Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Hackers Exploit Fire ...

 Firewall Daily

A Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities—one in Mozilla Firefox and another in Microsoft Windows Task Scheduler. These vulnerabilities, identified as CVE-2024-9680 and CVE-2024-49039, were   show more ...

chained together to allow the group to execute arbitrary code and install malicious backdoors on affected systems.  The first vulnerability, CVE-2024-9680, is a critical use-after-free bug discovered in Firefox’s animation timeline feature. This flaw, which has a CVSS score of 9.8, affects several versions of Mozilla browsers, including Firefox, Thunderbird, and Tor Browser. The flaw allows attackers to execute arbitrary code in the restricted context of the browser, which can lead to the installation of malware. Mozilla swiftly patched this vulnerability on October 9, 2024, addressing the issue for affected browsers.  Further analysis revealed a second, previously unknown vulnerability in Windows, assigned CVE-2024-49039. This privilege escalation vulnerability in the Windows Task Scheduler received a CVSS score of 8.8. When combined with the Firefox vulnerability, this flaw allows attackers to execute code in the context of the logged-in user. This means that, even without any interaction from the user, malicious code can be run, giving threat actors control over the affected system. Microsoft released a patch for CVE-2024-49039 on November 12, 2024.  RomCom Threat Actor Uses Sophisticated Exploit Chain  RomCom, a threat actor with links to Russia, has been previously observed conducting both cyber espionage and cybercrime activities. This latest attack demonstrates the group’s advanced capabilities and its shift toward more sophisticated, stealthy tactics. By chaining these two vulnerabilities together, RomCom was able to exploit the flaws without requiring any user interaction, which increases the chances of a successful attack.  The attack begins when victims are lured to a fake website, which then redirects them to a server hosting the exploit. Once the victim’s vulnerable browser accesses the exploit, shellcode is executed to drop the backdoor onto the system. This backdoor allows the attackers to execute commands and download additional malicious modules, providing the group with persistent access to the compromised machine.  The lack of user interaction needed for this attack highlights its sophistication and the threat actor's intent to avoid detection. This type of attack, involving chained zero-day vulnerabilities, is a clear indication of RomCom’s ability to develop complex exploit chains for highly targeted operations.  Widespread Impact and Affected Regions  The campaign targeting Firefox and Windows vulnerabilities appears to be widespread, with potential victims across Europe and North America. From October 10, 2024, to November 4, 2024, numerous users who visited compromised websites hosting the exploit were located primarily in these regions. While the exact method of how victims are initially directed to the fake website remains unclear, the large-scale nature of the attack suggests a well-organized effort by RomCom.  In 2024, the same threat actor has been linked to cyber espionage activities targeting governmental entities, the defense and energy sectors in Ukraine, the pharmaceutical and insurance industries in the U.S., and the legal sector in Germany. These attacks are part of a broader strategy by the group, which now combines cybercrime with more traditional espionage objectives.  Satnam Narang, Senior Staff Research Engineer, Tenable, shared insights into the exploitation. “With the adoption of sandbox technology in modern browsers, threat actors need to do more than just exploit a browser vulnerability alone. By combining a browser-based exploit along with a privilege escalation flaw, the RomCom threat actor was able to bypass the Firefox sandbox”, stated Narang.   The RomCom group (Storm-0978) exploited a chain of vulnerabilities including two zero-day targeting popular both Firefox and Windows users. "This exploit chain highlights the sheer determination of threat actors and the challenges of breaching browser defenses”, denoted Satnam.   Exploit Details and the Importance of Patching  The RomCom campaign exemplifies the dangers of unpatched vulnerabilities in widely used software. While Mozilla acted swiftly to patch the Firefox flaw, Microsoft’s patch for the Windows Task Scheduler vulnerability came later in November, leaving systems exposed for over a month. This delay in patching highlights the critical importance of timely security updates and the risks associated with zero-day vulnerabilities.  CVE-2024-9680, the Firefox vulnerability, was assigned a CVE on October 9, 2024, just one day after it was discovered. Mozilla’s response was notably quick, with a fix rolled out for affected browsers within two days. On the other hand, CVE-2024-49039, the Windows vulnerability, was discovered shortly thereafter, and a fix wasn’t released until November 12, 2024. 

image for Verizon, AT&T Target ...

