Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Singapore Amends Cyb ...

 Firewall Daily

The Singaporean parliament approved an amendment to the Cybersecurity Law on Tuesday that aimed at fortifying the defenses of the nation's evolving critical infrastructure and adapting to technological advancements. The amendments to the Cybersecurity Law mandate that owners of critical information infrastructure   show more ...

(CII) report a broader spectrum of incidents, encompassing those occurring within their supply chains. Senior Minister of State for Communications and Information Janil Puthucheary said it was imperative to address the evolving tactics of malicious cyber actors, stressing the need to extend vigilance to peripheral systems and supply chains. What the Latest Cybersecurity Law Amendment Mean The new legislation empowers authorities to regulate Systems of Temporary Cybersecurity Concern (STCC), which are systems at high risk of cyberattacks for a limited period, posing a threat to Singapore's national interests if compromised. The amendment gives the Cyber Security Agency of Singapore (CSA) authority to oversee Entities of Special Cybersecurity Interest (ESCIs), whose disruption could have significant adverse effects on defense, foreign relations, economy, public health, safety, or order. To prevent inadvertently identifying ESCIs as targets, their specific identities will not be publicly disclosed. The proposed law will also add new categories of entities whose digital defenses will be audited by the authorities, including autonomous universities, which may hold sensitive data or perform significant functions. Moreover, CSA can regulate CIIs supporting essential services from overseas if their owners are based in Singapore. Dr. Janil emphasized that the Bill aims to address shifts in the cybersecurity landscape and operational challenges faced by CSA. The evolving cybersecurity landscape, characterized by increased cloud computing usage and digital technology reliance, necessitates updated laws to safeguard essential services. “When the Act was first written, it was the norm for CII to be physical systems held on premises and entirely owned or controlled by the CII owner. But the advent of cloud services has challenged this model,” Dr. Janil said. “As the tactics and techniques of malicious actors evolve to target systems at the periphery or along supply chains, we must also start placing our alarms at those places,” he added. The proliferation of digital communication and technology adoption underscores the heightened cyber risks faced by individuals and organizations. Against this backdrop, updating the cybersecurity law is imperative to ensure Singapore's digital resilience and stay ahead of emerging threats. While Members of Parliament voiced concerns about compliance costs and regulatory clarity, Dr. Janil clarified that the Bill targets cybersecurity of critical national systems, rather than imposing broad obligations on the business community. The new law will regulate only the cybersecurity of systems infrastructure and services that are important at a national level because their disruption or compromise could affect Singapore’s survival, security, safety or other national interest, according to Dr. Janil. “This is a known and finite set of systems and entities. Our approach is a targeted and calibrated one, precisely because we recognise that regulation will involve compliance costs,” Dr Janil said. “Some compliance costs cannot be avoided where regulation is concerned. It's something we are mindful of. We do not seek to regulate without good reason.” CSA will provide support to regulated entities, engaging with them before designating systems or entities and offering guidance on compliance measures. Appeals processes are in place for designated entities, ensuring transparency and accountability in regulatory decisions. Dr. Janil underscored the significance of decisions to designate entities, emphasizing their potential impact on national security and interests. The government remains committed to a calibrated approach, balancing regulatory requirements with the need to minimize compliance costs and support affected entities.  Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for Top 5 Cybersecurity ...

 Features

The RSA Conference 2024, the world's biggest cybersecurity event, is currently underway at the Moscone Center in San Francisco. Over 640 vendors are showcasing their latest offerings at the expo, which began on Monday, May 6, 2024 and runs until Thursday, May 9th. For the second consecutive year, generative AI   show more ...

(GenAI) appears to be a major focus for cybersecurity products unveiled at the event. Here's a look at the top 5 companies making a splash at RSAC 2024: 1. Cyble with Vision X Cyble, a prominent force in AI-powered cybersecurity, has launched Cyble Vision X, the successor to its award-winning Cyble Vision 2.0 threat intelligence platform. Vision X aims to elevate the user experience by granting decision-makers immediate access to critical information. The first phase of Vision X is poised to introduce a series of impactful enhancements, including a revamped "Executive Insights" dashboard that consolidates the most significant intelligence in a user-friendly interface.  Additionally, an improved filter allows users to effortlessly navigate through their data, and a sleeker, more modern, and intuitive design ensures an optimized user experience. Cyble Vision X also boasts several other improvements, such as:  A new "Alerts Insights" interface, previously known as "Executive Insights" and rebranded to reflect a more granular level of data analysis.  A revamped header and collapsible left pane for a cleaner, more efficient workspace.  A redesigned authentication screen that maintains the same API functionality while incorporating aesthetic enhancements.  For more information, visit Cyble's booth N-2353 at RSA to explore VisionX and their other services. 2. Theori with Xint Taking a unified approach, Theori unveiled Xint, a comprehensive Security Posture Management (SPM) solution. Xint streamlines security operations by consolidating data from various sources, enabling organisations to gain a holistic view of their security posture and proactively identify vulnerabilities.  Highlights of Xint include:  Cloud Security: Continuous monitoring and enhanced visibility into cloud configurations, resource utilization, and access controls to swiftly respond to potential security risks.  External Threat Detection: Security tools designed to defend against unauthorized access for externally facing applications, including web applications, APIs, mobile apps, and third-party integrations.  Offensive Security AI Engine: A revolutionary approach to penetration testing that combines the expertise of award-winning offensive cybersecurity veterans with cutting-edge artificial intelligence technology that precisely pinpoints vulnerabilities.  For more information, visit Theori's Booth: 634. 3. New SEI Tool The Software Engineering Institute (SEI) introduced a novel tool designed to provide much-needed visibility into DevSecOps pipelines. This tool empowers developers to identify and address security issues early in the development process, preventing them from becoming exploitable vulnerabilities in the final product.  The tool, called Polar, is an observability framework that provides a comprehensive picture of a software system's deployment platform. Polar unlocks data captured by disparate tools within an organization, helping to answer complex questions about performance and security that are crucial for real-time decision-making and agility in the face of threats. For more information, visit SEI's Booth: 1743. 4. Cranium with First-of-its-Kind GenAI Exposure Management Solution Cranium, a leading enterprise AI security and trust software firm, introduced the industry's first exposure management solution specifically designed for GenAI at RSAC 2024. The Cranium platform features an AI-augmented workflow with a secure LLM architecture paired with proprietary threat intelligence to provide visibility into an AI system, characterize attack surfaces, and assess vulnerabilities within an organization.  As the use of GenAI tools like Microsoft's Copilot for Microsoft 365 grows, concerns around potential misuse and exploitation also rise. Cranium's solution offers a critical layer of protection against such attacks. Their exposure management solution can help organizations identify and mitigate potential security risks associated with GenAI tools, ensuring these powerful AI-driven applications are used securely. 5. Vectra AI Expands Platform to Combat GenAI Attacks Vectra AI, a leader in hybrid attack detection, investigation, and response, has recognized the evolving threat landscape with the rise of GenAI and has expanded its AI platform to combat GenAI attacks. Vectra's enhanced solution leverages advanced AI and machine learning to detect and neutralize sophisticated attacks that may exploit the capabilities of GenAI tools. Traditional security solutions might struggle to identify these novel attack methods, so Vectra's AI-powered platform offers a vital line of defense.  Catch up with our team at our open house, Attack Labs Live, at the Nasdaq Entrepreneurial Center

image for U.S. Unveiled Intern ...

