Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for New Cyble Report Hig ...

 Firewall Daily

The 2024 ANZ Threat Landscape Report by Cyble reveals an increase in cybersecurity risks faced by organizations across Australia and New Zealand (ANZ). With high-profile cyberattacks targeting critical sectors like healthcare, government, finance, and infrastructure, the need for better cybersecurity measures has   show more ...

never been greater.  As highlighted in the ANZ Threat Landscape Report 2024, cybercriminals and geopolitically motivated actors are exploiting vulnerabilities at an increasing rate, with consequences for businesses and public services alike.  Threat Landscape Report 2024: Unprecedented Surge in Cyber Incidents  The cybersecurity landscape in the ANZ region is facing an unprecedented level of threats. Notably, vulnerabilities in critical systems have been exploited by cybercriminals, leading to a surge in ransomware attacks, data breaches, and Distributed Denial-of-Service (DDoS) campaigns. The ANZ Threat Landscape Report points to the growing sophistication of attacks, such as Ransomware-as-a-Service (RaaS) models, which have democratized the ability for even less-skilled cybercriminals to execute damaging ransomware campaigns.  One of the most interesting findings is the growing focus on sectors essential for national stability and service delivery, including healthcare, finance, and government. As cybersecurity professionals in the ANZ region are aware, these sectors are particularly vulnerable to attacks due to their reliance on secure and uninterrupted operations.  The exploitation of critical vulnerabilities, such as the recently disclosed CVE-2024-21887, has enabled attackers to disrupt services, compromise data, and exploit sensitive information for malicious purposes.  Key Vulnerabilities Impacting ANZ Sectors  The Threat Landscape Report 2024 highlights the critical vulnerabilities that have been exploited by attackers across the region. Key vulnerabilities, such as CVE-2024-21887, CVE-2023-46085, and CVE-2024-56789, have put financial institutions, healthcare providers, and government agencies at risk.  For example, CVE-2024-21887, with a CVSS score of 9.1, is one of the most critical vulnerabilities, affecting Ivanti systems used in industrial control and intrusion prevention systems. Exploiting this flaw can lead to unauthorized access and data breaches, which can severely disrupt services that rely on these systems.  Another notable threat is the rise in supply chain vulnerabilities, where attackers leverage compromised third-party software or services to gain access to organizations' internal networks. Trojanized npm packages, used in software development, have been a particular target, as seen in multiple incidents across ANZ.  The Geopolitical Dimension of Cybersecurity  The Threat Landscape Report 2024 also highlights the growing influence of geopolitical tensions in shaping the cyber threat environment in ANZ. Ideologically motivated groups have increasingly targeted government institutions and critical infrastructure in retaliation for political stances taken by Australia and New Zealand. For example, the People’s Cyber Army and RipperSec, both associated with politically motivated attacks, have been implicated in DDoS campaigns aimed at disrupting government websites, telecom companies, and financial institutions.  These attacks are often motivated by political retaliation, with cybercriminal groups targeting national assets to undermine public services and amplify global tensions. As Australia continues to align itself with countries like Ukraine and Israel, these geopolitical factors are expected to fuel more DDoS attacks, creating additional challenges for cybersecurity professionals tasked with protecting national infrastructure.  The Surge of Ransomware and Data Exfiltration  Ransomware attacks remain one of the most significant threats in the ANZ Threat Landscape Report 2024, with a notable rise in ransomware-as-a-service offerings such as SpiderX. These RaaS models allow less technically proficient attackers to launch sophisticated ransomware campaigns, dramatically expanding the scope of potential threats. The report reveals that a wide range of organizations, from healthcare providers to financial institutions, are being targeted by groups like Medusa, Black Suit, and Akira, who not only encrypt data but also exfiltrate it to demand large ransoms.  Additionally, data exfiltration remains a major concern, with stolen information frequently being sold on dark web forums or used for further attacks. High-profile data breaches, including incidents at major organizations like Stake gambling platform, Microsoft, and the University of Western Australia, have exposed sensitive personal and financial data, heightening concerns over identity theft, fraud, and espionage.  Sector-Specific Threats and Impacts  The Threat Landscape Report 2024 provides a detailed analysis of how various sectors in the ANZ region are being impacted by cyberattacks. Each sector faces unique challenges:  Government & Critical Infrastructure: Government institutions continue to be targeted by politically motivated DDoS attacks, such as those launched by People’s Cyber Army. These attacks disrupt critical services and put national security at risk.  Healthcare: Healthcare organizations face significant risks from ransomware attacks that target patient data and disrupt service delivery. The breach of sensitive medical information puts patient privacy at risk and complicates efforts to maintain trust in the healthcare system.  Finance: Financial institutions are frequently targeted by both ransomware attacks and data breaches. As seen in incidents at the Bank of Sydney and Caleb & Brown, attackers exploit vulnerabilities to steal sensitive financial data, impacting the reputation and trust of financial services providers.  Technology & Software: With the increasing use of third-party services, technology companies are at risk from supply chain vulnerabilities and malware attacks. Trojanized npm packages and data leaks, such as the breach at Microsoft, have further complicated cybersecurity for software companies.  The Role of Cyble in Enhancing Cybersecurity  Given the growing complexity of cyber threats, Cyble offers a range of advanced cybersecurity solutions tailored to address the unique challenges faced by organizations in the ANZ region. Cyble’s offerings, such as Attack Surface Management (ASM), dark web monitoring, and threat intelligence services, help organizations proactively identify and mitigate risks.  Notably, Cyble has introduced cutting-edge capabilities like deepfake detection, cloud security posture management, and physical security intelligence, providing cybersecurity professionals with the tools necessary to protect against emerging threats. Cyble’s real-time threat detection capabilities, including their Cyble Vision and Cyble Hawk platforms, enable organizations to fight cybercrime and enhance their security posture.  Looking Ahead: Trends and Projections for 2024  The ANZ Threat Landscape Report forecasts several key trends for 2024, which cybersecurity professionals should be aware of as they develop their cybersecurity strategies:  Cybercriminals will continue to exploit critical vulnerabilities such as CVE-2024-21887. Organizations must prioritize vulnerability management and patching to minimize the risk of successful attacks.  Ransomware attacks are expected to remain a significant threat, with the rise of RaaS models lowering the barrier for entry for attackers. Healthcare and financial institutions will continue to be prime targets.  Political tensions will drive further DDoS attacks on government and infrastructure targets, making it essential for organizations to strengthen defenses against such attacks.  Organizations must be vigilant about the risks posed by compromised third-party services and supply chain vulnerabilities. 