 Cyber News

Breaches of major U.S. telecom networks by the China-linked Salt Typhoon group have received widespread media attention, but a second threat actor has also been targeting telecom service providers in recent months, and claims to possess the call logs of President-elect Donald Trump and Vice President Kamala Harris.   show more ...

Cyble dark web researchers have been tracking the activities of a threat actor (TA) known as “kiberphant0m” since they emerged on English- and Russian-speaking cybercrime forums earlier this year. Since late August, kiberphant0m has been selling data and access allegedly obtained from Verizon and AT&T – in addition to “spy schema” allegedly belonging to the U.S. National Security Agency (NSA) that the TA claims came from the massive Snowflake data breach earlier this year. We’ll look at kiberphant0m’s activities, credibility and possible connections, in addition to the state of telecom network security that got us to this point. kiberphant0m’s Background and Ties kiberphant0m first appeared on the English-language Breach Forums in January 2024. After a few replies to other threads in March, the TA first appeared to begin selling data in April, starting with a Chinese crypto casino database. A Telegram channel began operating around the same time. Other activities have included selling: Access to a Ukraine government research server Access to a defense contractor A 175TB application breach Root access to a Chinese server with 95 domains, including some critical infrastructure sectors UK bank server access Indian and Asian telecom data and access Access to a European biomedical company Access to a mobile social media app SSH bot and server access Linux DDoS botnet source code More recently, kiberphant0m has claimed a connection to UNC5537, the financially motivated threat group behind the Snowflake breach. Some posts have included the hashtag #FREEWAIFU, a reference to an alias of Alexander "Connor" Moucka, who was recently arrested and charged in the Snowflake breach by Canadian officials. Threat intelligence researchers believe that kiberphant0m is more than a broker, having demonstrated proficiency in technical matters. The claimed connection to UNC5537 appeared more recently and needs additional indicators to make the association certain. The FREEWAIFU campaign may be a cover masking other connections. The timing of telecom network breaches close in time to the China-linked campaign is also of interest. Krebs on Security reported yesterday that kiberphant0m may be “a U.S. Army soldier who is or was recently stationed in South Korea,” with activity going back to 2022 under other aliases. There has been some degree of confidence that kiberphant0m is reliable and has a credible history of claims, and their Breach Forums reputation score is positive with no neutral or negative feedback. Telecom Breach Claims, Including Trump and Harris Logs On Nov. 5-6, kiberphant0m created four threads on Breach Forums – three related to Verizon and AT&T, and the NSA post. The Trump and Harris call logs included a sample of Harris’ calls from 2022 and urged AT&T (ATNT) to contact them (image below). Another post offered Verizon Wireless PTT (push-to-talk) logs, including an SQL database, server logs and credentials, possibly obtained from a third-party service provider. A third post offered Verizon Wireless SIM swapping services, and the fourth appears to be a Snowflake technical database schema allegedly belonging to the NSA (image below). Those recent breaches don’t appear to include extremely sensitive information, but are nonetheless concerning, particularly given the lax state of telecom network security. Lax Telecom Network Security As Senate Intelligence Committee Chairman Mark R. Warner (D-Virginia) told the Washington Post last week, large U.S. telecom networks are “a hodgepodge of old networks ... combinations of a whole series of acquisitions, and you have equipment out there that’s so old it’s unpatchable.” Presumably much of that is end-of-life equipment like routers and switches. Warner told the Post that the networks remain compromised, and that fixing them could involve physically replacing “literally thousands and thousands and thousands of pieces of equipment across the country.” Top national security officials met with telecom industry executives late last week to discuss a cooperative solution to the problem.

image for AI Red Teaming in Fo ...

 Cyber Essentials

Artificial Intelligence (AI) has become a critical enabler across sectors, reshaping industries from healthcare to transportation. However, with its transformative potential comes a spectrum of safety and security concerns, particularly for critical infrastructure. Recognizing this, the Cybersecurity and   show more ...