 Cyber Essentials

The U.S. Secretary of State Antony Blinken unveiled an International Cyberspace and Digital Policy Strategy on Monday, outlining the Biden administration's plan to engage the global community on various technological security issues. Blinken introduced this robust international cyber strategy while delivering a   show more ...

keynote at the RSA cybersecurity conference in San Francisco. The strategic blueprint outlined in the latest strategy displayed the federal government's multifaceted approach to engaging the global community on a wide array of technological security issues, aiming to foster collaboration and cooperation among allies, partners and stakeholders worldwide. What’s at the Core of the International Cyberspace and Digital Policy Strategy At the heart of the plan lies the concept of "digital solidarity," characterized by mutual assistance to victims of malicious cyber activity and other digital harms. Digital solidarity entails collaborating on shared goals, capacity building, and mutual support to enhance security, resilience, self-determination, and prosperity. Against the backdrop of ongoing cyberattacks targeting U.S. allies by foreign actors like Russia, China, North Korea and Iran, efforts focus on supporting allies and partners, particularly emerging economies, in harnessing the benefits of digital technologies while sustaining economic and development objectives. The strategy emphasizes alignment with international partners on technology governance, fostering strong partnerships with civil society and the private sector, and promoting cybersecurity resilience through diverse products and services from trusted technology vendors. Moreover, it underscores cooperative efforts to defend and advance human rights and build digital and cyber capacity for long-term resilience and responsiveness. The Department of State, in collaboration with other federal agencies, will advance digital solidarity through four key areas of action supported by three guiding principles: Promoting an open, inclusive, secure, and resilient digital ecosystem. Aligning rights-respecting approaches to digital and data governance with international partners. Advancing responsible state behavior in cyberspace and countering threats through coalition-building and engagement. Strengthening international partner digital and cyber capacity. Efforts to forge digital solidarity will be reinforced by active participation in international fora to shape obligations, norms, standards, and principles impacting cyberspace and digital technology issues. Leadership in these venues is crucial to safeguarding U.S. interests and values in the evolving digital landscape. Recognizing the significance of digital diplomacy, the Department of State will lead interagency efforts to coordinate cyber and digital technology diplomacy to advance U.S. national interests and values in the coming decade. Cybersecurity Threats from Nation States The strategy addresses the malign activities of nations such as Russia, China, Iran, and North Korea, condemning their exploitative use of technology for nefarious purposes, including hacking and espionage campaigns. It highlights concerns about these countries' efforts to undermine international regulatory frameworks and undercut U.S. technology manufacturers through state-sponsored subsidies. “Cyber criminals and criminal syndicates operating in cyberspace now represent a specific threat to the economic and national security of countries around the world,” the International Cyberspace and Digital Strategy said. “Cybercrime and online fraud cause significant harm to economic development, with small- to medium-sized enterprises and financial service providers especially at risk. According to one estimate, the global cost of cybercrime is estimated to top $23 trillion in 2027.” AI Technology Governance The landscape of AI technology governance is intricate, as per the latest strategy. While AI systems offer promising avenues for societal progress, the complexities of geopolitics further compound the challenges and uncertainties in their regulation and management. AI technologies hold immense potential to drive knowledge expansion, boost prosperity, enhance productivity, and tackle pressing global issues. However, the rapid proliferation of AI technologies also presents substantial risks and ethical considerations. These encompass a spectrum of concerns ranging from exacerbating inequality and economic instability to privacy breaches, discriminatory practices, and amplification of malicious cyber activities. Moreover, the dual-use nature of many AI applications poses challenges in ensuring that emerging technologies are not leveraged for nefarious purposes, including disinformation campaigns and military advancements lacking adequate human rights safeguards. Balancing risks and rewards requires safeguarding democratic values, human rights, and fostering international collaboration to harness AI's benefits while mitigating destabilizing impacts. The strategy also warns against complacency in critical technological domains, cautioning that failure to act could enable authoritarian states to shape the future of technology in a manner detrimental to U.S. interests and values. By advocating for concerted efforts to uphold a rights-respecting, open, and secure cyberspace, the United States aims to advance a vision of global governance that safeguards democratic principles and promotes innovation and prosperity.  Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for UK Ministry of Defen ...

 Cybersecurity News

The personal data of an unspecified number of active UK military personnel had been compromised in a significant Ministry of Defence data breach. The UK's Ministry of Defence (MoD) is tasked with protecting the UK, its crown dependencies, and its overseas territories against threats from both state and non-state   show more ...

