Cybersecurity Insights with Contrast CISO David Lindner | 3/31 Insight #1 " Microsoft Security Copilot, a generative AI approach to helping secure your systems was announced...
Month: March 2023
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0CISO2CISO Cyber Security News Security Boulevard
3CX VoIP Desktop Application Supply Chain Attack
3CX VoIP Desktop Application Supply Chain AttackThreat Summary The 3CX DesktopApp is a voice and video conferencing software developed by 3CX – a widely used application,...
Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea
Post-Conference Tech Spec: Why Building Your Ship (Application) with Raw Materials is a Bad Idea The post Post-Conference Tech Spec: Why Building Your Ship (Application)...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware 0CISO2CISO Cyber Security News The Register
AlienFox malware caught in the cloud hen house
AlienFox malware caught in the cloud hen houseMalicious toolkit targets misconfigured hosts in AWS and Office 365 A fast-evolving toolkit that can be used to compromise...
Azure blunder left Bing results editable, MS 365 accounts potentially exposed
Azure blunder left Bing results editable, MS 365 accounts potentially exposed'BingBang' boo-boo affected other internal Microsoft apps, too An Azure Active Directory (AAD) misconfiguration by Microsoft...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad 0CISO2CISO Cyber Security News The Register
Leaked IT contractor files detail Kremlin’s stockpile of cyber-weapons
Leaked IT contractor files detail Kremlin's stockpile of cyber-weaponsSnowden-esque 'Vulkan' dossier links Moscow firm to FSB, GRU, SRV An unidentified whistleblower has provided several media organizations...
Pro-Russia cyber gang Winter Vivern puts US, Euro lawmakers in line of fire
Pro-Russia cyber gang Winter Vivern puts US, Euro lawmakers in line of fireWinter is coming for NATO countries A cyber spy gang supporting Russia is targeting...
NHS Highland ‘reprimanded’ by data watchdog for BCC blunder with HIV patients
NHS Highland 'reprimanded' by data watchdog for BCC blunder with HIV patients'Serious breach of trust' says ICO, 'stakes too high' for mistakes in cases like this...
Psst! Infosec bigwigs: Wanna be head of security at HM Treasury for £50k?
Psst! Infosec bigwigs: Wanna be head of security at HM Treasury for £50k?Juicy private sector job vs … money off a season travel ticket Given the...
Italian privacy regulator bans ChatGPT over collection, storage of personal data
Italian privacy regulator bans ChatGPT over collection, storage of personal dataItaly’s data privacy regulator has banned ChatGPT over alleged privacy violations relating to the chatbot’s collection...
0 - CT 0 - CT - Cybersecurity Architecture - Mobile & 5G Security 0CISO2CISO CSOonline Cyber Security News Global
Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystem
Spyware vendors use exploit chains to take advantage of patch delays in mobile ecosystemSeveral commercial spyware vendors developed and used zero-day exploits against iOS and Android...
ESET Research Podcast: A year of fighting rockets, soldiers, and wipers in Ukraine
ESET Research Podcast: A year of fighting rockets, soldiers, and wipers in UkraineESET experts share their insights on the cyber-elements of the first year of the war...
World Backup Day: Avoiding a data disaster is a forever topic
World Backup Day: Avoiding a data disaster is a forever topic By failing to prepare you are preparing to fail. Make sure you're able to bounce back...
Ukrainian Police Bust Multimillion-Dollar Phishing Gang
Ukrainian Police Bust Multimillion-Dollar Phishing GangMore than 100 sites created to lure European victimsRead MoreMore than 100 sites created to lure European victims
GCHQ Updates Security Guidance for Boards
GCHQ Updates Security Guidance for BoardsAgency wants business leaders to get serious about cyberRead MoreAgency wants business leaders to get serious about cyber
UK Regulator: HIV Data Protection Must Improve
UK Regulator: HIV Data Protection Must ImproveICO issues call after reprimanding NHS HighlandRead MoreICO issues call after reprimanding NHS Highland
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0CISO2CISO Cyber Security News Info Security Magazine
New Azure Flaw “Super FabriXss” Enables Remote Code Execution Attacks
New Azure Flaw "Super FabriXss" Enables Remote Code Execution AttacksThe cross-site scripting flaw affects SFX version 9.1.1436.9590 or earlier and has a CVSS of 8.2Read MoreThe...
