Software developers tend to be advanced computer users at the very least, so you could assume theyd be more likely to spot and thwart a cyberattack. However, experience shows that no one is fully immune to social engineering — all it takes is the right approach. For IT professionals, such an approach might involve show more ...
the offer of a well-paid job at a high-profile company. Chasing a dream job can make even seasoned developers lower their guard and act like kids downloading pirated games. And the real target (or rather —victim) of the attack might be their current employer. Recently, a new scheme has emerged in which hackers infect developers computers with a backdoored script disguised as a coding test. This isnt an isolated incident, but just the latest iteration of a well-established tactic. Hackers have been using fake job offers to target IT specialists for years — and in some cases with staggering success. You might think that the consequences should remain the particular individuals problem. However, in todays world, its highly likely that the developer uses the same computer for both their main work and the coding test for the new role. As a result, not only personal but also corporate data may be at risk. Fake job posting, crypto game, and a $540 million heist One of the most notorious cases of fake job ads used for malicious purposes was witnessed in 2022. Hackers managed to contact (likely through LinkedIn) a senior engineer at Sky Mavis, the company behind the crypto game Axie Infinity, and offer him a high-paying position. Enticed by the offer, the employee diligently went through several stages of the interview set up by the hackers. Naturally, it all culminated in a job offer, sent as a PDF file. The document was infected. When the Sky Mavis employee downloaded and opened it, spyware infiltrated the companys network. After scanning the companys infrastructure, the hackers managed to obtain the private keys of five validators on Axie Infinitys internal blockchain — Ronin. With these keys they gained complete control over the cryptocurrency assets stored in the companys wallets. This resulted in one of the largest crypto heists of the century. The hackers managed to steal 173,600 ETH and 25,500,000 USDC, which was worth approximately $540 million at the time of the heist. More fake job postings, more malware In 2023, several large-scale campaigns were uncovered in which fake job offers were used to infect developers, media employees, and even cybersecurity specialists (!) with spyware. One attack scenario goes like this: someone posing as a recruiter from a major tech company contacts the target through LinkedIn. After some back-and-forth, the target receives an exciting job opportunity. However, to land the job, they must demonstrate their coding skills by completing a test. The test arrives in executables within ISO files downloaded from a provided link. Running these executables infects the victims computer with the NickelLoader malware, which then installs one of two backdoors: either miniBlindingCan or LightlessCan. In another scenario, attackers posing as recruiters initiate contact with the victim on LinkedIn, but then smoothly transition the conversation to WhatsApp. Eventually they send a Microsoft Word file with the job description. As you might guess, this file contains a malicious macro that installs the PlankWalk backdoor on the victims computer. Yet another variation of the attack targeting Linux users featured a malicious archive titled HSBC job offer.pdf.zip. Inside the archive was an executable file disguised as a PDF document. Interestingly, in this case, to mask the files true extension, the attackers used an exotic symbol: the so-called one dot leader (U+2024). This symbol looks like a regular period to the human eye but is read as a completely different character by the computer. Once opened, this executable displays a fake PDF job description while, in the background, launching the OdicLoader malware, which installs the SimplexTea backdoor on the victims computer. Fake coding test with a Trojan on GitHub A recently discovered variation of the fake job attack starts similarly. Attackers contact an employee of the target company pretending to be recruiters seeking developers. When it comes to the interview, the victim is asked to complete a coding test. However, unlike the previous variations, instead of sending the file directly, the criminals direct the developer to a GitHub repository where it is stored. The file itself is a ZIP archive containing a seemingly innocuous Node.js project. However, one component of this project contains an unusually long string, specially formatted to be overlooked when scrolling quickly. This string holds the hidden danger: heavily obfuscated code that forms the first stage of the attack. When the victim runs the malicious project, this code downloads, unpacks, and executes the code for the next stage. This next stage is a Python file without an extension, with a dot at the beginning of the filename signaling to the OS that the file is hidden. This script launches the next step in the attack — another Python script containing the backdoor code. Thus, the victims computer ends up with malware that can maintain continuous communication with the command-and-control server, execute file system commands to locate and steal sensitive information, download additional malware, steal clipboard data, log keystrokes, and send the collected data to the attackers. As with the other variations of this scheme, the hackers count on the victim using their work computer to complete the interview and run the test. This allows the hackers to access the infrastructure of the target company. Their subsequent actions can vary, as history shows: from trojanizing software developed by the victims company to direct theft of funds from the organizations accounts, as seen in the Sky Mavis case mentioned at the beginning of this article. How to protect yourself As we noted above, theres currently no bulletproof defense against social engineering. Virtually anyone can be vulnerable if the attacker finds the right approach. However, you can make the task significantly more challenging for attackers: Raise awareness among employees — including developers — about cyberthreats through specialized training. Setting up such training is simple with our automated educational platform, Kaspersky Automated Security Awareness Platform. Use a reliable security solution on all corporate devices. If internal resources and expertise are limited, consider using an external service like Kaspersky Managed Detection and Response.
