Not every company employee feels the need to lock the screen when leaving their work computer unattended. However, doing so is in fact a rather important aspect of corporate information security: if physically inside the office, an attacker can use an unguarded, unlocked computer to get valuable information or install show more ...
The Clop ransomware group is actively exploiting a SysAid zero-day flaw after running rampant through enterprise systems using MOVEit file transfer bug.
Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.
ChatGPT and the associated APIs have been affected by regular outages, citing DDoS attacks as the reason — the Anonymous Sudan group claimed responsibility.
Executives must rise to the challenge and take immediate action to grasp the intricacies of data, technology, and infrastructure within M&A.
A 30-year-old, rarely updated protocol for medical devices has exposed reams of highly personal data, thanks to a lack of proper security throughout owner environments.
The state said 1.3 million individuals have been affected by this breach, which includes Social Security numbers and taxpayer information.
Despite claims to the contrary, Iranian cyberattackers have been less strategic and more opportunistic over the last month as the Israel-Hamas war continues.
A cyberattack is coming, disasters are certain, and the US government wants critical infrastructure firms ready to handle any disruption. Welcome to Shields Ready.
Meanwhile, CISA joins the call to patch CVE-2023-4966 immediately amid reports of mass-exploit activity; at least 5,000 orgs remain exposed.
A class action suit claims Intel knowingly sold billions of faulty chips for years. The outcome could help define where poor vulnerability remediation becomes outright negligence.
The attack generated one million requests per second (RPS), four times larger than any previous attack on the bank. Sberbank believes that new, highly skilled hackers are targeting major Russian resources.
The hacking tool is distributed through Telegram channels linked to hacking communities and focuses on facilitating web application attacks on commonly used technologies.
The privacy feature builds upon previous measures such as "Silence Unknown Callers" to protect users from unwanted contact and minimize the risk of zero-click attacks and spyware.
The group initially threatened victims with European data breach fines but later offered to sell the entire operation, including domain names, breached company access, and databases.
GitHub is leveraging AI to enhance its secret scanning program, allowing code maintainers to create custom patterns for detecting organization-specific secrets and improving scanning accuracy.
While AI tools make fraud campaigns more convincing, users can still protect themselves by being cautious of phishing emails, recognizing warning signs, and following online shopping guidance provided by the NCSC.
The London-based company offers a collaborative platform that helps organizations identify and mitigate supply chain security risks in real time. The funding will be used to advance product development and deepen partnerships in key industries.
The breach was a result of the group failing to apply a firmware patch to fix a zero-day vulnerability in their SonicWall firewall, highlighting the importance of promptly updating and securing computer hardware and systems.
Organizations should implement security measures such as regular backups, vendor security reviews, strong user account security, and network monitoring to mitigate the risk of ransomware attacks.
An Iranian hacking group known as Charming Kitten targeted organizations in Israel's transportation, logistics, and technology sectors last month. This increase in Iranian cyber activity coincided with the start of Israel's war with Hamas.
Signal is testing a new feature that allows users to conceal their phone numbers by using public usernames. The feature is currently being tested in a separate staging environment and users can access it by installing pre-beta builds.
Concerns have been raised about the provision in the act that requires software developers to report vulnerabilities within 24 hours, as it may overwhelm cyber agencies and pose security risks.
The LockBit ransomware gang claimed responsibility for the breach and leaked stolen data, including passport scans and financial documents, potentially exposing proprietary designs and patented information.
Cybersecurity company SentinelOne is acquiring advisory firm Krebs Stamos Group to create a new entity called PinnacleOne Strategic Advisory Group, with Christopher Krebs and Alex Stamos taking on key positions.
The use of a reverse proxy in this phishing campaign allows the attackers to bypass multi-factor authentication (MFA) and gain access to victims' Microsoft 365 accounts, leading to further distribution of phishing emails.
Germany's National Security Strategy envisions the establishment of a dedicated entity for offensive cyber operations, although it rejects the use of hack-backs as a means of cyber defense.
MGM Resorts is investing $40 million in IT upgrades next year and is facing multiple class-action lawsuits and potential financial losses from legal proceedings related to the attack.
Hunters International focuses on data exfiltration rather than encryption and primarily targets victims in the United States, the UK, Germany, and Namibia, including hospitals.
The government of Maine has confirmed that over a million state residents had their personal information stolen in a data breach by a Russia-linked ransomware gang that exploited a vulnerability in the MOVEit file transfer system.
The leaked data includes critical details such as email addresses, names, usernames, and geographic locations, posing a considerable threat as it is now accessible on the dark web.
When users click on the ad, they are redirected to a fake Windows news site, where they are prompted to download a digitally signed CPU-Z installer. This installer contains a malicious PowerShell script known as the 'FakeBat' malware loader.
ICBC informed clients that a cybersecurity issue would require them to reroute trades and temporarily stop accepting orders. The attack highlights the vulnerability of critical infrastructure providers, such as the financial sector.
The attackers gained access to sensitive company and customer data, including high-level account logins, credit card information, customer addresses, and more, posing a significant risk to Dolly.com and its users.
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don’t pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of (or augment) inefficient and cumbersome SIEMs. With an estimated 80% of
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence," Aon's Stroz Friedberg Incident Response Services said in an analysis published
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm (previously Curium),
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting industrial control systems (ICS). "The actor first used OT-level living-off-the-land (LotL) techniques to
The US trading arm of the Industrial and Commercial Bank of China (ICBC) has been hit by a ransomware attack that reportedly forced it to handle trades via messengers carrying USB thumb drives across Manhattan. Read more in my article on the Hot for Security blog.
The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware
By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk
