Source: www.securityweek.com – Author: Eduard Kovacs Mandiant discovers Industroyer-like OT malware Mandiant on Thursday detailed a new piece of malware that appears to be linked to...
Day: May 26, 2023
Security Pros: Before You Do Anything, Understand Your Threat Landscape – Source: www.securityweek.com
Source: www.securityweek.com – Author: Marc Solomon Regardless of the use case your security organization is focused on – alert triage, threat hunting, spear phishing, incident response,...
Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised – Source: www.securityweek.com
Source: www.securityweek.com – Author: Associated Press The second-largest health insurer in Massachusetts was the victim of a ransomware attack in which sensitive personal information as well...
Apria Healthcare Notifying 2 Million People of Years-Old Data Breaches – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Home medical equipment provider Apria Healthcare is notifying nearly two million individuals of personal information being compromised during data breaches...
European Cybersecurity Firm Sekoia.io Raises $37.5 Million – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire European cybersecurity firm Sekoia.io on Wednesday announced that it has raised €35 million (roughly $37.5 million) in Series A funding,...
Today’s Cyber Defense Challenges: Complexity and a False Sense of Security – Source: www.securityweek.com
Source: www.securityweek.com – Author: Torsten George There are quite a few industry standards (e.g., ISO/IEC 27001, PCI DSS 4.0) and government regulations (e.g., HIPAA, FISMA, CISA)...
Can zero trust be saved? – Source: grahamcluley.com
Source: grahamcluley.com – Author: Graham Cluley Graham Cluley Security News is sponsored this week by the fab folks at Kolide. Thanks to the great team there...
Sorry scammer, I’m not cancelling my McAfee Antivirus subscription – Source: grahamcluley.com
Source: grahamcluley.com – Author: Graham Cluley I was surprised to receive an email this week telling me that I had renewed my annual subscription for McAfee...
Smashing Security podcast #323: Botched Bitcoin blackmail, iSpoof, and Meta’s billion dollar data bungle – Source: grahamcluley.com
Source: grahamcluley.com – Author: Graham Cluley 13 years jail for spoofing scammer, a rogue IT security expert’s Bitcoin blackmail goes wrong, and Facebook’s eyewatering GDPR fine...
Heimdal®’s Threat Prevention Endpoint Wins ‘Cloud-Based Solution of the Year’ at the Network Computing Awards 2023 – Source: heimdalsecurity.com
Source: heimdalsecurity.com – Author: Gabriella Antal In an era where cyber threats continue to evolve and grow in complexity, Heimdal has once again risen to the...
D-Link fixes two critical flaws in D-View 8 network management suite – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini D-Link fixed two critical flaws in its D-View 8 network management suite that could lead to authentication bypass and arbitrary...
Zyxel firewall and VPN devices affected by critical flaws – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Zyxel fixed two critical flaws in multiple firewall and VPN products that can lead to remote code execution or cause a...
China-linked APT Volt Typhoon targets critical infrastructure organizations – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini A China-linked APT group, tracked as Volt Typhoon, breached critical infrastructure organizations in the U.S. and Guam without being detected....
North Korea-linked Lazarus APT targets Microsoft IIS servers to deploy malware – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini North Korea-linked APT group Lazarus actor has been targeting vulnerable Microsoft IIS servers to deploy malware. AhnLab Security Emergency response...
Iran-linked Tortoiseshell APT behind watering hole attacks on shipping and logistics Israeli websites – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Iran-linked threat actor Tortoiseshell targeted shipping, logistics, and financial services companies in Israel with watering hole attacks. ClearSky Cyber Security...
Iranian Hackers Deploy New Ransomware Against Israeli Firms – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Ransomware Researchers Discover Moneybird Ransomware Strain, Warn of Growing Sophistication Anviksha...
German Prosecutors Indict FinFisher Spyware Executives – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime Executives Accused of Selling Tool to Turkish Intel Via...
AHA Tells HHS to ‘Amend or Suspend’ Web Tracking Guidance – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 Governance & Risk Management , HIPAA/HITECH , Privacy Group Calls IP Addresses Under HIPAA ‘Too Broad,’ Posing Hardships on Hospitals Marianne...
OAuth Flaw Exposed Social Media Logins to Account Takeover – Source: www.govinfosecurity.com
Source: www.govinfosecurity.com – Author: 1 API Security , Fraud Management & Cybercrime , Social Media Now-Fixed Expo Framework API Vulnerability Posed Credential, Identity Theft Risks Prajeet...
Launch your cybersecurity career with this ethical hacking bundle – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: TechRepublic Academy on May 25, 2023, 6:30 PM EDT Launch your cybersecurity career with this ethical hacking bundle Score nearly 70% off...
Experts laud GDPR at five year milestone – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Karl Greenberg on May 25, 2023, 6:23 PM EDT Experts laud GDPR at five year milestone The GDPR, in effect for five...
Microsoft warns of Volt Typhoon, latest salvo in global cyberwar – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Karl Greenberg Image: pinkeyes/Adobe Stock Microsoft’s warning on Wednesday that the China-sponsored actor Volt Typhoon attacked U.S. infrastructure put a hard emphasis...
WithSecure launches ‘outcome-based’ security at Sphere23 conference – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Karl Greenberg At its Sphere23 event in Finland, security company WithSecure unveiled offerings focused on collaboration, business goals and outcomes. Image: Getty...
On the Poisoning of LLMs – Source: www.schneier.com
Source: www.schneier.com – Author: Bruce Schneier Interesting essay on the poisoning of LLMs—ChatGPT in particular: Given that we’ve known about model poisoning for years, and given...
Windows 11 finally gets a ‘never combine taskbar buttons’ mode – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft has released a new Windows 11 dev build that adds a long-awaited feature allowing users to ensure that all...
Predator: Looking under the hood of Intellexa’s Android spyware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Image: Bing Create Security researchers at Cisco Talos and the Citizen Lab have presented a new technical analysis of the...
Microsoft 365 phishing attacks use encrypted RPMSG messages – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed...
D-Link fixes auth bypass and RCE flaws in D-View 8 software – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas D-Link has fixed two critical-severity vulnerabilities in its D-View 8 network management suite that could allow remote attackers to bypass...
New Russian-linked CosmicEnergy malware targets industrial systems – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Mandiant security researchers have discovered a new malware called CosmicEnergy designed to disrupt industrial systems and linked to Russian cybersecurity...
What’s a Double-Blind Password Strategy and When Should It Be Used – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sponsored by Specops Software Password security, like threat actor methods, continues to evolve. As computing power grows, previously best-practice passwords become increasingly...