image for Drinking Water Syste ...

 Cyber News

Nearly 27 million Americans are served by drinking water systems that have high-risk or critical cybersecurity vulnerabilities, according to a new report from the U.S. Environmental Protection Agency’s Office of the Inspector General (OIG). An additional 83 million Americans are served by systems that have medium or   show more ...

low-severity vulnerabilities, defined as “having externally visible open portals,” the EPA OIG report said. The OIG investigation is the latest effort to bolster inadequate cybersecurity in U.S. water systems, following a Government Accountability Office (GAO) report in August, an EPA warning in May, and warnings from security researchers that Russian threat groups and other foreign adversaries are targeting water systems. Water and wastewater systems are some of the most vulnerable critical infrastructure sectors to cyberattacks – communities are generally unprepared for outages that could last for days or longer. Fortunately, recent cyberattacks on American Water Works and Arkansas City, Kansas did not appear to reach operational technology (OT) networks. “If malicious actors exploited the cybersecurity vulnerabilities we identified in our passive assessment, they could disrupt service or cause irreparable physical damage to drinking water infrastructure,” the OIG report said. Water Systems Networks Scanned for Vulnerabilities The OIG investigation looked at drinking water systems serving 50,000 or more people, 1,062 systems in all, covering 193 million people or about 56% of the U.S. population. The Oct. 8 vulnerability scans identified 97 high-risk water systems and 211 moderate risk ones. The vulnerability tests “consisted of a multilayered, passive assessment tool to scan the public-facing networks” of the drinking water systems, the report said. “The results identified cybersecurity vulnerabilities that an attacker could exploit to degrade functionality, cause loss or denial of service, or facilitate the theft of customer or proprietary information,” OIG said. A non-linear scoring algorithm was used to prioritize the highest risk findings that should be addressed first, OIG said. The findings are ranked by a score that considers the impact of the problem, the risk to the organization, and the number of times the problem has been observed. Risks were grouped by five categories: email security; IT hygiene; vulnerabilities; adversarial threats, and malicious activity. The report noted the complexity of drinking water systems, which “can be comprised of many components, or facilities, that are located throughout a geographic area. Those facilities can include buildings and infrastructure used for the collection, pumping, treatment, storage, or distribution of drinking water.” As a result of that complexity, more than 75,000 IPs and 14,400 domains were analyzed for potential vulnerabilities. Reporting and Incident Response Issues Also Found The OIG investigation also found weaknesses in reporting and coordinating responses to cybersecurity incidents at the water systems. “While attempting to notify the EPA about the cybersecurity vulnerabilities, we found that the EPA does not have its own cybersecurity incident reporting system that water and wastewater systems could use to notify the EPA of cybersecurity incidents,” the report said. Instead, the agency relies on the Cybersecurity and Infrastructure Security Agency (CISA) for incident reporting. “Moreover, we were unable to find documented policies and procedures related to the EPA’s coordination with the Cybersecurity and Infrastructure Security Agency and other federal and state authorities involved in sector-specific emergency response, security plans, metrics, and mitigation strategies,” OIG said. Water Infrastructure Act Compliance Challenges The report also looked at the challenging history of achieving compliance with the America’s Water Infrastructure Act of 2018 (AWIA), a comprehensive revision of the Safe Drinking Water Act. Section 2013 of AWIA requires community water systems that serve more than 3,300 people to develop or update risk and resilience assessments and emergency response plans, including the resilience of physical and cyber infrastructure, monitoring practices, and strategies for responding to malevolent acts or natural hazards. Section 2013 also requires water systems to certify to the EPA that the system completed its risk and resilience assessment and emergency response plan. However, findings in the last two years both from the OIG and the EPA have found that compliance with those requirements remains lacking.