Infrastructure Security Agency (CISA) is championing a "Secure by Design" approach to AI-based software. At the core of this effort is the integration of AI red teaming—a third-party evaluation process—into the broader framework of Testing, Evaluation, Verification, and Validation (TEVV). By aligning AI evaluations with established software TEVV practices, stakeholders can harness decades of lessons from traditional software security while tailoring them to AI's unique challenges. This initiative underlines the importance of rigorous safety and security testing, helping mitigate risks of physical attacks, cyberattacks, and critical failures in AI systems. Why AI Red Teaming Matters AI red teaming is the systematic testing of AI systems to identify vulnerabilities and assess their robustness. By simulating attacks or failure scenarios, this process reveals weaknesses that could be exploited, enabling developers to address these gaps before deployment. CISA emphasizes that AI red teaming is not a standalone activity but a subset of the broader AI TEVV framework. This framework ensures that AI systems are rigorously tested for reliability, safety, and security, aligning them with the requirements of critical infrastructure. Programs like NIST’s Assessing Risks and Impacts of AI (ARIA) and the GenAI Challenge have already laid the groundwork for AI TEVV by creating tools and methodologies that assess AI risks comprehensively. CISA builds on this foundation by advocating for AI TEVV to operate as a sub-component of traditional software TEVV. AI and Software: A Shared Foundation in TEVV A common misconception is that AI evaluations require a completely novel approach, distinct from traditional software testing frameworks. CISA, however, argues that this is a strategic and operational fallacy. AI systems, while unique in certain aspects, are fundamentally software systems and share many of the same challenges, such as safety risks, reliability concerns, and probabilistic behavior. 1. Safety Risks Are Not New Software safety risks are not unique to AI. Decades ago, incidents like the Therac-25 radiation therapy device failure demonstrated how software flaws could lead to catastrophic outcomes. These failures prompted updates to safety-critical software evaluation processes, a precedent that now informs AI safety assessments. Similarly, AI systems integrated into critical infrastructure—like transportation or medical devices—must be evaluated for safety risks. For example, an AI-powered braking system in vehicles must account for a range of external conditions, such as slippery roads or unexpected obstacles, much like traditional software evaluations have done for decades. 2. Validity and Reliability Testing Ensuring that AI systems are valid (performing as intended) and reliable (functioning consistently across scenarios) is a shared requirement with traditional software. Robustness testing for AI systems mirrors the approaches used for software in fields like aviation and healthcare, where unexpected inputs or conditions can significantly impact outcomes. 3. Probabilistic Nature of Systems Both AI and traditional software systems exhibit probabilistic behavior. For instance, slight variations in inputs can lead to significant output changes, a trait seen in AI systems trained with vast datasets. However, traditional software is no stranger to such variability. Vulnerabilities like race conditions and cryptographic randomness are long-standing issues in software development. By leveraging existing TEVV methodologies, AI evaluations can address these challenges effectively. CISA's Multi-Faceted Role in AI Security CISA plays a pivotal role in enhancing AI security evaluations by working across three key areas: Pre-Deployment Testing CISA collaborates with industry, academia, and government entities to advance AI red teaming. As a founding member of the Testing Risks of AI for National Security (TRAINS) Taskforce, CISA is actively involved in developing AI evaluation benchmarks and methodologies that integrate cybersecurity considerations. Post-Deployment Testing Beyond pre-deployment, CISA supports technical testing for AI systems already in use. This includes penetration testing, vulnerability scanning, and configuration assessments to ensure robust security in operational environments. Standards Development and Operational Guidance Partnering with NIST, CISA contributes operational expertise to the development of AI security testing standards. These standards are integrated into CISA’s broader security evaluation services, such as Cyber Hygiene and Risk and Vulnerability Assessments, ensuring that AI systems meet high cybersecurity benchmarks. Streamlining AI and Software Evaluations CISA’s approach to treating AI TEVV as a subset of software TEVV offers significant benefits: Efficiency: By leveraging existing TEVV frameworks, stakeholders can avoid duplicative testing processes, saving time and resources. Consistency: Applying proven methodologies ensures that AI systems meet the same rigorous standards as traditional software. Scalability: Unified frameworks enable the development of tools and benchmarks that can be used across diverse AI applications, enhancing the robustness of evaluations. This streamlined approach also encourages innovation at the tactical level. Rather than reinventing the wheel, developers can focus on creating novel tools and methodologies that address AI-specific challenges while building on the solid foundation of software TEVV. Conclusion: Building on Decades of Expertise As AI continues to integrate into critical infrastructure, ensuring its safety and security is paramount. CISA’s Secure by Design initiative highlights the importance of viewing AI evaluations through the lens of traditional software testing frameworks. By aligning AI TEVV with established software TEVV methodologies, stakeholders can build on decades of expertise, mitigating risks effectively and ensuring that AI systems are fit for purpose. With organizations like CISA and NIST leading the charge, the future of AI security is poised to benefit from a balanced blend of innovation and proven practices.