The 2024 ISC2 Cybersecurity Workforce Study found that amid a tightening job market and dynamic cyber-threat environment, ongoing staffing and skills shortages are putting organizations at serious risk. Can AI move the needle in defenders' favor?
The prominent state-sponsored advanced persistent threat (APT), aka Jumpy Pisces, appears to be moving away from its primary cyber-espionage motives and toward wreaking widespread disruption and damage.
Application security teams from Fortune 500 companies are already using Noma's life cycle platform, which offers organizations data and AI supply chain security, AI security posture management, and AI threat detection and response.
On the heels of a Chinese APT eavesdropping on phone calls made by Trump and Harris campaign staffers, Beijing says foreign nations have mounted an extensive seafaring espionage effort.
Steam the Webinar on demand HERE As we look back on the cybersecurity landscape of 2024, it’s clear that the world of digital threats continues to evolve at an alarming pace in parallel with AI. This year has seen ransomware groups adapt and innovate, pushing the boundaries of their malicious capabilities and show more ...
evasiveness from law enforcement. In our annual “Nastiest Malware” report, now in its sixth year, we’ve observed a steady increase in both the number and sophistication of malware attacks. The ransomware sector, in particular, has witnessed the emergence of “business models,” with ransomware-as-a-service (RaaS) dominating the scene. Elite ransomware authors have concluded that profit sharing and risk mitigation are key contributors to their consistent success and evasion of authorities. The saga of LockBit in 2024 exemplifies the resilience and adaptability of these cybercriminal groups. Despite a major law enforcement operation in February, dubbed “Operation Cronos,” which saw the FBI and international partners seize LockBit’s infrastructure and obtain over 7,000 decryption keys, the group managed to resurface within days. This cat-and-mouse game between LockBit and law enforcement agencies has continued throughout the year, with the group’s leader even taunting the FBI, claiming that their efforts only make LockBit stronger. The LockBit story underscores a crucial point: while law enforcement operations can disrupt cybercriminal activities, they often fall short of delivering a knockout blow. These groups have become adept at rebuilding their infrastructure, rebranding when necessary, and continuing their operations with minimal downtime. As we detail our analysis of the six most notorious ransomware and malware groups that have dominated headlines in 2024, it’s important to note that the threat landscape extends beyond just these actors. The rise of AI-driven phishing and social engineering, increased targeting of critical infrastructure, and the emergence of more sophisticated fileless malware are all trends that have shaped the cybersecurity battlefield this year. In this report, we’ll explore how these groups have evolved, their most significant attacks, and the broader implications for cybersecurity. We’ll also provide updated survival tips for both businesses and individual users, reflecting the ever-changing nature of these threats. Ransomware Over the past decade, ransomware has established itself as the pinnacle of cybercriminal exploits. It is the most successful and lucrative avenue for monetizing a breach of a victim. Every year we see more and more data stolen and higher ransom demands dominating headlines. Each ransomware group on our Nastiest Malware list utilizes the double-extortion method where the data stolen is leveraged for leak potential on dark web leak sites. The impending damage to brand and reputation that comes with the public disclosure of a breach are massive threats to companies of any size. Not to mention the impending regulatory fines that come with the breach. This strategy has shown it’s resilience over the past few years since it became mainstream and it seems to be as robust as ever. Let’s take a look at what the payment numbers look like so far in 2024. Source: Coveware We’ve seen a drop-off from the highs last year – fueled by Cl0p ransomware group making over $100 Million in a few months in late 2023. But when we zoom out you can see that it will be going up over time. This time next year we anticipate the amounts to be higher than what they are now. Some of this will be fueled by inflation, some will be an increase in effectiveness in tactics, and some by the anticipated 2025 “bull run” price spike in crypto – the only payment method these criminals accept. Looking at the payment resolution rates – meaning the percentage of people that end up paying the ransom, we can