Two U.S. Men Charged in 2022 Hacking of DEA PortalTwo U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal...
Day: March 15, 2023
India floats idea of dedicated tribunal to handle online offences
India floats idea of dedicated tribunal to handle online offencesConsultation for the long-awaited Digital India Act is finally under way although the draft law's still not...
Microsoft squashes Windows bug exploited to inflict ransomware misery
Microsoft squashes Windows bug exploited to inflict ransomware miseryNot-so-smart SmartScreen flagged up by Googlers Criminals are exploiting a Microsoft SmartScreen bug to deliver Magniber ransomware, potentially...
Crims exploit Microsoft, Fortinet flaws before any patches exist
Crims exploit Microsoft, Fortinet flaws before any patches existThe outlook is grim for Outlook - and SAP, Adobe. Android, and Chrome - so get ready for...
China sought control of submarine cables to spy, says Micronesia
China sought control of submarine cables to spy, says MicronesiaOutgoing president alleges Beijing is systematically bullying strategically located island paradise The outgoing president of the Federated...
SVB collapse’s mix of money, urgency and uncertainty makes it irresistible to scammers
SVB collapse's mix of money, urgency and uncertainty makes it irresistible to scammersPhishing, dodgy domain names, and sophisticated attacks already deployed The collapse of Silicon Valley...
Iron Tiger updates malware to target Linux platform
Iron Tiger updates malware to target Linux platformIron Tiger, an advanced persistent threat (APT) group, has updated their SysUpdate malware to include new features and add...
HPE to acquire Axis Security to deliver a unified SASE offering
HPE to acquire Axis Security to deliver a unified SASE offeringHewlett Packard Enterprise has agreed to buy cloud security services provider Axis Security, its third acquistion...
DNS data shows one in 10 organizations have malware traffic on their networks
DNS data shows one in 10 organizations have malware traffic on their networksDuring every quarter last year, between 10% and 16% of organizations had DNS traffic...
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia
The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East AsiaESET Research uncovered a campaign by APT group Tick against...
Microsoft Patch Tuesday fix Outlook zero-day actively exploited
Microsoft Patch Tuesday fix Outlook zero-day actively exploitedMicrosoft Patch Tuesday updates for March 2023 addressed 74 vulnerabilities, including a Windows zero-day exploited in ransomware attacks. Microsoft...
Adobe fixed ColdFusion flaw listed as under active exploit
Adobe fixed ColdFusion flaw listed as under active exploitAdobe is warning that a critical zero-day flaw in ColdFusion web app development platform was exploited in very...
LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries
LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum IndustriesThe LockBit ransomware group claims to have stolen confidential data belonging to SpaceX from...
Product Review of SpecOps Password Policy
Product Review of SpecOps Password PolicyLooking for a tool to validate if your Active Directory (AD) passwords are safe across your Enterprise? Why would this be...
Upcoming Speaking Engagements
Upcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak: I’m speaking on “How to Reclaim Power in the Digital...
Two U.S. Men Charged in 2022 Hacking of DEA Portal
Two U.S. Men Charged in 2022 Hacking of DEA PortalTwo U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal...
Attack campaign on edge appliance: undetected since 2021 and resists firmware update
Attack campaign on edge appliance: undetected since 2021 and resists firmware updateA possible Chinese attack campaign on compromised unpatched SonicWall SMA edge devices stayed undetected since...
Learn the basics of cybersecurity with this $60 web-based training package
Learn the basics of cybersecurity with this $60 web-based training packageThe Premium Ethical Hacking Certification Bundle features eight courses that introduce students to the fundamentals and...
Windows 11 KB5023706 and KB5023698 cumulative updates released
Windows 11 KB5023706 and KB5023698 cumulative updates releasedMicrosoft has released the Windows 11 KB5023706 and KB5023698 cumulative updates for versions 22H2 and 21H2 to fix security...
Windows 10 KB5023696 and KB5023697 updates released
Windows 10 KB5023696 and KB5023697 updates releasedIt's Microsoft's March 2023 Patch Tuesday, and the new Windows 10 KB5023696 and KB5023697 cumulative updates are now available for...
Microsoft fixes Windows zero-day exploited in ransomware attacks
Microsoft fixes Windows zero-day exploited in ransomware attacksMicrosoft has patched another zero-day bug used by attackers to circumvent the Windows SmartScreen cloud-based anti-malware service and deploy...
Microsoft fixes Outlook zero-day used by Russian hackers since April 2022
Microsoft fixes Outlook zero-day used by Russian hackers since April 2022Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) exploited by a hacking group linked to Russia's military...
Reddit is down in major outage blocking access to web, mobile apps
Reddit is down in major outage blocking access to web, mobile appsReddit is investigating a major outage that is blocking users worldwide from accessing the social network's...
Rubrik confirms data theft in GoAnywhere zero-day attack
Rubrik confirms data theft in GoAnywhere zero-day attackCybersecurity company Rubrik has confirmed that its data was stolen using a zero-day vulnerability in the Fortra GoAnywhere secure...
SAP releases security updates fixing five critical vulnerabilities
SAP releases security updates fixing five critical vulnerabilitiesSoftware vendor SAP has released security updates for 19 vulnerabilities, five rated as critical, meaning that administrators should apply...
10 of the best places to find AI talent for your business
10 of the best places to find AI talent for your businessEXECUTIVE SUMMARY: Investing in AI? Don’t forget to invest in AI talent. In the modern...
UK Mulls TikTok Ban on Government Networks
UK Mulls TikTok Ban on Government NetworksUK Security Minister Confirms Agency Is Examining App for Chinese Government TiesBritain's National Cyber Security Agency is examining TikTok to...
UK Unveils Agency to Counter Threats to Private Sector
UK Unveils Agency to Counter Threats to Private SectorThe New National Protective Security Authority to Operate Under MI5The U.K. government says a new national agency will...
US CISA to Warn Critical Infrastructure of Ransomware Risk
US CISA to Warn Critical Infrastructure of Ransomware RiskMost Ransomware Attacks Use Known Vulnerabilities to Infiltrate NetworksThe top U.S. cybersecurity agency says it's testing out scanning...
SentinelOne CEO: Cloud Security May Be Bigger Than Endpoint
SentinelOne CEO: Cloud Security May Be Bigger Than EndpointTomer Weingarten on Fueling Cloud Growth Through Wiz Partnership, Revamped PipelineSentinelOne has inked a partnership with Wiz and...