actors. The ministry also oversees and trains the Royal Navy, British Army, Royal Air Force, and the Strategic Command. The breach occurred as a result of an attack on the Ministry of Defence (MoD) payroll system, but the exact motives of the perpetrators behind the breach remain unknown. Victims of Ministry of Defence Data Breach Being Actively Notified The compromised data spans several years and includes the names, bank details, and in at least a few instances, even the personal addresses of active and previously-serving armed forces members. The Royal Navy, Army, and Royal Air Force are included in this breach. However the ministry confirmed that no operational defence data had been accessed during the incident. The affected payroll system was managed by an external contractor. Upon becoming aware of the incident,  immediate action was taken by the Ministry of Defence, with the affected system taken offline, and investigations underway.  The MoD further confirmed that it would ensure that all salaries would reach its service members on time. The investigation parties which include public cybersecurity agencies GCHQ and NCSC, are also examining potential security failings or vulnerabilities by the third-party contractor SSCL, who operated the payroll system for the MoD. The MoD is actively notifying and providing support to those affected, including veterans' organizations. UK's Defence Secretary Grant Shapps is scheduled to update MPs in the Parliament about the breach and outline a "multi-point plan" to protect affected service personnel. Several Sources Suspect China Behind Ministry of Defence Data Breach Although the hackers' identity remains undisclosed, some officials and news agencies suspect China to be behind the attack amidst rising warnings about the threats posed by hostile states and third parties. China was previously reported to have attempted to obtain data from ex-RAF pilots through the use of financial lures. However, the MoD has not commented on China's involvement. Tobias Ellwood, a Conservative MP and veteran disclosed to Sky News that he believed China might behind the attack as a way of coercing the financially vulnerable in exchange for cash. In response to these allegations, the Chinese foreign ministry emphasized its stated opposition to all forms of cyber attacks and rejected the use of hacking incidents for political purposes. The UK-China relationship has been strained over recent hacking allegations, with Britain accusing Chinese-government sponsored hackers of targeting its lawmakers and electoral watchdogs over the past few years. While the breach is being investigated, concerns arise about sharing sensitive intelligence with countries harboring close relationships with China. This incident follows previous cyberattack campaigns attributed to China, prompting government officials to acknowledge China as a significant challenge. Martin Greenfield, CEO of the London-based cybersecurity consultancy Quod Orbis, expressed that the incident was the latest in a series of recent cyber-attacks demonstrating the threat of campaigns targeting nationally sensitive data as observed last month with an attack on the NHS. He added that UK organizations still face challenges in securing systems and that there needs to be further co-operation and information sharing between different teams and between public and private agencies to combat this threat rather than operating in isolation. He also expressed concern that the compromised service member data may be used in further targeted attacks in the digital and physical world, with tensions in the Middle East and Ukraine, such compromised data might pose additional challenges for MoD operations in the area. Mel Stride, a government minister, highlighted the need to balance security concerns with economic engagement with China. He emphasized the importance of including China in global discussions on issues like climate change. In Parliament, Deputy Prime Minister Oliver Dowden made use of the example of previously alleged incidents involving attacks on the Electoral Commission and targeted attempts on MPs who have made criticism against China. Opposition politicians and former military personnel expressed concerns and called for a comprehensive response from the government. As China's president, Xi Jinping, tours Europe, including friendly nations, concerns persist about the Chinese government's purported efforts at cyber espionage. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for Global Cyber Crime C ...

 Firewall Daily

In a landmark international operation, Dmitry Khoroshev, the once-anonymous leader behind the notorious LockBit Ransomware gang has been unmasked and heavily sanctioned. The announcement was made simultaneously today by the UK’s Foreign, Commonwealth and Development Office (FCDO), the US Department of the   show more ...

Treasury’s Office of Foreign Assets Control (OFAC), and the Australian Department of Foreign Affairs. The coordinated effort involved the UK, US, and Australia, marking a significant victory in the battle against cybercrime. Khoroshev, also known as LockBitSupp, who famously offered a $10 million reward for anyone who could expose his identity, is now facing asset freezes and travel bans. This decisive action was announced by the UK's Foreign, Commonwealth & Development Office, the US Department of the Treasury’s Office of Foreign Assets Control, and the Australian Department of Foreign Affairs. LockBit Leader Unmasked The unveiling of Khoroshev's identity is part of an extensive crackdown by the Operation Cronos taskforce, which includes the NCA, FBI, and other global partners. This follows a series of operations which saw the infiltration and disruption of LockBit’s network. The cyber group, known for its ransomware-as-a-service model, has significantly weakened, operating at a reduced capacity due to the relentless international efforts. This groundbreaking operation has not only demystified one of the cyber world’s most elusive figures but also inflicted a severe blow to the LockBit group's operations, signaling a impactful global stance against cyber threats and ransomware criminals. LockBit's Downfall: Disruption Leads to Reduction in Global Threats In February, authorities announced a significant breach in LockBit's defenses, gaining control over their dark web leak site and severely compromising the group's operational capabilities. The severity of LockBit's criminal activities was fully unveiled through this intervention, revealing that from June 2022 to February 2024, the group had orchestrated over 7,000 ransomware attacks globally, impacting major sectors including healthcare. The most affected regions included the United States, United Kingdom, France, Germany, and China. The data obtained from LockBit’s systems indicated that the attacks targeted more than 100 hospitals and healthcare entities, pushing at least 2,110 victims into negotiation with the cybercriminals. Despite their attempts to regroup and revive their operations, LockBit's capabilities remain stifled, running at a limited capacity with a considerably reduced global threat. Interestingly, in their desperation to appear active, LockBit created a new leak site post-disruption, inflating their activity by claiming older attacks and those conducted by other ransomware groups. However, the effectiveness of their operations has significantly dwindled, as indicated by a 73% decrease in the average monthly attacks in the UK post-February 2024, with similar reductions reported worldwide. The identification of Dmitry Khoroshev has provided invaluable insights into LockBit's inner workings, exposing the real-world implications of their actions. Of the 194 affiliates identified as part of LockBit’s network until February 2024, 148 were involved in building attacks, and 119 engaged in negotiations with victims. Disturbingly, 114 of these affiliates paid substantial sums to join LockBit's programs but failed to make any money from their criminal activities, highlighting the deceptive and exploitative nature of LockBit's operations. Moreover, the NCA's investigation revealed numerous instances where LockBit’s decryptor tools failed to function correctly, leaving victims who had paid ransoms without any solution and no support from the group’s affiliates. One particularly egregious incident involved an attack on a children’s hospital in December 2022, where LockBitSupp issued a statement apologizing and provided a free decryptor, claiming the affiliate had violated their rules and was expelled from the program. However, NCA analysis showed that the affiliate remained active and continued to conduct 127 unique attacks, engage in 50 negotiations, and received multiple ransom payments until the group's disruption in February 2024. NCA Director General Graeme Biggar emphasized the operation's success, stating, “These sanctions are hugely significant and show that there is no hiding place for cyber criminals like Dmitry Khoroshev, who wreak havoc across the globe. He was certain he could remain anonymous, but he was wrong. Biggar added, “We know our work to disrupt LockBit thus far has been extremely successful in degrading their capability and credibility among the criminal community. The group’s attempt at rebuilding has resulted in a much less sophisticated enterprise with significantly reduced impact.” Sanctions Minister Anne-Marie Trevelyan also highlighted the collaborative nature of this international effort, noting, “Together with our allies we will continue to crack down on hostile cyber activity which is destroying livelihoods and businesses across the world. In sanctioning one of the leaders of LockBit we are taking direct action against those who continue to threaten global security, while simultaneously exposing the malicious cyber-criminal activity emanating from Russia.” As part of the ongoing efforts to mitigate the damage caused by LockBit, the NCA and its partners have gained possession of over 2,500 decryption keys and are actively reaching out to nearly 240 victims in the UK, offering support and recovery solutions. The public is encouraged to report any cyber incidents immediately through the government’s Cyber Incident Signposting Site, which directs users to the appropriate agencies for further action. The Operation Cronos taskforce continues to operate at full capacity, involving a wide array of international law enforcement agencies from the US, UK, EU, and beyond, demonstrating a unified front against cyber threats. This coalition serves as a stark reminder that the international community remains vigilant and ready to employ all available resources to combat cybercrime and protect global security. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for Play Ransomware Grou ...