image for Apple Security Updat ...

 Vulnerabilities

Apple recently rolled out a security update that addresses critical vulnerabilities in multiple Apple devices. Released on November 19, the Apple security update impacts various platforms, including iOS, iPadOS, macOS, visionOS, and Safari, and is aimed at protecting users from increasingly sophisticated cyber threats.   show more ...

This Apple security release addresses flaws that had been actively exploited in the wild, particularly on Intel-based Mac systems.  Overview of the Apple Security Update The security flaws identified by Apple are centered around two components: JavaScriptCore and WebKit. Both are integral to the processing of web content in Apple devices, and if exploited, could lead to security risks, including arbitrary code execution and cross-site scripting (XSS) attacks. These vulnerabilities were discovered by Google's Threat Analysis Group, led by security researchers Clément Lecigne and Benoît Sevens.  The first vulnerability, identified as CVE-2024-44308, relates to an issue in JavaScriptCore. Maliciously crafted web content could allow attackers to execute arbitrary code on affected devices. This flaw was particularly concerning, as it was actively being exploited on Intel-based Mac systems. Apple responded by improving checks to prevent this issue from affecting users.  The second vulnerability, CVE-2024-44309, concerns a flaw in WebKit, Apple's open-source web browser engine. This vulnerability could lead to cross-site scripting attacks, enabling attackers to manipulate cookies and potentially steal sensitive user data. Apple addressed this issue by improving state management within WebKit, making it more resilient to exploitation.  Apple Patched Versions Apple’s commitment to user security is evident in its prompt action to release patches for these critical vulnerabilities. The company has a strict policy of not disclosing security issues until an investigation has been completed and solutions are ready for deployment. This policy ensures that users are protected from threats while giving security teams the time they need to assess and address vulnerabilities comprehensively.  As part of the Apple security release, several key updates were issued across different platforms:  Safari 18.1.1 (Released on November 19, 2024) for macOS Ventura and macOS Sonoma addresses both JavaScriptCore and WebKit vulnerabilities, protecting against arbitrary code execution and cross-site scripting attacks.  visionOS 2.1.1 (Released on November 19, 2024) for the Apple Vision Pro resolves the same issues affecting macOS systems, ensuring security for Apple's augmented reality headset.  iOS 18.1.1 and iPadOS 18.1.1 (Released on November 19, 2024) for various iPhone and iPad models, including the iPhone XS and later, iPad Pro (13-inch), iPad Air 3rd generation and newer, and others, fix vulnerabilities in JavaScriptCore and WebKit.  iOS 17.7.2 and iPadOS 17.7.2 (Released on November 19, 2024) for earlier iPhone and iPad models, including the iPhone XS and iPad Pro 10.5-inch, address the same vulnerabilities as the 18.1.1 updates.  macOS Sequoia 15.1.1 (Released on November 19, 2024) for macOS Sequoia users also resolves the vulnerabilities found in JavaScriptCore and WebKit.  Conclusion The November 2024 Apple security release addresses critical vulnerabilities in JavaScriptCore and WebKit, affecting devices such as Macs, iPhones, iPads, and the Apple Vision Pro. While this update aims to improve user security, it highlights the ongoing need for vigilance. Users are advised to keep their devices up to date and stay informed about potential threats. For more information on these security updates and installation instructions, users can refer to the Apple Product Security page.