image for Hacker in Snowflake ...

 A Little Sunshine

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity   show more ...

may not remain a secret for long: A careful review of Kiberphant0m’s daily chats across multiple cybercrime personas suggests they are a U.S. Army soldier who is or was recently stationed in South Korea. Kiberphant0m’s identities on cybercrime forums and on Telegram and Discord chat channels have been selling data stolen from customers of the cloud data storage company Snowflake. At the end of 2023, malicious hackers discovered that many companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with nothing more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories for some of the world’s largest corporations. Among those was AT&T, which disclosed in July that cybercriminals had stolen personal information, phone and text message records for roughly 110 million people.  Wired.com reported in July that AT&T paid a hacker $370,000 to delete stolen phone records. On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States, which has since indicted him on 20 criminal counts connected to the Snowflake breaches. Another suspect in the Snowflake hacks, John Erin Binns, is an American who is currently incarcerated in Turkey. A surveillance photo of Connor Riley Moucka, a.k.a. “Judische” and “Waifu,” dated Oct 21, 2024, 9 days before Moucka’s arrest. This image was included in an affidavit filed by an investigator with the Royal Canadian Mounted Police (RCMP). Investigators say Moucka, who went by the handles Judische and Waifu, had tasked Kiberphant0m with selling data stolen from Snowflake customers who refused to pay a ransom to have their information deleted. Immediately after news broke of Moucka’s arrest, Kiberphant0m was clearly furious, and posted on the hacker community BreachForums what they claimed were the AT&T call logs for President-elect Donald J. Trump and for Vice President Kamala Harris. “In the event you do not reach out to us @ATNT all presidential government call logs will be leaked,” Kiberphant0m threatened, signing his post with multiple “#FREEWAIFU” tags. “You don’t think we don’t have plans in the event of an arrest? Think again.” On the same day, Kiberphant0m posted what they claimed was the “data schema” from the U.S. National Security Agency. “This was obtained from the ATNT Snowflake hack which is why ATNT paid an extortion,” Kiberphant0m wrote in a thread on BreachForums. “Why would ATNT pay Waifu for the data when they wouldn’t even pay an extortion for over 20M+ SSNs?” Kiberphant0m posting what he claimed was a “data schema” stolen from the NSA via AT&T. Also on Nov. 5, Kiberphant0m offered call logs stolen from Verizon’s push-to-talk (PTT) customers — mainly U.S. government agencies and emergency first responders. On Nov. 9, Kiberphant0m posted a sales thread on BreachForums offering a “SIM-swapping” service targeting Verizon PTT customers. In a SIM-swap, fraudsters use credentials that are phished or stolen from mobile phone company employees to divert a target’s phone calls and text messages to a device they control. MEET ‘BUTTHOLIO’ Kiberphant0m joined BreachForums in January 2024, but their public utterances on Discord and Telegram channels date back to at least early 2022. On their first post to BreachForums, Kiberphant0m said they could be reached at the Telegram handle @cyb3rph4nt0m. A review of @cyb3rph4nt0m shows this user has posted more than 4,200 messages since January 2024. Many of these messages were attempts to recruit people who could be hired to deploy a piece of malware that enslaved host machines in an Internet of Things (IoT) botnet. On BreachForums, Kiberphant0m has sold the source code to “Shi-Bot,” a custom Linux DDoS botnet based on the Mirai malware. Kiberphant0m had few sales threads on BreachForums prior to the Snowflake attacks becoming public in May, and many of those involved databases stolen from companies in South Korea. On June 5, 2024, a Telegram user by the name “Buttholio” joined the fraud-focused Telegram channel “Comgirl” and claimed to be Kiberphant0m. Buttholio made the claim after being taunted as a nobody by another denizen of Comgirl, referring to their @cyb3rph4nt0m account on Telegram and the Kiberphant0m user on cybercrime forums. “Type ‘kiberphant0m’ on google with the quotes,” Buttholio told another user. “I’ll wait. Go ahead. Over 50 articles. 