Source: www.darkreading.com – Author: Jack Danahy Source: vska via Alamy Stock Photo COMMENTARY Threat actors have paid particular attention to the public sector recently, increasing efforts...
Month: January 2024
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information. The post...
Energy Department to Invest $30 Million in Clean Energy Cybersecurity Solutions – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Organizations can earn up to $3 million in federal funding for cyber tools securing the clean energy infrastructure. The post...
Oleria Secures $33M Investment to Grow ID Authentication Business – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Seattle identity and authentication startup Oleria has attracted renewed interest from venture capital investors. The post Oleria Secures $33M Investment...
List Containing Millions of Credentials Distributed on Hacking Forum, but Passwords Old – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Naz.API credential stuffing list containing 70 million unique email addresses and old passwords found on hacking forum. The post List...
Customer Information of Toyota Insurance Company Exposed Due to Misconfigurations – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ionut Arghire Exposed credentials for an email address at an Indian Toyota insurance broker led to customer information compromise. The post Customer...
Outsmarting Ransomware’s New Playbook – Source: www.securityweek.com
Source: www.securityweek.com – Author: Rik Ferguson Encryption is a technological necessity and also a legal safeguard, with importance in both defending against and mitigating the consequences...
Ransomware Group Targets Foxconn Subsidiary Foxsemicon – Source: www.securityweek.com
Source: www.securityweek.com – Author: Eduard Kovacs Foxsemicon’s website defaced with a message from the LockBit ransomware group, which claims to have stolen 5 Tb of data....
Vulnerability Management Firm Vicarius Raises $30 Million – Source: www.securityweek.com
Source: www.securityweek.com – Author: Kevin Townsend New York based vulnerability management firm Vicarius has raised $30 million in a Series B funding round led by Bright...
Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks – Source: www.securityweek.com
Source: www.securityweek.com – Author: Ryan Naraine Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks. The...
Swiss Govt Websites Hit by Pro-Russia Hackers After Zelensky Visit – Source: www.securityweek.com
Source: www.securityweek.com – Author: AFP Switzerland said that a cyberattack claimed by a pro-Russian group disrupted access to some government websites, following Ukrainian President Volodymyr Zelensky’s visit to...
Smashing Security podcast #355: Fishy Rishi, 23andMe, and the labour of love – Source: grahamcluley.com
Source: grahamcluley.com – Author: Graham Cluley Has the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users...
PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 18, 2024NewsroomFirmware Security / Vulnerability Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source...
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 18, 2024NewsroomCyber Espionage / Threat Intelligence High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium,...
NCSC Builds New “Cyber League” Threat Tracking Community – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 One of the UK’s leading cybersecurity agencies has announced plans to convene a new group of industry experts who will help...
AI, Gaming, FinTech Named Major Cybersecurity Threats For Kids – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The heightened utilization of AI tools and potential vulnerabilities in gaming have been identified as crucial cybersecurity concerns for children in...
iShutdown lightweight method allows to discover spyware infections on iPhones – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini iShutdown lightweight method allows to discover spyware infections on iPhones Researchers devised a “lightweight method,” called iShutdown, to determine whether Apple iOS...
Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Pro-Russia group hit Swiss govt sites after Zelensky visit in Davos Switzerland believes that the attack claimed by pro-Russian group...
Github rotated credentials after the discovery of a vulnerability – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Github rotated credentials after the discovery of a vulnerability GitHub rotated some credentials after the discovery of a flaw that...
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation U.S. CISA and the FBI warned of AndroxGh0st malware used to...
Citrix warns admins to immediately patch NetScaler for actively exploited zero-days – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Citrix warns admins to immediately patch NetScaler for actively exploited zero-days Citrix fixed two actively exploited zero-day vulnerabilities impacting Netscaler...
Have I Been Pwned adds 71 million emails from Naz.API stolen account list – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Lawrence Abrams Have I Been Pwned has added almost 71 million email addresses associated with stolen accounts in the Naz.API dataset to...
Microsoft: Iranian hackers target researchers with new MediaPl malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Microsoft says that a group of Iranian-backed state hackers are targeting high-profile employees of research organizations and universities across Europe...
Bigpanzi botnet infects 170,000 Android TV boxes with malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A previously unknown cybercrime syndicate named ‘Bigpanzi’ has been making significant money by infecting Android TV and eCos set-top boxes...
CISA pushes federal agencies to patch Citrix RCE within a week – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days...
iShutdown scripts can help detect iOS spyware on your iPhone – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Security researchers found that infections with high-profile spyware Pegasus, Reign, and Predator could be discovered on compromised Apple mobile devices...
AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new vulnerability dubbed ‘LeftoverLocals’ affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from...
Wazuh: Building robust cybersecurity architecture with open source tools – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Sponsored by Wazuh Cybersecurity architecture refers to the design and structure of an organization’s approach to securing its information systems. It outlines...
A fortified approach to preventing promo, bonus, and other multi-account abuse – Source: securityboulevard.com
Source: securityboulevard.com – Author: Sift Product Team The world of iGaming is fiercely competitive, and attracting and retaining players is a constant challenge. Promotions and affiliate...
The Perils of Platformization – Source: securityboulevard.com
Source: securityboulevard.com – Author: claude.mandy Estimated reading time: 8 minutes #TLDR CISOs continually have to choose between best of breed security vs Platformization and further consolidation...