 Cybersecurity News

The Play ransomware group has claimed responsibility for an attack on the Kansas City Scout System which forced its staff to take immediate protective action by shutting down all systems. The Kansas City Scout System provides real-time weather and traffic updates to drivers along roads and highways in Kansas City.   show more ...

This system, managed jointly by the Departments of Transportation in Missouri and Kansas, suffered a significant setback during a weekend of severe storms. While the details of the attack are unknown, the Play ransomware gang later appeared to claim responsibility for the attack. The shut down affected the service's dynamic information boards, the official website as well as the real-time camera system. Kansas City Scout System Systems Shut Down Local news outlets posted images of blank screens along the Kansas City highways, highlighting the system's outage. The organization later confirmed through social media that a cyberattack had caused the disruption. Although specific details regarding the attack were not disclosed, the IT team took preemptive measures by shutting down all systems. [caption id="attachment_67016" align="alignnone" width="864"] KC Scout System Services Update Notice on X.[/caption] The Kansas City Scout staff stated on its official X.com (Twitter) account that restoration efforts were underway but stated that it was too early to provide a rough estimation of full availability and that could possibly take months for full restoration. The staff requested for patience from partners and the public as they work to restore the systems. [caption id="attachment_67012" align="alignnone" width="502"] Source: X.com (@AlvieriD)[/caption] The Play Ransomware group listed the Kansas City Scout System as a victim on its official leak site today, while giving about 6 days before publication of allegedly compromised data. No samples or further details were provided, making it difficult to confirm the group's involvement in the attack. While Play Ransomware group has claimed responsibility for the cyberattack on the Kansas City Scout System, however, it remains unconfirmed whether they actually conducted the attack or are merely claiming responsibility to attract attention. Official confirmation of the hacker collective responsible for the said attack is yet to be provided. Attack coincided with severe weather conditions in the area This attack coincided with severe weather conditions in the area, including tornadoes that claimed four lives. Trooper Tiffany Baylark from the Kansas Highway Patrol expressed concerns about the inability to communicate severe weather warnings or watches to drivers due to the outage. The inaccessibility of the system's official website, further complicated the situation amidst the severe weather forecast. Melissa Black, a spokeswoman for the Missouri Department of Transportation’s Kansas City District advised the public to seek Missouri traffic information via MoDOT.org or by calling 888-275-6636. Similarly, Kansas information could be obtained through KanDrive.gov or by calling 511. Officials stated that immediate and critical traffic information impacting the KC metro area would be shared through these sites. Limited information about the traffic and weather situation could be accessed via the toll-free number. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for Global Infosec Award ...

 Firewall Daily

Cyber Defense Magazine (CDM), marking its 12th anniversary as the leading electronic information security magazine, announced the winners of the prestigious Global InfoSec Awards at the RSA Conference 2024.   After an exhaustive six-month search across 3500 companies worldwide, CDM has identified the top innovators   show more ...

in cybersecurity, awarding nearly 10% of these as winners for their outstanding contributions to the industry.  This year's RSA Conference, a cornerstone event for cybersecurity professionals, has been especially significant. It showcased groundbreaking advancements amid increasing challenges such as sophisticated ransomware, business email compromise, and exploits targeting Cloud, IoT, and OT environments, alongside a surge in cyber-crime and cyber-terrorism.  In a new age of hybrid workforces and advances in AI, there's an equally exponential growth in new kinds of ransomware, business email compromise, Cloud, IoT and OT exploitation, deep phishing attacks, cyber-crime and cyber terrorism. Only the most innovative and forward-thinking Cybersecurity solutions will give us a fighting chance," said Yan Ross, Editor-in-Chief of Cyber Defense Magazine.  Global Infosec Awards 2024: Cyble Clinches 9 Honors Shortly thereafter, Cyber Defense Magazine also published a list of Global Infosec Awards for 2024 Winners by category -- Company. Among the standout recipients, AI-based cyber threat intelligence firm Cyble has notably excelled, securing multiple accolades in key cybersecurity arenas. Renowned for their proactive and visionary approach, Cyble has been honored with:  Cyble: Editor's Choice – Account Takeover Protection  Cyble: Trailblazing – Attack Surface Management  Cyble: Pioneering – Continuous Threat Exposure Management (CTEM)  Cyble: Pioneering – Cyber Exposure Management  Cyble: Pioneering – Data Loss Prevention (DLP)  Cyble: Pioneering – Digital Risk Protection  Cyble: Pioneering – Third Party Cyber Risk  Cyble: Trailblazing – Threat Intelligence  Cyble: Trailblazing – Vulnerability Intelligence  These awards emphasize Cyble's commitment to building strong cybersecurity defenses aimed at protecting businesses from today's most critical threats.  "Receiving these accolades at the Global InfoSec Awards is a tremendous honor for us," said Beenu Arora, the co-founder of Cyble. It’s a testament to the hard work and dedication of our team, particularly in our innovative AI technology. As we face increasingly complex cyber threats, these recognitions reinforce our commitment to pushing the boundaries of AI-driven cybersecurity solutions to better protect our clients."  Cyble, the leading provider of AI-driven cybersecurity solutions, is currently participating at the prestigious RSA Conference 2024, held at Moscone South Expo, San Francisco, from May 6 to May 9.  Visitors at Cyble's Booth N-2353 at RSAC 2024 can see firsthand how Cyble is transforming cybersecurity practices and strengthening network resilience. At RSA Conference 2024, Cyble is showcasing its innovative Cyble Vision Platform through engaging live demonstrations, illustrating how it enables organizations to proactively address cybersecurity threats.  For more information or to schedule a personal meeting with any of the leadership team members, please visit the event page at https://cyble.com/upcoming-events/rsa-conference-2024/  RSA Conference is the global stage for the cybersecurity industry, providing a platform for professionals to connect, share insights, and advance security technologies. This annual event brings together the brightest minds in cybersecurity, featuring in-depth sessions, keynotes, and training from leading experts in the field.   About Cyber Defense Magazine  With over five million monthly readers, Cyber Defense Magazine is the premier source of IT Security information. We are managed and published by and for ethical, honest, passionate information security professionals. Our mission is to share cutting-edge knowledge, real-world stories and awards on the best ideas, products and services in the information technology industry. About Cyble Cyble, a trailblazer in Cyber Threat Intelligence, is committed to democratizing Dark Web Threat Intelligence through advanced AI and Machine Learning solutions. Recognized as one of the most sought-after workplaces, Cyble’s culture fosters innovation, collaboration, and professional growth. With a proven track record in delivering cutting-edge research and proactive monitoring, Cyble stands at the forefront of the cybersecurity landscape. Headquartered in Atlanta, Georgia, and with a global presence spanning Australia, Malaysia, Singapore, Dubai, Saudi Arabia, and India, Cyble is the trusted authority empowering organizations to proactively combat evolving cyber threats.

image for 80% of All Security ...