image for CVE-2024-10924, auth ...

 Business

Bad news for companies using WordPress sites with a two-factor authentication mechanism implemented via the Really Simple Security plugin. The recently discovered CVE-2024-10924 vulnerability in this plugin allows a complete stranger to authenticate as a legitimate user. Its therefore recommended to update the plugin   show more ...

as soon as possible. Whats the danger of the CVE-2024-10924 vulnerability As ironic as it may sound, the CVE-2024-10924 vulnerability in the plugin called Really Simple Security has a CVSS rating of 9.8 and is classified as critical. In essence, it exists thanks to an error in the authentication mechanism, due to which an attacker can log on to the site as any of the registered users and with their privileges (even administrator rights). As a result, this can lead to the takeover of the website. Proof of concept that shows exploitation of this vulnerability can already be found on GitHub. Moreover, apparently its exploitation can be automated. The researchers from Wordfence who discovered CVE-2024-10924 have called it the most dangerous vulnerability theyve seen in 12 years of working in the field of WordPress security. Whos vulnerable to CVE-2024-10924? Users of both paid and free versions of the Really Simple Security plugin starting from build 9.0.0 and ending with 9.1.1.1 are vulnerable. However, to exploit CVE-2024-10924, the plugin must have the two-factor authentication function enabled (its disabled by default, but many users choose this plugin specifically for this feature). Thanks to the existence of a free version of the plugin, its extremely popular; researchers say that its installed on around four million sites. How to stay safe First of all, its recommended to update the plugin to version 9.1.2. If for some reason this isnt possible, its worth disabling the two-factor authentication verification – but this is obviously not ideal since it weakens the security of your site. WordPress.org has enabled an automatic plugin update mechanism, but administrators are advised to go to the control panel and make sure that the plugin has been updated. The plugin developers website also has a section with tips on updating it if the automatic update doesnt work. In addition, even if you promptly updated the plugin and at first glance didnt notice any malicious activity on the site, it makes sense to carefully study the list of users with administrator rights – just to make sure there are no new unfamiliar entries there.

image for Fintech Giant Finast ...

 Data Breaches

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a   show more ...