see a slight increase during this year. Zooming out the trend does indicate an overall decline which is good news and reflects that the industry is taking serious precautions in their security posture. We expect that this slight increase is only temporary and will continue the trend of decreasing for next year. One nasty change this year is the increase of ransomware attacks on smaller sized businesses. The market share of ransomware attacks on business with under 100 employees is now almost 40%. While the media headlines of record breaking ransoms against fortune 500 companies will always take center stage, the small to mid market has always been the bread and butter for cybercriminals. The amount of effort and return on investment of time is too good for criminals not to be attracted to these easier and weaker targets. Now let’s take a look at this year’s Nastiest Malware. LockBit: The Resilient Threat One of the most notorious ransomware groups, LockBit, faced significant challenges and disruptions in 2024 due to coordinated international law enforcement efforts. The year began with “Operation Cronos,” a major strike against LockBit’s infrastructure in February. Led by the UK’s National Crime Agency (NCA) and involving agencies from multiple countries, including the FBI, this operation resulted in the seizure of LockBit’s leak sites and the exposure of information about nearly 200 affiliates. A pivotal moment came when the FBI obtained over 7,000 decryption keys, allowing victims to unlock their encrypted data for free. This dealt a severe blow to LockBit’s operations and credibility – remember that most of the success and money is from the affiliates that choose thier ransomware payload over another’s group so credibility and trust are paramount in this criminals scene. Despite these setbacks, LockBit attempted to maintain its operations, quickly adapting by changing encryption methods and shifting its leak site strategy. However, law enforcement continued to apply pressure throughout the year. In May, authorities revealed the identity of LockBit’s alleged mastermind, Dmitry Yuryevich Khoroshev, and offered a $10 Million reward for information leading to his arrest. The culmination of these efforts came in October when law enforcement agencies announced additional arrests and disruptions. Four individuals connected to LockBit were arrested, including a major developer and two affiliates. Notably, Aleksandr Ryzhenkov, linked to both LockBit and the infamous Evil Corp group, was unmasked and sanctioned. These actions, part of the ongoing Operation Cronos, significantly impacted LockBit’s operations, leading to a noticeable decrease in their attack frequency and causing distrust within the cybercriminal community. Despite LockBit’s attempts to maintain its fearsome reputation, including false claims of attacks, the group’s activities were impacted throughout 2024, marking a significant victory for global cybersecurity efforts. However, LockBit is still a major player in the RaaS scene and the leader and his affiliates are still making millions in ransoms. LockBit has proven its resilience in the face of law enforcement efforts, presenting the group’s adaptability and persistence. The leader has boasted that he loves the FBI and that they only make his group stronger, and he wants to hit one million businesses before retirement. This is a stark contrast from most ransomware groups when hit by law enforcement as they will quickly retire the brand and repivot to another. This RaaS has been on the Nastiest Malware for over three years maintaining its status as a top contender in the Ransomware scene in 2024. Akira: The Healthcare Menace The Akira ransomware group was first observed in March 2023 and immediately became one of the most formidable threats in the threat landscape. By January 2024, the group had impacted over 250 organizations and claimed approximately $42 million in ransomware proceeds. Akira’s rapid rise to the top was marked by its versatility and constant evolution of tactics. In 2024, Akira expanded its capabilities significantly. Initially focused on Windows systems, the group deployed a Linux variant targeting VMware ESXi virtual machines in April. Throughout the year, Akira demonstrated a pattern of swift adaptation to new vulnerabilities. They actively exploited several critical vulnerabilities, including SonicWall SonicOS, Cisco Adaptive Security Appliance (ASA), and FortiClientEMS software. These exploits allowed Akira to gain initial access, escalate privileges, and move laterally within compromised networks. A notable shift in Akira’s tactics occurred in early 2024 when they appeared to sideline encryption tactics, focusing primarily on data exfiltration. However, by