Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsetsProject Zero, Google's zero-day bug-hunting team, discovered and reported 18 zero-day vulnerabilities in Samsung's Exynos chipsets used in...
Author:
BianLian ransomware gang shifts focus to pure data extortion
BianLian ransomware gang shifts focus to pure data extortionThe BianLian ransomware group has shifted its focus from encrypting its victims' files to only exfiltrating data found...
Microsoft, CrowdStrike Lead Endpoint Protection Gartner MQ
Microsoft, CrowdStrike Lead Endpoint Protection Gartner MQCybereason Enters Leaders Quadrant While Trellix Falls From Leader to Niche PlayerMicrosoft and CrowdStrike once again dominate Gartner's Magic Quadrant...
Healthcare Leaders Call for Cybersecurity Standards
Healthcare Leaders Call for Cybersecurity StandardsAlso: Please Help the Sector Pay for Cybersecurity, Execs Tell Senate PanelHealthcare executives called on Congress to ensure minimum cybersecurity standards,...
Breach Roundup: Med Devices, Hospitals and a Death Registry
Breach Roundup: Med Devices, Hospitals and a Death RegistryOn Radar: Zoll, CHU Saint-Pierre, Latitude Financial, LA Housing AuthorityIn this week's data breach roundup: medical device manufacturer...
Magniber Ransomware Group Exploiting Microsoft Zero Day
Magniber Ransomware Group Exploiting Microsoft Zero DayMicrosoft Patches Another SmartScreen Signature-Based VulnerabilityA financial motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows...
Convincente estafa telefónica de Twitter apunta a clientes bancarios
Convincente estafa telefónica de Twitter apunta a clientes bancariosUna estafa de Twitter convincente se dirige a los clientes del banco al abusar de la función de...
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency
Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal AgencyMultiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik...
What’s Wrong with Manufacturing?
What's Wrong with Manufacturing?In last year's edition of the Security Navigator we noted that the Manufacturing Industry appeared to be totally over-represented in our dataset of Cyber Extortion...
Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme
Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering SchemeA coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency...
Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration
Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data ExfiltrationThe cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware...
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection
Chinese and Russian Hackers Using SILKLOADER Malware to Evade DetectionThreat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new...
S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]
S3 Ep 126: The price of fast fashion (and feature creep) [Audio + Text]Worried about rogue apps? Unsure about the new Outlook zero-day? Clear advice in...
Ethics in AI: The Missing Code
Ethics in AI: The Missing Code As part of its push toward artificial intelligence, Microsoft laid off more than 10,000 employees and spent billions on acquiring...
Guild Education Gives Salt an A+ for API Protection
Guild Education Gives Salt an A+ for API ProtectionKeeping our customers’ data safe so that they can move forward with business innovation is our constant north...
How to Protect Your Company in a ChatGPT World
How to Protect Your Company in a ChatGPT World With the potential to be as game-changing as the internet, smartphones and cloud computing, the emergence of...
The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware
The Week in Security: YoroTrooper steals credentials in Europe, AI-created videos spread malware Welcome to the latest edition of The Week in Security, which brings...
COURT DOC: Justice Department Investigation Leads to Takedown of Darknet Cryptocurrency Mixer that Processed Over $3 Billion of Unlawful Transactions
COURT DOC: Justice Department Investigation Leads to Takedown of Darknet Cryptocurrency Mixer that Processed Over $3 Billion of Unlawful TransactionsThe Justice Department announced today a coordinated...
The Risks of Using ChatGPT to Write Client-Side Code
The Risks of Using ChatGPT to Write Client-Side CodeSince OpenAI released its AI chatbot software ChatGPT in November of 2022, people from all over the internet...
USENIX Security ’22 – Kinan Dak Albab, Rawane Issa, Mayank Varia, Kalman Graffi – ‘Batched Differentially Private Information Retrieval’
USENIX Security ’22 – Kinan Dak Albab, Rawane Issa, Mayank Varia, Kalman Graffi – ‘Batched Differentially Private Information Retrieval’Our thanks to USENIX for publishing their Presenter’s...
The Evolution of Ransomware and how to Protect Against it
The Evolution of Ransomware and how to Protect Against itRansomware is a form of malicious software that encrypts a victim’s files and requires that the data...
Breadth of Data: Why it Matters
Breadth of Data: Why it MattersThe last decade has seen tremendous growth in the availability of identity theft protection and identity monitoring services. This has been...
Botnet Protection
Botnet ProtectionFor more than a decade, Constella Intelligence–formerly 4iQ–has been hunting, collecting, and curating breach data, which powers 6 of the top 10 identity theft protection...
UK.gov bans TikTok from its devices as a ‘precaution’ over spying fears
UK.gov bans TikTok from its devices as a 'precaution' over spying fearsGov staff using it on personal mobes just fine... it's not like ministers use WhatsApp...
Russian hacktivist group targets India’s health ministry
Russian hacktivist group targets India’s health ministryA Russian hacktivist group has claimed to have breached the health management information system of India, which could contain the...
Why red team exercises for AI should be on a CISO’s radar
Why red team exercises for AI should be on a CISO's radarAI and machine learning (ML) capabilities present a huge opportunity for digital transformation but open...
When and how to report a breach to the SEC
When and how to report a breach to the SECNew cybersecurity reporting requirements for publicly traded companies are expected to be enacted in the spring of...
UK bans TikTok on government devices over data security fears
UK bans TikTok on government devices over data security fearsSocial media app TikTok has been banned on UK government electronic devices, the Cabinet Office has announced....
Not‑so‑private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets
Not‑so‑private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency walletsESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR...
Chinese SilkLoader Malware Sold to Russian Cyber-Criminals
Chinese SilkLoader Malware Sold to Russian Cyber-CriminalsCobalt Strike beacon loader migrates across criminal ecosystemsRead MoreCobalt Strike beacon loader migrates across criminal ecosystems