 Cybersecurity News

Data sourced from over 40 million exposures that pose high-impact risks to numerous critical business entities revealed that Active Directory typically accounts for 80% of all security exposures identified in organizations. The research from XM Cyber in collaboration with the Cyentia Institute found that identity and   show more ...

credential misconfigurations fuel a striking majority of security exposures across organizations. Among these exposures, a third directly jeopardize critical assets, serving as a prime target for adversaries seeking to exploit vulnerabilities. Active Directory Exposures Dominate the Attack Surface Active Directory accounts for over half of entities identified across all environments, as per the report from XM Cyber. Thus, a significant portion of security exposures lies within a company's Active Directory, a vital component for user-network resource connectivity. However, this critical infrastructure also presents an attractive target for attackers as it interests them with additional elevated rights. “An attacker who has compromised an Active Directory account could use it to elevate privileges, conceal malicious activity in the network, execute malicious code and even gain access to the cloud environment,” XM Cyber explained. “Many of these exposures stem from the inherent nature of dynamic configuration issues in Active Directory as well as the challenge of keeping it updated. This creates a blind spot that appears secure on the surface but hides a nest of problems that many security tools can’t see,” the report said. Misconfigurations and credential attacks emerge as the top contributors to these exposures, introducing gaps that traditional security tools often overlook, such as issues in member management and password resets. These issues “present a challenge for nearly every organization,” XM Cyber said. Techniques like credential harvesting, dumping, relay and domain credentials feature prominently in the list of top techniques identified by attack path analysis for AWS, Azure and GCP, and Tools like Mimikatz make these techniques even easier to execute and thus make it extremely popular. Poor practices also make credential-related attack paths more easy and potent. XM Cyber said it identified highly privileged Active Directory credentials cached on multiple machines in 79% of organizations, and one in five of those have admin-level permissions on 100 or more devices. Furthermore, poor endpoint hygiene afflicts the majority of environments, with over 25% of devices lacking EDR coverage or containing cached credentials, offering attackers ample entry points to establish footholds. These overlooked vulnerabilities in identity and endpoint security form a fertile ground for hackers, demanding urgent attention from organizations. Zur Ulianitzky, Vice President of Security Research at XM Cyber, emphasized the necessity of broadening exposure management beyond vulnerabilities to encompass all potential adversary pathways, including misconfigurations and user behavior. The research revealed that a mere 2% of exposures exist on critical 'choke points,' where adversaries exploit vulnerabilities to access crucial assets. CVEs are a Drop in the Ocean Despite organizations' focus on managing traditional software vulnerabilities tracked by CVE identifiers, these efforts barely scratch the surface. XM Cyber's analysis uncovered approximately 15,000 exposures per organization, with CVE-based vulnerabilities constituting less than 1% of this extensive exposure landscape. Even concerning exposures affecting critical assets, CVEs represent only a minute fraction, highlighting significant blind spots in security programs fixated solely on vulnerability patching. Exposed Critical Assets in the Cloud Active Directory is the largest attack surface, according to XM Cyber, but the largest share of exposures to critical assets is in the cloud. Cloud environments, amidst rapid adoption by organizations, are not immune to exposure risks. Over half (56%) of exposures affecting critical assets are traced back to cloud platforms, presenting a significant threat as attackers seamlessly traverse between on-premises and cloud environments. This fluid movement poses a substantial risk to cloud-based assets, allowing attackers to compromise critical resources with minimal effort. Exposure Risks Across Sectors Industry-specific analysis from the report reveals discrepancies in exposure risks across sectors. Industries like Energy and Manufacturing exhibit a higher proportion of internet-exposed critical assets affected by exposures compared to Financial Services organizations, despite the latter's larger digital footprint. Healthcare providers, facing inherent challenges in minimizing risk, contend with a median number of exposures five times higher than the Energy and Utilities sector, emphasizing the need for tailored exposure management strategies. Exposure Management is currently beyond addressing only vulnerabilities and CVEs. Organizations need to adopt a holistic and ongoing Exposure Management approach, incorporating attack path modeling to pinpoint and resolve infrastructure weak points. Emphasis should be placed on tackling identity issues, Active Directory exposures and cloud cyber hygiene, while advocating for tailored solutions according to industry and scale. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for What is credential s ...

 Business

Millions of accounts fall victim to credential stuffing attacks each year. This method has become so widespread that back in 2022, one authentication provider reported an average of one credential stuffing attempt for every two legitimate account logins. And its unlikely that the situation has improved over the past   show more ...

couple of years. In this post, well discuss in detail how credential stuffing works, what data attackers use, and how you can protect your organizations resources from such attacks. How credential stuffing attacks work Credential stuffing is one of the most effective ways to compromise user accounts. Attackers leverage vast databases of pre-obtained usernames and passwords for accounts registered on various platforms. They then try these credentials en masse on other online services, hoping that some will work. This attack preys on the unfortunate habit that many people have of using the same password for multiple services – sometimes even relying on a single password for everything. As a result, attackers inevitably succeed in hijacking accounts with passwords that victims have used on other platforms. Where do these databases come from? There are three main sources: Passwords stolen through mass phishing campaigns and phishing sites. Passwords intercepted by malware specifically designed to steal credentials – known as stealers. Passwords leaked through breaches of online services. Data breaches provide cybercriminals with the most impressive number of passwords. The record holder is the 2013 Yahoo! breach that exposed a whopping 3 billion records. Its important to note that services typically dont store passwords in plain text but use so-called hashes instead. After a successful breach, attackers need to crack these hashes. The simpler the password, the less time and resources it takes to crack it. Therefore, users with weak passwords are most at risk after a data breach. However, if cybercriminals really need it, even the strongest password in the world is likely to be cracked eventually if its hash was exposed in a leak. So no matter how strong your password is, avoid using it across multiple services. Not surprisingly, stolen password databases continue to grow and accumulate new data. This results in colossal archives containing entries far exceeding the population of the Earth. In January 2024, the largest password database known to date was discovered, containing a staggering 26 billion records. Protecting against credential stuffing attacks To shield your organizations resources from credential stuffing attacks, we recommend implementing the following security measures: Educate your employees on cybersecurity best practices, emphasizing the dangers of password reuse. Develop and enforce a sensible password policy. Encourage the use of password managers to generate and store strong and unique character combinations. The application will also monitor for data breaches and recommend changing a password if it is already in a known database. Finally, mandate the use of two-factor authentication wherever possible. Its the most effective way to protect against not only credential stuffing but also other account takeover attacks.   In addition, apply the principle of least privilege to mitigate the impact of successful credential stuffing attacks in advance and, of course, use reliable protection on all corporate devices.

image for U.S. Charges Russian ...