cybercriminal began selling more than 400 gigabytes of data purportedly stolen from the company. London-based Finastra has offices in 42 countries and reported $1.9 billion in revenues last year. The company employs more than 7,000 people and serves approximately 8,100 financial institutions around the world. A major part of Finastra’s day-to-day business involves processing huge volumes of digital files containing instructions for wire and bank transfers on behalf of its clients. On November 8, 2024, Finastra notified financial institution customers that on Nov. 7 its security team detected suspicious activity on Finastra’s internally hosted file transfer platform. Finastra also told customers that someone had begun selling large volumes of files allegedly stolen from its systems. “On November 8, a threat actor communicated on the dark web claiming to have data exfiltrated from this platform,” reads Finastra’s disclosure, a copy of which was shared by a source at one of the customer firms. “There is no direct impact on customer operations, our customers’ systems, or Finastra’s ability to serve our customers currently,” the notice continued. “We have implemented an alternative secure file sharing platform to ensure continuity, and investigations are ongoing.” But its notice to customers does indicate the intruder managed to extract or “exfiltrate” an unspecified volume of customer data. “The threat actor did not deploy malware or tamper with any customer files within the environment,” the notice reads. “Furthermore, no files other than the exfiltrated files were viewed or accessed. We remain focused on determining the scope and nature of the data contained within the exfiltrated files.” In a written statement in response to questions about the incident, Finastra said it has been “actively and transparently responding to our customers’ questions and keeping them informed about what we do and do not yet know about the data that was posted.” The company also shared an updated communication to its clients, which said while it was still investigating the root cause, “initial evidence points to credentials that were compromised.” “Additionally, we have been sharing Indicators of Compromise (IOCs) and our CISO has been speaking directly with our customers’ security teams to provide updates on the investigation and our eDiscovery process,” the statement continues. Here is the rest of what they shared: “In terms of eDiscovery, we are analyzing the data to determine what specific customers were affected, while simultaneously assessing and communicating which of our products are not dependent on the specific version of the SFTP platform that was compromised. The impacted SFTP platform is not used by all customers and is not the default platform used by Finastra or its customers to exchange data files associated with a broad suite of our products, so we are working as quickly as possible to rule out affected customers. However, as you can imagine, this is a time-intensive process because we have many large customers that leverage different Finastra products in different parts of their business. We are prioritizing accuracy and transparency in our communications. Importantly, for any customers who are deemed to be affected, we will be reaching out and working with them directly.” On Nov. 8, a cybercriminal using the nickname “abyss0” posted on the English-language cybercrime community BreachForums that they’d stolen files belonging to some of Finastra’s largest banking clients. The data auction did not specify a starting or “buy it now” price, but said interested buyers should reach out to them on Telegram. abyss0’s Nov. 7 sales thread on BreachForums included many screenshots showing the file directory listings for various Finastra customers. Image: Ke-la.com. According to screenshots collected by the cyber intelligence platform Ke-la.com, abyss0 first attempted to sell the data allegedly stolen from Finastra on October 31, but that earlier sales thread did not name the victim company. However, it did reference many of the same banks called out as Finastra customers in the Nov. 8 post on BreachForums. The original October 31 post from abyss0, where they advertise the sale of data from several large banks that are customers of a large financial software company. Image: Ke-la.com. The October sales thread also included a starting price: $20,000. By Nov. 3, that price had been reduced to $10,000. A review of abyss0’s posts to BreachForums reveals this user has offered to sell databases stolen in several dozen other breaches advertised over the past six months. The apparent timeline of this breach suggests abyss0 gained access to Finastra’s file sharing system at least a week before the company says it first detected suspicious activity, and that the Nov. 7 activity cited by Finastra may have been the intruder returning to exfiltrate more data. Maybe abyss0 found a buyer who paid for their early retirement. We may never know, because this person has effectively vanished. The Telegram account that abyss0 listed in their sales thread appears to have been suspended or deleted. Likewise, abyss0’s account on BreachForums no longer exists, and all of their sales threads have since disappeared. It seems improbable that both Telegram and BreachForums would have given this user the boot at the same time. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona. In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. According to reporting from Bloomberg, Finastra was able to recover from that incident without paying a ransom. This is a developing story. Updates will be noted with timestamps. If you have any additional information about this incident, please reach out to krebsonsecurity @ gmail.com or at protonmail.com.

image for

 Feed

An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use.

 Feed

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged   show more ...

the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

 Feed

Debian Linux Security Advisory 5816-1 - The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names.

 Feed

Debian Linux Security Advisory 5815-1 - The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running   show more ...

the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003).

 Feed

Ubuntu Security Notice 7123-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information.   show more ...

Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

 Feed

Ubuntu Security Notice 7089-7 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

 Feed

Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.

 Feed

Ubuntu Security Notice 7115-1 - It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. Dylan Jay discovered that Waitress could be lead to write to an unexisting socket after   show more ...

closing the remote connection. An attacker could use this issue to increase resource utilization leading to a denial of service.