Modular “AlienFox” Toolkit Used to Steal Cloud Service Credentials
Modular "AlienFox" Toolkit Used to Steal Cloud Service CredentialsHarvesting API keys and secrets from AWS SES, Microsoft Office 365 and other servicesRead MoreHarvesting API keys and...
Italy’s Privacy Watchdog Blocks ChatGPT Amid Privacy Concerns
Italy's Privacy Watchdog Blocks ChatGPT Amid Privacy ConcernsGPDP probe is due to allegations that ChatGPT failed to comply with data collection rulesRead MoreGPDP probe is due...
Russian APT group Winter Vivern targets email portals of NATO and diplomats
Russian APT group Winter Vivern targets email portals of NATO and diplomatsRussian hacking group Winter Vivern has been actively exploiting Zimbra flaws to steal the emails...
Cyber Police of Ukraine arrested members of a gang that defrauded EU citizens of $4.33M
Cyber Police of Ukraine arrested members of a gang that defrauded EU citizens of $4.33MThe Cyber Police of Ukraine, with law enforcement officials from Czechia, has...
The UK Government Shares New Strategy to Boost NHS Cybersecurity by 2030
The UK Government Shares New Strategy to Boost NHS Cybersecurity by 2030The Department of Health and Social Care has established a cyber security program aimed at...
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0CISO2CISO Cyber Security News heimdalsecurity
Warning: Threat Actors Compromise 3CX Desktop App in a Supply Chain Attack
Warning: Threat Actors Compromise 3CX Desktop App in a Supply Chain AttackAn ongoing supply chain attack allegedly uses a digitally signed and trojanized variant of the...
Best Practices for Effective Identity Lifecycle Management (ILM)
Best Practices for Effective Identity Lifecycle Management (ILM)In today’s fast-paced world, identity management has become a crucial aspect of every organization. From securing sensitive data to...
Smart Grid Fragility, a Constant Threat for the European and American Way of Living
Smart Grid Fragility, a Constant Threat for the European and American Way of LivingIn today’s world, a multitude of smart devices helps us to improve our...
Ukrainian Authorities Stop a Phishing Scam Worth $4.3 million
Ukrainian Authorities Stop a Phishing Scam Worth $4.3 millionUkraine’s Cyberpolice Department announced an operation during which they busted a phishing gang. The police arrested two scammers...
NATO and Diplomats’ Email Portals Targeted by Russian APT Winter Vivern
NATO and Diplomats’ Email Portals Targeted by Russian APT Winter VivernWinter Vivern (aka TA473), a Russian hacking group, has been exploiting vulnerabilities (CVE-2022-27926) in unpatched Zimbra...
0 - CT 0 - CT - CISO Strategics - Supply Chain & Supply Chain Attacks 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0CISO2CISO Cyber Security News socprime
3CXDesktopApp Supply Chain Attack Detection: Active Intrusion Campaign Targeting Millions of 3CX Customers
3CXDesktopApp Supply Chain Attack Detection: Active Intrusion Campaign Targeting Millions of 3CX Customers Cybersecurity experts have uncovered an ongoing adversary campaign exploiting 3CXDesktopApp, a software application...
Hack the Pentagon website promotes the benefits of bug bounties to US Military
Hack the Pentagon website promotes the benefits of bug bounties to US MilitaryMy guess is that if you stumbled across a website that called itself "Hack...
Fighting mercenaries with the Cybersecurity Tech Accord
Fighting mercenaries with the Cybersecurity Tech AccordTrend Micro co-Authors Cyber Mercenary Principles to help guide the technology industry and others in dealing with the growing market...