 A Little Sunshine

The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev and charged him with using Lockbit to attack more than 2,000   show more ...

victims and extort at least $100 million in ransomware payments. Image: U.K. National Crime Agency. Khoroshev (Дмитрий Юрьевич Хорошев), a resident of Voronezh, Russia, was charged in a 26-count indictment by a grand jury in New Jersey. “Dmitry Khoroshev conceived, developed, and administered Lockbit, the most prolific ransomware variant and group in the world, enabling himself and his affiliates to wreak havoc and cause billions of dollars in damage to thousands of victims around the globe,” U.S. Attorney Philip R. Sellinger said in a statement released by the Justice Department. The indictment alleges Khoroshev acted as the LockBit ransomware group’s developer and administrator from its inception in September 2019 through May 2024, and that he typically received a 20 percent share of each ransom payment extorted from LockBit victims. The government says LockBit victims included individuals, small businesses, multinational corporations, hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. “Khoroshev and his co-conspirators extracted at least $500 million in ransom payments from their victims and caused billions of dollars in broader losses, such as lost revenue, incident response, and recovery,” the DOJ said. “The LockBit ransomware group attacked more than 2,500 victims in at least 120 countries, including 1,800 victims in the United States.” The unmasking of LockBitSupp comes nearly three months after U.S. and U.K. authorities seized the darknet websites run by LockBit, retrofitting it with press releases about the law enforcement action and free tools to help LockBit victims decrypt infected systems. The feds used the existing design on LockBit’s victim shaming website to feature press releases and free decryption tools. One of the blog captions that authorities left on the seized site was a teaser page that read, “Who is LockbitSupp?,” which promised to reveal the true identity of the ransomware group leader. That item featured a countdown clock until the big reveal, but when the site’s timer expired no such details were offered. Following the FBI’s raid, LockBitSupp took to Russian cybercrime forums to assure his partners and affiliates that the ransomware operation was still fully operational. LockBitSupp also raised another set of darknet websites that soon promised to release data stolen from a number of LockBit victims ransomed prior to the FBI raid. One of the victims LockBitSupp continued extorting was Fulton County, Ga. Following the FBI raid, LockbitSupp vowed to release sensitive documents stolen from the county court system unless paid a ransom demand before LockBit’s countdown timer expired. But when Fulton County officials refused to pay and the timer expired, no stolen records were ever published. Experts said it was likely the FBI had in fact seized all of LockBit’s stolen data. LockBitSupp also bragged that their real identity would never be revealed, and at one point offered to pay $10 million to anyone who could discover their real name. KrebsOnSecurity has been in intermittent contact with LockBitSupp for several months over the course of reporting on different LockBit victims. Reached at the same ToX instant messenger identity that the ransomware group leader has promoted on Russian cybercrime forums, LockBitSupp claimed the authorities named the wrong guy. “It’s not me,” LockBitSupp replied in Russian. “I don’t understand how the FBI was able to connect me with this poor guy. Where is the logical chain that it is me? Don’t you feel sorry for a random innocent person?” LockBitSupp, who now has a $10 million bounty for his arrest from the U.S. Department of State, has been known to be flexible with the truth. The Lockbit group routinely practiced “double extortion” against its victims — requiring one ransom payment for a key to unlock hijacked systems, and a separate payment in exchange for a promise to delete data stolen from its victims. But Justice Department officials say LockBit never deleted its victim data, regardless of whether those organizations paid a ransom to keep the information from being published on LockBit’s victim shaming website. Khoroshev is the sixth person officially indicted as active members of LockBit. The government says Russian national Artur Sungatov used LockBit ransomware against victims in manufacturing, logistics, insurance and other companies throughout the United States. Ivan Gennadievich Kondratyev, a.k.a. “Bassterlord,” allegedly deployed LockBit against targets in the United States, Singapore, Taiwan, and Lebanon. Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “REvil“) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California. In May 2023, U.S. authorities unsealed indictments against two alleged LockBit affiliates, Mikhail “Wazawaka” Matveev and Mikhail Vasiliev. In January 2022, KrebsOnSecurity published Who is the Network Access Broker ‘Wazawaka,’ which followed clues from Wazawaka’s many pseudonyms and contact details on the Russian-language cybercrime forums back to a 31-year-old Mikhail Matveev from Abaza, RU. Matveev remains at large, presumably still in Russia. Meanwhile, the U.S. Department of State has a standing $10 million reward offer for information leading to Matveev’s arrest. Vasiliev, 35, of Bradford, Ontario, Canada, is in custody in Canada awaiting extradition to the United States (the complaint against Vasiliev is at this PDF). In June 2023, Russian national Ruslan Magomedovich Astamirov was charged in New Jersey for his participation in the LockBit conspiracy, including the deployment of LockBit against victims in Florida, Japan, France, and Kenya. Astamirov is currently in custody in the United States awaiting trial. The Justice Department is urging victims targeted by LockBit to contact the FBI at https://lockbitvictims.ic3.gov/ to file an official complaint, and to determine whether affected systems can be successfully decrypted.

image for Blinken: Digital Sol ...

 Feed

The four goals of the US International Cyberspace and Digital Policy Strategy are to advance economic prosperity; enhance security and combat cybercrime; promote human rights, democracy, and the rule of law; and address other transnational challenges.

 Malware and Vulnerabilities

Citrix appears to have quietly addressed a vulnerability in its NetScaler ADC and Gateway appliances that gave remote, unauthenticated attackers a way to obtain potentially sensitive information from the memory of affected systems.

 Geopolitical, Terrorism

The nation-state actor APT28 exploited the zero-day flaw CVE-2023-23397 in attacks against European entities since April 2022. The Russia-linked APT also targeted NATO entities and Ukrainian government agencies.

 Companies to Watch

Anetac, a startup protecting companies from blind spots of service accounts in hybrid environments, raised $16M in funding. The round was led by Liberty Global with participation from Shield Capital, GP Ventures, Anetac CEO Tim Eades and Jason Witty.

 Govt., Critical Infrastructure

The Cyber Safety Review Board (CSRB) has added four new members, including Chris Krebs, former Director of the CISA, and David Luber, head of the NSA's Cybersecurity Directorate.

 Malware and Vulnerabilities

Mastodon delayed a firm fix for link preview DDoS issues, pushing it back to version 4.4.0 from the expected 4.3.0 release. The issue arises from the decentralized nature of Mastodon, where link previews generate excessive traffic on host servers.