September 2024, there were indications of a potential return to previous tactics using Windows and Linux payloads written in C++. This adaptability was further evidenced in a June 2024 attack on a Latin American airline, where Akira operators exploited vulnerable services to deploy ransomware and exfiltrate data. Akira’s victims spanned a wide range of sectors, with a particular focus on manufacturing, professional services, healthcare, and critical infrastructure. The group’s success was attributed to its constant evolution, sophisticated attack methods, and the employment of double-extortion tactics. As of 2024, Akira had solidified its position as one of the most prevalent and dangerous ransomware operations in the cybersecurity threat landscape. RansomHub: The High-Profile Attacker RansomHub emerged as a formidable new player in the ransomware landscape in February 2024, quickly establishing itself as one of the most prolific and dangerous ransomware groups. Operating on a RaaS model, RansomHub attracted high-profile affiliates from other prominent groups like BlackCat/ALPHV following their FBI takedown in December 2023. This is likely due to its attractive payment structure where affiliates receive up to 90% of the ransom – compared to around 30-50% with other groups. By August 2024, RansomHub had breached at least 210 victims across various critical U.S. infrastructure sectors, including healthcare, government services, financial services, and critical manufacturing. Notable attacks included breaches of Planned Parenthood, the Rite Aid drugstore chain, Christie’s auction house, and Frontier Communications, with the latter resulting in the exposure of personal information of over 750,000 customers. RansomHub’s tactics evolved throughout the year, employing sophisticated methods such as exploiting various software vulnerabilities, using intermittent encryption to speed up attacks, and leveraging double extortion techniques. The group’s data leak site became a significant threat, with stolen data being published for 3-90 days if ransom demands were not met. The attack on Planned Parenthood not only demonstrated RansomHub’s capability to breach highly sensitive networks but also highlighted their willingness to target organizations with high reputational risks. This sparked widespread concern and discussions on cybersecurity measures within nonprofit organizations. By October 2024, RansomHub had overtaken LockBit as the most prolific ransomware group in terms of claimed successful attacks, solidifying its position as a major threat in the cybersecurity landscape. Dark Angels: The Whaling Experts Dark Angels emerged as one of the most formidable ransomware threats in 2024, gaining notoriety for their highly targeted “big game hunting” approach and record-breaking ransom demands. The group, which has been active since 2022, made headlines in early 2024 when they reportedly received a staggering $75 million ransom payment from a Fortune 50 company. This payment would be nearly double the previous record of $40 million paid by CNA Financial in 2021.The group’s modus operandi involves targeting a small number of high-value organizations, often exfiltrating massive amounts of data (typically 10-100 terabytes for large businesses) before considering encryption. This strategy allows Dark Angels to maintain a low profile while maximizing their profits. In 2024, they continued to evolve their tactics, switching from a Babuk-ESXi-based ransomware to a variant of Ragnar Locker. Notable attacks attributed to Dark Angels in 2024 included a breach of a high-profile media company, where they stole proprietary information and engaged in lengthy negotiations before the ransom was paid. The group’s data leak site, named “Dunghill Leak,” is used to pressure victims into paying, though the group often prefers to avoid public attention. Dark Angels’ success in 2024, particularly the record-breaking ransom payment, has raised concerns that their tactics may be emulated by other cybercriminal groups, potentially leading to an increase in highly targeted, high-value ransomware attacks across various sectors. RedLine: The Credential Thief Not all of our Nastiest Malware are ransomware groups and RedLine Stealer has become one of the most prominent threats in 2024, particularly due to its capability to steal credentials and sensitive data across a wide array of sectors. Throughout 2024, RedLine demonstrated its effectiveness by stealing over 170 million passwords in just a six-month period, highlighting its massive impact. The malware’s capabilities expanded to include stealing not only passwords but also credit card details, cryptocurrency wallets, and browser data. Its adaptability and frequent