The Food and Drug Administration (FDA) this week put into effect fresh guidance concerning the cybersecurity of medical devices — long a concerning area of risk...
Day: April 2, 2023
Elastic Expands Cloud Security Capabilities for AWS
MOUNTAIN VIEW, Calif.–(BUSINESS WIRE)– Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch, today announced expanded capabilities for Elastic Security including Cloud Security Posture Management (CSPM) for AWS,...
The FDA’s Medical Device Cybersecurity Overhaul Has Real Teeth, Experts Say
The Food and Drug Administration (FDA) this week put into effect fresh guidance concerning the cybersecurity of medical devices — long a concerning area of risk...
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named ‘Money Message’ has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor. The new...
Fake ransomware gang targets U.S. orgs with empty data leak threats
Fake extortionists are piggybacking on data breaches and ransomware incidents, threatening U.S. companies with publishing or selling allegedly stolen data unless they get paid. Sometimes the...
DISH slapped with multiple lawsuits after ransomware cyber attack
Dish Network has been slapped with multiple class action lawsuits after it suffered a ransomware incident that was behind the company’s multi-day “network outage.” These class action lawsuits,...
Twitter open-sources recommendation algorithm code
Twitter announced on Friday that it’s open-sourcing the code behind the recommendation algorithm the platform uses to select the contents of the users’ For You timeline....
15 million public-facing services vulnerable to CISA KEV flaws
Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA’s KEV (known exploitable vulnerabilities) catalog. This massive...
Hackers exploit bug in Elementor Pro WordPress plugin with 11M installs
Hackers are actively exploiting a high-severity vulnerability in the popular Elementor Pro WordPress plugin used by over eleven million websites. Elementor Pro is a WordPress page...
10-year-old Windows bug with ‘opt-in’ fix exploited in 3CX attack
A 10-year-old Windows vulnerability is still being exploited in attacks to make it appear that executables are legitimately signed, with the fix from Microsoft still “opt-in”...
Consumer lender TMX discloses data breach impacting 4.8 million people
TMX Finance and its subsidiaries TitleMax, TitleBucks, and InstaLoan have collectively disclosed a data breach that exposed the personal data of 4,822,580 customers. TitleMax is a...
Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka ‘Winter Vivern,’ has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since February 2023 to steal the emails...
Microsoft OneNote will block 120 dangerous file extensions
Microsoft has shared more information on what malicious embedded files OneNote will soon block to defend users against ongoing phishing attacks pushing malware. The company first...
New Money Message ransomware demands million dollar ransoms
New Money Message ransomware demands million dollar ransomsA new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak...
Is ChatGPT A Silver Bullet For Cybercriminals?
Is ChatGPT A Silver Bullet For Cybercriminals?Post ContentRead MoreProofpoint News Feed
New IcedID variants shift from bank fraud to malware delivery
New IcedID variants shift from bank fraud to malware deliveryPost ContentRead MoreProofpoint News Feed
Pro-Russian hackers target elected US officials supporting Ukraine
Pro-Russian hackers target elected US officials supporting UkrainePost ContentRead MoreProofpoint News Feed
Think ransomware gangs won’t thrive this year? Think again, experts say
Think ransomware gangs won't thrive this year? Think again, experts sayPost ContentRead MoreProofpoint News Feed
Cisco Secure Network Analytics Remote Code Execution Vulnerability
Cisco Secure Network Analytics Remote Code Execution VulnerabilityA vulnerability in the web-based management interface of Cisco Secure Network Analytics, formerly Cisco Stealthwatch Enterprise, could allow an...
Cisco Application Policy Infrastructure Controller and Cisco Cloud Network Controller Cross-Site Request Forgery Vulnerability
Cisco Application Policy Infrastructure Controller and Cisco Cloud Network Controller Cross-Site Request Forgery VulnerabilityA vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller...
Embedded vSphere Harbor default enablement results in an insecure configuration
Embedded vSphere Harbor default enablement results in an insecure configurationThis post is relevant to administrators that have enabled the embedded Harbor version in vSphere 7.0 or...
Investigating 3CX Desktop Application Attacks: What You Need to Know
Investigating 3CX Desktop Application Attacks: What You Need to KnowThis is a developing situation and this blog post will be updated as needed. Reports of malicious...
Study: Women in cybersecurity feel excluded, disrespected
Feelings of exclusion and being disrespected impacts hiring opportunities and retention for women, according to a new report. Image: Gorodenkoff/Shutterstock Women who work in cybersecurity continue...
Microsoft adds GPT-4 to its defensive suite in Security Copilot
The new AI security tool, which can answer questions about vulnerabilities and reverse-engineer problems, is now in preview. Image: Adobe Stock/alvaher AI hands are reaching further...
Report: Terrible employee passwords at world’s largest companies
on March 30, 2023, 4:22 PM EDT Report: Terrible employee passwords at world’s largest companies Find out the most commonly used weak passwords by industry and...
Ransomware attacks skyrocket as threat actors double down on U.S., global attacks
New studies by NCC Group and Barracuda Networks show threat actors are increasing ransomware exploits, with consumer goods and services receiving the brunt of attacks and...
Report: Some IT outsourcing is moving back onshore
While cost is generally the main consideration, the war in Ukraine and global political tensions are prompting companies to shift their IT outsourcing strategies, according to...
Media disposal policy
PURPOSE This Media disposal policy from TechRepublic Premium provides specific instructions for ensuring organization data is properly protected when disposing of old storage media. From the...
Nexus Android malware targets 450 financial applications
Image: Adobe Stock Nexus malware is an Android banking trojan promoted via a malware-as-a-service model. The malware has been advertised on several underground cybercrime forums since...
With political ‘hacktivism’ rising, Google offers Project Shield to fight DDoS attacks
Image: Sundry Photography/Adobe Stock As has been widely documented, distributed denial of service, or DDoS, attacks rose precipitously last year. A microcosm of this upward trend...