 Malware and Vulnerabilities

The vulnerability, which has a CVSS score of 9.8, is a SQL injection flaw that allows attackers to execute unauthorized SQL queries and potentially compromise the integrity and confidentiality of the WordPress database.

 Trends, Reports, Analysis

According to Verizon's latest Data Breach Investigations Report (DBIR), supply chain breaches increased by 68% year-over-year, primarily due to software vulnerabilities exploited in ransomware and extortion attacks.

 Companies to Watch

AT&T has split its cybersecurity services business to form a new company called LevelBlue. It includes AT&T's managed security services business, cybersecurity consulting business, and assets from the acquisition of AlienVault in 2018.

 Geopolitical, Terrorism

Germany has recalled its ambassador to Russia in response to alleged Moscow-backed cyberattacks targeting various sectors in Germany, including defense, aerospace, and IT companies, as well as the German Social Democratic Party.

 Feed

A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the U.S. in August 2022. Vinnik and his co-conspirators have been accused of owning and managing

 Feed

The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week. "APT42 was

 Feed

The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023. The attack, which came to light last month, singled out MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day

 Feed

How safe is your comments section? Discover how a seemingly innocent 'thank you' comment on a product page concealed a malicious vulnerability, underscoring the necessity of robust security measures. Read the full real-life case study here.  When is a ‘Thank you’ not a ‘Thank you’? When it’s a sneaky bit of code that’s been hidden inside a ‘Thank You’

 Feed

Google on Monday announced that it's simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts. Also called 2-Step Verification (2SV), it aims to add an extra layer of security to users' accounts to prevent takeover attacks in case the passwords are stolen. The new change entails adding a second step method, such as an

 Feed

The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s Office of Foreign Assets Control (

 cyber attack

Source: www.cyberdefensemagazine.com – Author: News team By Toby Bussa, VP of Product Marketing, ThreatConnect Introduction In an era where cyber threats loom larger and are more complex than ever, it is vitally important for organizations to have a cyber threat intelligence (CTI) program and implement threat   show more ...

intelligence operations (TI Ops) to bolster their defenses. TI […] La entrada Strengthening Cyber Defense with Threat Intelligence Operations – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cyber attack

Source: www.cyberdefensemagazine.com – Author: News team By Tom Tovar, Co-creator and CEO of Appdome There’s a major battle brewing between platform vs. platformization companies in cybersecurity. On either side, cybersecurity heavyweights are racing to offer fully integrated multi-defense platforms that   show more ...

include workforce automation, data and response in one. Either way, point products are quickly fading […] La entrada What Palo Alto Networks and CrowdStrike Teach us About Using a Mobile Defense Platform – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cyberdefensemagazine.com – Author: News team The critical role end-user experience plays in organizational security By Amitabh Sinha, CEO and Co-Founder of Workspot In an era of sophisticated cyber-attacks, security leaders are feeling the pressure to fortify their infrastructure – deploying a   show more ...

variety of defenses including zero-day patches, security tools with frequent application updates, and […] La entrada Organizational Cybersecurity Hinges on End-User Satisfaction – Source: www.cyberdefensemagazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.cybertalk.org – Author: slandau By Deryck Mitchelson, Field CISO EMEA, Check Point. This article was originally published via the World Economic Forum and reprinted with permission. Cyber resilience is more than just a buzzword in the security industry; it is an essential approach to safeguarding   show more ...

digital assets in an era where cyber threats are […] La entrada Key strategies for building cyber resilience in 2024 – Source: www.cybertalk.org se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 China

Source: www.theguardian.com – Author: Tom Ambrose and agency The Ministry of Defence has suffered a significant data breach and the personal information of UK military personnel has been hacked. A third-party payroll system used by the MoD, which includes names and bank details of current and past members of   show more ...

the armed forces, was targeted in […] La entrada UK armed forces’ personal data hacked in MoD breach – Source: www.theguardian.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 copyright

Source: www.schneier.com – Author: Bruce Schneier HomeBlog Comments Winter • May 6, 2024 8:30 AM The whole lawsuit hinges around this text in the law (c)(2)(B): No provider or user of an interactive computer service shall be held liable on account of any action taken to enable or make available to information   show more ...

content providers or […] La entrada New Lawsuit Attempting to Make Adversarial Interoperability Legal – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Addresses

Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer Source: Ken Wolter via Shutterstock Citrix appears to have quietly addressed a vulnerability in its NetScaler Application Delivery Control (ADC) and Gateway appliances that gave remote, unauthenticated attackers a way to obtain potentially   show more ...

sensitive information from the memory of affected systems. The bug was nearly identical to […] La entrada Citrix Addresses High-Severity Flaw in NetScaler ADC and Gateway – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Chain

Source: www.darkreading.com – Author: Nate Nelson, Contributing Writer Source: Kheng Ho Toh via Alamy Stock Photo Breaches resulting from a third party were up 68% last year, primarily due to software vulnerabilities exploited in ransomware and extortion attacks. Supply chain breaches have been on the rise for   show more ...

some time now. According to Verizon’s latest Data […] La entrada Supply Chain Breaches Up 68% Year Over Year, According to DBIR – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Jeffrey Schwartz, Contributing Writer Source: Bakhtiar Zein via Alamy Stock Vector A rise in prompt injection engineering into large language models (LLMs) could emerge as a significant risk to organizations, an unintended consequence of AI discussed during a CISO   show more ...

roundtable discussion on Monday. The panel was held during Purple Book Community Connect–RSAC, an event […] La entrada LLMs & Malicious Code Injections: ‘We Have to Assume It’s Coming’ – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: PRESS RELEASE SANTA CLARA, Calif. – May 6, 2024 – AttackIQ®, the leading independent vendor of breach and attack simulation (BAS) solutions and founding research partner of the MITRE Engenuity Center for Threat-Informed Defense (CTID), today announced a partnership   show more ...

with the Cyber Poverty Line Institute. To help address unequal access to cyber knowledge and […] La entrada AttackIQ Partners With Cyber Poverty Line Institute to Provide Academy Courses to Underserved Communities – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 BigID

Source: www.darkreading.com – Author: PRESS RELEASE SAN FRANCISCO, May 6, 2024 /PRNewswire/ — BigID, the pioneer in AI-augmented data security, compliance, and privacy for modern cloud-first enterprises, today announced a new advancement in cloud data security, privacy, and governance with the launch   show more ...

of its industry-first dual-scanning technology. BigID’s dual, or “hybrid”, scanning technology gives organizations unmatched speed, efficiency, […] La entrada BigID Launches Industry-First Hybrid Scanning for Cloud Native Workloads – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: PRESS RELEASE RESTON, Va., May 6, 2024 /PRNewswire/ — The DNS Abuse Institute, dedicated to combating online technical abuse and fostering a safer digital environment, announced Monday its transformation into the NetBeacon Institute. This renaming reflects the   show more ...