updates allowed it to evade many security measures, making it a persistent threat across various sectors. RedLine’s distribution methods remained diverse, with phishing emails and malicious websites being the primary vectors. The malware’s operators continued to refine their tactics, often disguising RedLine as legitimate software updates or enticing downloads. This approach allowed them to bypass traditional security measures and infect a large number of systems. The impact of RedLine extended beyond individual users to affect major corporations and critical infrastructure. Several high-profile breaches attributed to RedLine in 2024 resulted in significant financial losses and reputational damage for the affected organizations. Breaking news!In late October 2024 – RedLine suffered a takedown from a coordinated international law enforcement operation dubbed “Operation Magnus.” Led by the Dutch National Police and supported by agencies including the FBI, UK’s National Crime Agency, the operation successfully disrupted RedLine’s infrastructure and operations. The authorities gained full access to RedLine’s servers, obtaining crucial data including usernames, passwords, IP addresses, and even the source code of the malware. This breakthrough allowed law enforcement to retrieve a database of thousands of RedLine clients, paving the way for further investigations and potential legal actions against cybercriminals who used the malware. The U.S. Department of Justice charged Maxim Rudometov, a Russian national, as the suspected developer and leader of the RedLine malware operation. If convicted, Rudometov faces up to 35 years in prison on charges including access device fraud, conspiracy to commit computer intrusion, and money laundering. Only time will tell if this seizure of assets is enough to shutdown the operations of RedLine and prevent them from bouncing back like we’ve seen time and time again from other resilient groups on this list. Play Ransomware: The Versatile Threat Play ransomware continued to be a significant threat in the cybersecurity landscape throughout 2024. The group, which first appeared in 2022, maintained its position as one of the most active ransomware operations, consistently ranking among the top threat actors. In 2024 a notable shift occurred when the group transitioned from its previous double-extortion tactics to specifically targeting ESXi environments. This change in focus allowed Play to exploit vulnerabilities in virtual machine infrastructures, increasing the impact of their attacks. A significant attack attributed to Play Ransomware targeted a major utility provider, resulting in widespread service disruptions and raising concerns about critical infrastructure vulnerabilities. The attack began with the exploitation of unpatched FortiOS vulnerabilities in the company’s VPN infrastructure, allowing initial access to the network. From there, the attackers leveraged exposed RDP services to move laterally within the network, eventually gaining the access needed to deploy their ransomware payload. The group’s use of intermittent encryption continued to be a defining characteristic, allowing them to evade many endpoint security solutions while still rendering files inaccessible to victims. Play’s attacks were particularly damaging in the IT services sector, suggesting a strategic focus on organizations that could lead to supply chain impacts. AI-Driven Phishing and Social Engineering: The use of AI and machine learning in crafting phishing emails has made these lures more convincing and harder to detect. Cybercriminals are leveraging AI to personalize attacks, increasing their success rates Targeting of Critical Infrastructure: There has been a noticeable increase in attacks targeting critical infrastructure, including utilities and healthcare sectors, raising concerns about national security and public safety Fileless Malware: Fileless attacks aren’t new, and neither is bypassing security protections but there has been an increase in harder to detect kill chains, more sophisticated attacks, more complex persistence, that are more effective at bypassing security than ever. New Malware Language: Malware written in Golang continues to trend in both scale and complexity Businesses: Lock down Remote Desktop Protocols (RDP) – this infiltration tactic has been around for a while, but it’s still one of the top infection vectors! Enhance Employee Training: Go beyond basic awareness. Implement regular, interactive cybersecurity simulations and scenario-based training. PATCH OR DIE! Implement a Multi-layered security and defense in depth posture. Adopt a Comprehensive Backup Strategy: Implement the 3-2-1 backup rule with immutable backups to protect against ransomware