 Feed

A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversary under the name Liminal Panda, describing it as possessing deep knowledge about telecommunications

 Feed

Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below - CVE-2024-44308 - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content CVE-2024-44309 - A cookie management vulnerability in

 Feed

Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network

 Feed

Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction. The Qualys Threat Research Unit (TRU), which identified and reported the flaws early last month, said they are trivial to exploit, necessitating that

 Feed

Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic. "Criminals can now misuse Google Pay and Apple

 Feed

The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they can swiftly exploit it to move laterally across systems, identifying vulnerabilities and compromising additional NHIs in minutes. While organizations often take

 Feed

Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. The idea, the tech giant said, is to avoid incidents like that of CrowdStrike's earlier this July, enable more apps and users to be run without admin privileges, add controls surrounding the use of unsafe apps and drivers, and offer

 Breaking News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. Username or E-mail Password Remember Me     Forgot Password La   show more ...

entrada Russian Phobos ransomware operator faces cybercrime charges – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada China-linked actor’s malware DeepData exploits FortiClient VPN   show more ...

zero-day – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada U.S. CISA adds Progress Kemp LoadMaster, Palo Alto Networks   show more ...

PAN-OS and Expedition bugs to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Great Plains Regional Medical Center ransomware attack impacted   show more ...

133,000 individuals – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. Username or E-mail Password Remember Me     Forgot Password La   show more ...

entrada How HackerOne Employees Stay Connected and Have Fun – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Chief

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada CISA Chief Jen Easterly Set to Step Down on January 20 –   show more ...

Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms   show more ...

– Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Every November, National Scholarship Month applauds the accomplishments of scholarship recipients and the organizations that help them on their journey to turn their dreams to reality. Views: 0 La entrada This November, Celebrate National Scholarship Month With SWE’s Scholarship Recipients se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada 5-Star Fraud: The FTC’s Ban on Fake Reviews – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Application Security

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Imperva and the Secure by Design Pledge: A Commitment to   show more ...

Cybersecurity Excellence – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cyber attack on critical infrastructure

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada EPA IG Office: ‘High-Risk’ Security Flaws in Hundreds of   show more ...

Water Systems – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada DEF CON 32 – Breaching AWS Through Shadow Resources – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Randall Munroe’s XKCD ‘The Future of Orion’ – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Unraveling Raspberry Robin’s Layers: Analyzing Obfuscation   show more ...

Techniques and Core Mechanisms – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 business communication

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. Username or E-mail Password Remember Me     Forgot Password La   show more ...

entrada Vishing, Wangiri, and Other VoIP Fraud Tactics On the Rise – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 apex

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Dell Unveils AI and Cybersecurity Solutions at Microsoft Ignite   show more ...

2024 – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Avast Total AV

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada The 6 Best Free Antivirus Software Providers for Mac in 2024 – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Artificial Intelligence

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and   show more ...

Teams Innovations – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Social Media Hackers: How They Operate and How to Protect   show more ...

Yourself – Source:davinciforensics.co.za se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada What is 2FA? – Source:davinciforensics.co.za se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Agencies

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada US Agencies Urged to Combat Growing Chinese Cyberthreat – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada India Fines WhatsApp $25M, Bans Data Sharing for 5 Years – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Oklahoma Hospital Says Ransomware Hack Hits 133,000 People – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 clears

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada UK CMA Clears Alphabet, Anthropic Partnership – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada SquareX Brings Industry’s First Browser Detection Response   show more ...

Solution to AISA Melbourne CyberCon 2024 – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada US and UK Military Social Network “Forces Penpals” Exposes   show more ...

SSN, PII Data – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Hackers Exploit Misconfigured Jupyter Servers for Illegal Sports   show more ...

Streaming – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada ANY.RUN Sandbox Now Automates Interactive Analysis of Complex   show more ...

Cyber Attack Chains – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada How Bitcoin’s digital signature feature facilitates Web3 adoption  – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Linux Variant of Helldown Ransomware Targets VMware ESX Servers – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada Apple Rolls Out Urgent Security Updates to Address Actively   show more ...

Exploited Zero-Day Vulnerabilities – Source:cyble.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

The content you are trying to access is private only to member users of the site. You must have a free membership at CISO2CISO.COM to access this content. You can register for free.       Thank you. The CISO2CISO Advisors Team. La entrada CISOs’ Key Takeaways from the ANZ (Australia and New Zealand)   show more ...

Threat Landscape Report 2024 – Source:cyble.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-11
Aggregator history
Wednesday, November 20
FRI
SAT
SUN
MON
TUE
WED
THU
NovemberDecemberJanuary