Source: www.schneier.com – Author: Bruce Schneier Really interesting research: “Lend Me Your Ear: Passive Remote Physical Side Channels on PCs.” Abstract: We show that built-in sensors...
Day: January 24, 2024
The Unknown Risks of The Software Supply Chain: A Deep-Dive – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 24, 2024The Hacker NewsVulnerability / Software Security In a world where more & more organizations are adopting open-source components as...
U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 24, 2024NewsroomCryptocurrency / Cybercrime Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national...
Patch Your GoAnywhere MFT Immediately – Critical Flaw Lets Anyone Be Admin – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 24, 2024NewsroomVulnerability / Endpoint Security A critical security flaw has been disclosed in Fortra’s GoAnywhere Managed File Transfer (MFT) software...
Australian Organisations Struggling to Resolve Tensions Between Personalisation, Privacy – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Matthew Sainsbury Organisations in Australia face a significant challenge with data. On the one hand, there is a demand for personalised services....
Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails – Source: www.techrepublic.com
Source: www.techrepublic.com – Author: Megan Crouse Microsoft disclosed on Jan. 19 that a nation-state backed attack occurred beginning in November 2023 in which the Russian state-sponsored...
COVID-19 test lab accused of exposing 1.3 million patient records to open internet – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register A password-less database containing an estimated 1.3 million sets of Dutch COVID-19 testing records was left exposed to the open...
GCHQ’s NCSC warns of ‘realistic possibility’ AI will help state-backed malware evade detection – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register The idea that AI could generate super-potent and undetectable malware has been bandied about for years – and also already...
CISA boss swatted: ‘While my own experience was certainly harrowing, it was unfortunately not unique’ – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register CISA Director Jen Easterly has confirmed she was the subject of a swatting attempt on December 30 after a bogus...
Accused PII seller faces jail for running underground fraud op – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register A Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an...
UK water giant admits attackers broke into system as gang holds it to ransom – Source: go.theregister.com
Source: go.theregister.com – Author: Team Register Southern Water confirmed this morning that criminals broke into its IT systems, making off with a “limited amount of data.”...
Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire – Source: www.securityweek.com
Source: www.securityweek.com – Author: Kevin Townsend VexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns. The...
Vulnerabilities in Lamassu Bitcoin ATMs Can Allow Hackers to Drain Wallets – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Hackers could exploit Lamassu Douro ATM vulnerabilities to take over devices, steal bitcoin from users. The post Vulnerabilities in Lamassu...
AI Testing Startup RagaAI Emerges From Stealth With $4.7M in Seed Funding – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire AI testing platform RagaAI raises $4.7 million in seed funding to help identify AI issues and improve security and reliability....
High-Severity Vulnerability Patched in Splunk Enterprise – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire The latest Splunk Enterprise releases patch multiple vulnerabilities, including a high-severity flaw in the Windows version. The post High-Severity Vulnerability...
Aviation Leasing Giant AerCap Hit by Ransomware Attack – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire AerCap, the largest aviation leasing company in the world, was hit by a ransomware attack on January 17th. The post...
Doppel Secures $14M for AI-Powered Brand Protection Technology – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine San Francisco startup banks $14 million in Series A funding led by prominent venture capital outfit Andreesen Horowitz (a16z). The...
Identity Security Firm Silverfort Lands $116 Million Investment – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Israeli late-stage startup Silverfort raises a whopping $116 million in new financing to scale its ambitions in the identity security...
SEC Says X Account Hacked via SIM Swapping – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire SEC says hackers used SIM swapping to take over its X (formerly Twitter) account on January 9. The post SEC...
Russian Hackers Suspected of Sweden Cyberattack – Source: www.securityweek.com
Source: www.securityweek.com – Author: AFP Swedish government agencies and shops were disrupted by a ransomware attack believed to have been carried out by Russian hackers. The...
F5 Names Samir Sherif as New CISO – Source: www.securityweek.com
Source: www.securityweek.com – Author: SecurityWeek News F5 names Samir Sherif as Chief Information Security Officer (CISO), taking over the role from Gail Coury who will retire...
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive – Source: securityboulevard.com
Source: securityboulevard.com – Author: Zach Hanley On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass...
The Vendor of My Cloud-Vendor is My Friend – Source: securityboulevard.com
Source: securityboulevard.com – Author: Steve Prentice What does a suburban roofing company have in common with a cloud supplier? The answer can be found in the...
FBI and CISA Warn of Androxgh0st Malware Attacks – Source: securityboulevard.com
Source: securityboulevard.com – Author: Team Nuspire The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Cybersecurity Advisory...
Balancing Act: Navigating the Advantages and Risks of ServiceNow’s New Security Attributes – Source: securityboulevard.com
Source: securityboulevard.com – Author: Aaron Costello, Principal SaaS Security Engineer @ AppOmni One of the security milestones of the Vancouver Release of the ServiceNow platform is...
Randall Munroe’s XKCD ‘Log Alignment’ – Source: securityboulevard.com
Source: securityboulevard.com – Author: Marc Handelman Security Boulevard The Home of the Security Bloggers Network Original Post URL: https://securityboulevard.com/2024/01/randall-munroes-xkcd-log-alignment/ Category & Tags: Humor,Security Bloggers Network,Randall Munroe,Sarcasm,satire,XKCD...
Maximizing Security in K-12 IT: Best Practices for Safeguarding Data – Source: securityboulevard.com
Source: securityboulevard.com – Author: Kevin Smith The prevalence of malicious cyber activity is increasing globally, and K–12 schools are not exempt from cyberattacks initiated by cybercriminals,...
News alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businesses – Source: securityboulevard.com
Source: securityboulevard.com – Author: bacohido Washington D.C. Jan. 22, 2024 – Today, the National Cybersecurity Alliance (NCA), announced the program for its third annual Data Privacy Week campaign,...
SEC X Account Hack is a Case of SIM Swapping – Source: securityboulevard.com
Source: securityboulevard.com – Author: Jeffrey Burt The bad actor who hacked into the X account of the Securities and Exchange Commission (SEC) earlier this month gained...
Securing the Move: Cyber Resilience in the Transportation and Supply Chain Industry – Source: securityboulevard.com
Source: securityboulevard.com – Author: Horizon3.ai How a Prevailing Transportation Company Modernized Security with NodeZero Cyber protection is crucial for the transportation industry and the supply chain...