attacks. Develop and Test Incident Response Plans: Create, regularly update, and practice cybersecurity incident response plans. Individual Users: Use Password Managers: Employ a reputable password manager to create and store strong, unique passwords for all accounts – consider passphrases. Enable Multi-Factor Authentication (MFA): Activate MFA on all accounts that offer it, preferably using authenticator apps or hardware keys. Keep Software Updated: Enable automatic updates for your operating system, applications, and security software. Be Cautious with Smart Devices: Secure your IoT devices by changing default passwords and keeping firmware updated. Practice Safe Social Media: Be cautious about the personal information you share on social media platforms. Use Virtual Private Networks (VPNs): Employ a reliable VPN service, especially when using public Wi-Fi networks. Download the infographic HERE The post Nastiest Malware 2024 appeared first on Webroot Blog.
WordPress Automatic plugin versions 3.92.0 and below proof of concept exploit that demonstrates path traversal and server-side request forgery vulnerabilities.
Proof of concept exploit for a command injection vulnerability in CyberPanel. This vulnerability enables unauthenticated attackers to inject and execute arbitrary commands on vulnerable servers by sending crafted OPTIONS HTTP requests to /dns/getresetstatus and /ftp/getresetstatus endpoints, potentially leading to full system compromise. Versions prior to 1c0c6cb appear to be affected.
Ubuntu Security Notice 7076-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Ubuntu Security Notice 7021-5 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Ubuntu Security Notice 7086-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code.
Ubuntu Security Notice 7087-1 - It was discovered that libarchive incorrectly handled certain RAR archive files. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 7085-2 - USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this show more ...
issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 7084-2 - USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. It was discovered that urllib3 didn't strip HTTP Proxy-Authorization header on cross-origin redirects. A remote attacker could possibly use this issue to obtain sensitive information.
Red Hat Security Advisory 2024-8680-03 - An update for mod_http2 is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service and null pointer vulnerabilities.
Red Hat Security Advisory 2024-8678-03 - An update for grafana is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a cross site scripting vulnerability.
Red Hat Security Advisory 2024-8676-03 - Updated images that include numerous enhancements, security, and bug fixes are now available for Red Hat OpenShift Data Foundation 4.17.0 on Red Hat Enterprise Linux 9.
Red Hat Security Advisory 2024-8428-03 - Red Hat OpenShift Container Platform release 4.15.37 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.
In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as “the new perimeter”, the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of how their identities are being used across various platforms. This leaves them vulnerable to data
A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin. "The plugin suffers from an unauthenticated privilege escalation vulnerability
LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to release an updated version of the library. "On October 30th ~6:20 PM UTC - LottieFiles were notified that our popular open source npm package for the web player @lottiefiles/lottie-player had unauthorized new versions pushed with malicious code," the company said in a
Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its functionality, but also incorporates destructive capabilities to prevent the compromised device from booting up. "While the iOS implant delivery method closely mirrors that of the macOS version, the post-exploitation and privilege escalation stages differ
As the United States of Americas enter the final days of the race for the White House, the FBI has warned that fraudsters are using the presidential election campaign to scam citizens out of their savings and personal data. Read more in my article on the Tripwire State of Security blog.
In this week's episode your hosts practice standing on one leg, Carole gives Graham a deepfake quiz, and we investigate how Strava may be exposing the movements of world leaders. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Election interference, American Water and the Internet Archive breaches, new cybersecurity laws, and more – October saw no shortage of impactful cybersecurity news stories
_Andrea_Danti_Alamy.jpg)
_SOPA_Images_Limited_Alamy.jpg)
