link, claiming Tirana’s action was “based on such baseless claims”Leer másTehran denied any link, claiming Tirana’s...
The North Face Warns of Major Credential Stuffing Campaign
The North Face Warns of Major Credential Stuffing CampaignApparel giant detects unusual activity on accountsLeer másApparel giant detects unusual activity on accounts
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware CSOonline Cyber Security News Global
Ransomware attacks on retailers rose 75% in 2021
Ransomware attacks on retailers rose 75% in 2021Retailers are fast becoming the favorite targets for ransomware criminals, with two out of three companies in the sector...
A Pocket Guide to FAIR
A Pocket Guide to FAIR FAIR, short for Factor Analysis of Information Risk, is a risk quantification methodology founded to help businesses evaluate information risks. FAIR...
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset
North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolsetSecurity researchers have discovered a new remote access Trojan (RAT) being used in attack...
Researchers Reveal New Iranian Threat Group APT42
Researchers Reveal New Iranian Threat Group APT42Group has been active since at least 2015Leer másGroup has been active since at least 2015
How Governments Request Your Data From Service Providers
How Governments Request Your Data From Service Providers A recently-released Surfshark report looked into global inquiries into the activities of specific accounts made by governments to...
Darktrace’s Share Value Plummets as Thoma Bravo Buyout Falls Through
Darktrace's Share Value Plummets as Thoma Bravo Buyout Falls ThroughThe buyout fell through hours before the UK company said that millions of pounds in revenue had...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News Info Security Magazine
Ransomware Campaigns Linked to Iranian Govt’s DEV-0270 Hackers
Ransomware Campaigns Linked to Iranian Govt's DEV-0270 HackersDEV-0270 leverages exploits for newly disclosed vulnerabilities to gain access to devicesLeer másDEV-0270 leverages exploits for newly disclosed vulnerabilities...
Over 10% of Enterprise IT Assets Found Missing Endpoint Protection
Over 10% of Enterprise IT Assets Found Missing Endpoint ProtectionThe document analyzes data aggregated from visibility into more than 500,000 IT assetsLeer másThe document analyzes data...
Rapid7 Discusses SIGMA Spectrum Infusion Pump and WiFi Battery Vulnerabilities
Rapid7 Discusses SIGMA Spectrum Infusion Pump and WiFi Battery VulnerabilitiesThe vulnerabilities, now fixed, allowed for a potential man in the middle attackLeer másThe vulnerabilities, now fixed,...
Toys behaving badly: How parents can protect their family from IoT threats
Toys behaving badly: How parents can protect their family from IoT threatsIt pays to do some research before taking a leap into the world of internet-connected...