Institute’s continued vision and commitment to provide innovative solutions in the fight against DNS Abuse which includes malware, botnets, […] La entrada Introducing the NetBeacon Institute: Empowering a Safer Web – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: PRESS RELEASE NEW YORK, May 6, 2024 /PRNewswire/ — AXA XL unveiled a new cyber insurance endorsement providing public companies with dedicated coverage to address the costs associated with updated U.S. Securities and Exchange Commission (SEC) reporting compliance   show more ...

obligations following a cyber incident. According to Michelle Chia, Chief Underwriting Officer for Cyber in the […] La entrada AXA XL Introduces Endorsement to Help Public Companies Address SEC Cyber Reporting Costs – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Artificial Intelligence & Machine Learning , Events , Fraud Management & Cybercrime Ransomware, AI Technology and the Art of the Possible Are Hot Topics This Year Anna Delaney (annamadeline) • May 6, 2024     From left, Tom Field, Mathew Schwartz,   show more ...

Michael Novinson and Anna Delaney Information Security Media Group […] La entrada ISMG Editors: Opening Day Overview of RSA Conference 2024 – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 An enterprise has many different types of technology in its estate – including software, hardware and infrastructure – and historically each type has been managed in silos through software asset management, hardware asset management and infrastructure   show more ...

asset management solutions. But now, there is “a unified system of process” called enterprise […] La entrada Enterprise Technology Management: No Asset Management Silos – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Challenges

Source: www.databreachtoday.com – Author: 1 Updating software as new vulnerabilities are discovered persistently remains a top cybersecurity challenge involving medical devices, said David Brumley, a cybersecurity professor at Carnegie Mellon University and CEO of security firm ForAllSecure. Solving this   show more ...

stubborn problem requires a major mindset shift, he said. “The biggest thing that I think that […] La entrada The Challenges in Keeping Medical Device Software Updated – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Governance & Risk Management , IT Risk Management Company Plans to Link Executive Compensation to Achieving Security Milestones Chris Riotta (@chrisriotta) • May 6, 2024     Microsoft pledged renewed focus on cybersecurity. (Image: Shutterstock) Microsoft is   show more ...

overhauling its security practices and implementing key federal recommendations following a series of […] La entrada Microsoft Overhauls Security Practices After Major Breaches – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Artificial Intelligence & Machine Learning , Next-Generation Technologies & Secure Development AI Investments and Global Expansion Set to Propel Growth After Separating From AT&T Michael Novinson (MichaelNovinson) • May 6, 2024     A managed   show more ...

cybersecurity services powerhouse led by the longtime CEO of Trustwave plans to capitalize on AI […] La entrada LevelBlue Leverages AI for Threat Intel Following AT&T Split – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: 1 Fraud Management & Cybercrime , Ransomware International Police Operation Revives Seized LockBit Dark Web Leak Site Prajeet Nair (@prajeetspeaks) • May 6, 2024     A snapshot of the LockBit leak site seized by Operation Cronos on May 6, 2024 (Image: ISMG)   show more ...

Police behind an international law enforcement operation targeting […] La entrada Operation Cronos Again Threatens to Reveal LockBitSupp – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 catalog

Source: www.darkreading.com – Author: Becky Bracken, Senior Editor, Dark Reading Source: Federico Caputo via Alamy Stock Photo RSA CONFERENCE 2023 – San Francisco – When the Cybersecurity and Infrastructure Security Agency first introduced the Known Exploited Vulnerabilities (KEV) list in 2021, the intent   show more ...

was to provide government agencies and enterprises with a heads up about […] La entrada Does CISA’s KEV Catalog Speed Up Remediation? – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Jeffrey Schwartz, Contributing Writer Source: Kjetil Kolbjørnsrud via Alamy Stock Photo Security professionals who rise through the corporate ranks and become chief information security officers (CISOs) often believe they have reached the pinnacle of their careers. But for   show more ...

some, the CISO role is a path to overseeing all of IT.  Many […] La entrada What’s the Future Path for CISOs? – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Elizabeth Montalbano, Contributing Writer Source: Freedomz via Shutterstock The City of Wichita is investigating a ransomware attack that happened over the weekend and shut down many of the city’s networks and services, with no current end in sight to as to when   show more ...

systems will be restored. The attack happened on Sunday […] La entrada City of Wichita Public Services Disrupted After Ransomware Attack – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer Source: Deemerwha studio via Shutterstock When the US Department of Energy (DoE) analyzed the use of artificial intelligence and machine learning (AI/ML) models in critical infrastructure last month, the agency came up with a top 10 list of   show more ...

potential beneficial applications of the technology, including simulations, predictive […] La entrada Feds: Reducing AI Risks Requires Visibility & Better Planning – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Chris Lindsey Chris Lindsey, Application Security Evangelist, Mend.io May 7, 2024 3 Min Read Source: Brian Jackson via Alamy Stock Photo COMMENTARY If you have not yet heard about a critical vulnerability found in XZ Utils, you aren’t paying attention to critical   show more ...

security news. After all, the discovery of a backdoor in a widely […] La entrada Spies Among Us: Insider Threats in Open Source Environments – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Karen Spiegelman, Features Editor US Secretary of State Antony J. Blinken announced a new federal initiative to set up guardrails for digital technology and establish international norms around security, privacy, and new technology. The US International Cyberspace and   show more ...

Digital Policy Strategy serves “to advance our technological competitors, to safeguard our democratic […] La entrada Blinken: Digital Solidarity Is ‘North Star’ for US Policy – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Dark Reading Staff 2 Min Read Source: Nico El Nino via Adobe Stock Photo Nearly every organization struggles to monitor service accounts, tokens, application programming interfaces (APIs), and access keys to accounts that are scattered throughout its environment. Modern   show more ...

applications rely on APIs to bring in data and also to make […] La entrada Anetac Targets Service Account Security – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 backdoor

Source: securelist.com – Author: Alexander Kolesnikov, Vitaly Morgunov We at Kaspersky continuously monitor the evolving cyberthreat landscape to ensure we respond promptly to emerging threats, equipping our products with detection logic and technology. Software vulnerabilities that threat actors can exploit or   show more ...

are already actively exploiting are a critical component of that landscape. In this report, […] La entrada Exploits and vulnerabilities in Q1 2024 – Source: securelist.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: thehackernews.com – Author: . The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign,   show more ...

Commonwealth and Development Office (FCD), the U.S. Department of the Treasury’s […] La entrada Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-05
Aggregator history
Tuesday, May 07
WED
THU
FRI
SAT
SUN
MON
TUE
MayJuneJuly