EU Council adopts NIS2 directive to harmonize cybersecurity across member statesThe Council of the European Union (EU) has adopted a new cybersecurity directive designed to improve...
Month: December 2022
The Value of Old Systems
The Value of Old SystemsOld technology solutions – every organization has a few of them tucked away somewhere. It could be an old and unsupported storage...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News heimdalsecurity
Meta Received A $275 Million Fine Following the 2021 Massive Data Leak
Meta Received A $275 Million Fine Following the 2021 Massive Data LeakThe investigation into the 2021 massive Facebook data breach resulted in a $275.5 Million fine...
Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQL
Researchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQLIBM has fixed a high-severity security vulnerability affecting its Cloud Databases (ICD) for PostgreSQL product that could...
Website offering spoofing services taken offline after joint operation
Website offering spoofing services taken offline after joint operationJudicial and law enforcement authorities in Europe, Australia, the US, Ukraine, and Canada took down a so-called spoofing...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News Security Boulevard
Russia Hit by New ‘CryWiper’ — Fake Ransomware
Russia Hit by New ‘CryWiper’ — Fake Ransomware A new wiper malware is destroying data on Russian government PCs. Dubbed CryWiper, it pretends to be ransomware. The...
Hackers Sign Android Malware Apps with Compromised Platform Certificates
Hackers Sign Android Malware Apps with Compromised Platform CertificatesPlatform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek have been found to be abused...
CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCs
CISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week released an Industrial Control Systems (ICS) advisory...
ICYMI: Significant Changes to NYDFS Cybersecurity Regulations
ICYMI: Significant Changes to NYDFS Cybersecurity RegulationsReading Time: 7 minutes In March 2017, the first iteration of The New York Department of Financial Services (NYDFS) Cybersecurity...
Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 410’
Robert M. Lee’s & Jeff Haas’ Little Bobby Comic – ‘WEEK 410’ via the respected security expertise of Robert M. Lee and the superlative illustration talents...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Hacker News
Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD SystemsThe maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting...
AWS releases Wickr, its encrypted messaging service for enterprises
AWS releases Wickr, its encrypted messaging service for enterprisesThe release of the enterprise version of the encrypted messaging service, announced at AWS re:Invent, is designed to...
Happy Holidays!
Happy Holidays! Dear blog readers, It's been a while since I've last posted a high-quality personal message on my personal blog but the first thing that...
Zero-Day Exploit Prices for Signal Messaging App Are Skyrocketing
Zero-Day Exploit Prices for Signal Messaging App Are SkyrocketingOpZero, a new exploit broker company based in Petersburg, Russia, tripled Zerodium’s offer for an eventual Signal RCE...
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day VulnerabilitySearch giant Google on Friday released an out-of-band security update to fix a new...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Hacker News
When Being Attractive Gets Risky – How Does Your Attack Surface Look to an Attacker?
When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker?In the era of digitization and ever-changing business needs, the production environment...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad CSOonline Cyber Security News Global
Financial services increasingly targeted for API-based cyberattacks
Financial services increasingly targeted for API-based cyberattacksA report published Monday by cloud services and CDN (content delivery network) platform Akamai said that the financial services industry...
SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars
SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected CarsCybersecurity researchers have discovered a security vulnerability that exposes cars from Honda, Nissan, Infiniti, and Acura to...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News Security Boulevard
Organizations Face Barrage of Holiday Ransomware Attacks
Organizations Face Barrage of Holiday Ransomware Attacks Many organizations remain unprepared to handle a ransomware attack on a holiday or weekend, as they continue to operate...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News The Hacker News
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps
North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency AppsThe Lazarus Group threat actor has been observed leveraging fake cryptocurrency apps as a lure to deliver...
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks Cyber Security News The Hacker News
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers
New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of ManufacturersThree different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software...
Industry Coalition Urges Congress to Hold off on SBOM Requirements for Defense Contractors
Industry Coalition Urges Congress to Hold off on SBOM Requirements for Defense ContractorsThe coalition outlined the need to refine SBOM requirements before making it an obligation...
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks Cyber Security News Security Boulevard
Flaw in Aged Boa Web Server Threatens Supply Chain
Flaw in Aged Boa Web Server Threatens Supply Chain Microsoft may have retired the Boa web server in 2005, but that hasn’t stopped widespread use—and now...
How to build a public profile as a cybersecurity pro
How to build a public profile as a cybersecurity proCybersecurity professionals interested in raising their profiles as subject matter experts can count on social media to...
Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware
Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as RansomwareA new data wiper malware called CryWiper has been found targeting Russian government agencies, including mayor's offices...
Can you be phished in Slack?
Can you be phished in Slack?Is Slack a trusted platform for communication? The short answer is yes. The longer answer is that you should always be...
The CHRISTMA EXEC network worm – 35 years and counting!
The CHRISTMA EXEC network worm – 35 years and counting!"Uh-oh, this viruses-and-worms scene could turn out quite troublesome." If only we'd been wrong...Leer másNaked Security"Uh-oh, this...
S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]
S3 Ep111: The business risk of a sleazy “nudity unfilter” [Audio + Text]Latest episode - listen now (or read if you prefer)...Leer másNaked SecurityLatest episode -...
The FBI Says This Ransomware Scam in Cuba Raked in $60 Million From Over 100 Victims
The FBI Says This Ransomware Scam in Cuba Raked in $60 Million From Over 100 VictimsThe FBI and CISA revealed in a new joint security advisory...
0 - CT 0 - CT - Cybersecurity Architecture - Network Security 0 - CT - Cybersecurity Architecture - Perimeter Security CSOonline Cyber Security News Global
BrandPost: SASE: The Only Way to Improve Network Security Without Added Complexity
BrandPost: SASE: The Only Way to Improve Network Security Without Added ComplexityBy: Mike Spanbauer, Field CTO, Security at Juniper Networks The future of network security has a...