15+ telecoms breached. I got the IMSI number to every single person that’s ever registered in Verizon, Tmobile, ATNT and Verifone.” On Sept. 17, 2023, Buttholio posted in a Discord chat room dedicated to players of the video game Escape from Tarkov. “Come to Korea, servers there is pretty much no extract camper or cheater,” Buttholio advised. In another message that same day in the gaming Discord, Buttholio told others they bought the game in the United States, but that they were playing it in Asia. “USA is where the game was purchased from, server location is actual in game servers u play on. I am a u.s. soldier so i bought it in the states but got on rotation so i have to use asian servers,” they shared. ‘REVERSESHELL’ The account @Kiberphant0m was assigned the Telegram ID number 6953392511. A review of this ID at the cyber intelligence platform Flashpoint shows that on January 4, 2024 Kibertphant0m posted to the Telegram channel “Dstat,” which is populated by cybercriminals involved in launching distributed denial-of-service (DDoS) attacks and selling DDoS-for-hire services [Full disclosure: Flashpoint is currently an advertiser on this website]. Immediately after Kiberphant0m logged on to the Dstat channel, another user wrote “hi buttholio,” to which Kiberphant0m replied with an affirmative greeting “wsg,” or “what’s good.” On Nov. 1, Dstat’s website dstat[.]cc was seized as part of “Operation PowerOFF,” an international law enforcement action against DDoS services. Flashpoint’s data shows that @kiberphant0m told a fellow member of Dstat on April 10, 2024 that their alternate Telegram username was “@reverseshell,” and did the same two weeks later in the Telegram chat The Jacuzzi. The Telegram ID for this account is 5408575119. Way back on Nov. 15, 2022, @reverseshell told a fellow member of a Telegram channel called Cecilio Chat that they were a soldier in the U.S. Army. This user also shared the following image of someone pictured waist-down in military fatigues, with a camouflaged backpack at their feet: Kiberphant0m’s apparent alias ReverseShell posted this image on a Telegram channel Cecilio Chat, on Nov. 15, 2022. Image: Flashpoint. In September 2022, Reverseshell was embroiled in an argument with another member who had threatened to launch a DDoS attack against Reverseshell’s Internet address. After the promised attack materialized, Reverseshell responded, “Yall just hit military base contracted wifi.” In a chat from October 2022, Reverseshell was bragging about the speed of the servers they were using, and in reply to another member’s question said that they were accessing the Internet via South Korea Telecom. Telegram chat logs archived by Flashpoint show that on Aug. 23, 2022, Reverseshell bragged they’d been using automated tools to find valid logins for Internet servers that they resold to others. “I’ve hit US gov servers with default creds,” Reverseshell wrote, referring to systems with easy-to-guess usernames and/or passwords. “Telecom control servers, machinery shops, Russian ISP servers, etc. I sold a few big companies for like $2-3k a piece. You can sell the access when you get a big SSH into corporation.” On July 29, 2023, Reverseshell posted a screenshot of a login page for a major U.S. defense contractor, claiming they had an aerospace company’s credentials to sell. PROMAN AND VARS_SECC Flashpoint finds the Telegram ID 5408575119 has used several aliases since 2022, including Reverseshell and Proman557. A search on the username Proman557 at the cyber intelligence platform Intel 471 shows that a hacker by the name “Proman554” registered on Hackforums in September 2022, and in messages to other users Proman554 said they can be reached at the Telegram account Buttholio. Intel 471 also finds the Proman557 moniker is one of many used by a person on the Russian-language hacking forum Exploit in 2022 who sold a variety of Linux-based botnet malware. Proman557 was eventually banned — allegedly for scamming a fellow member out of $350 — and the Exploit moderator warned forum users that Proman557 had previously registered under several other nicknames, including an account called “Vars_Secc.” Vars_Secc’s thousands of comments on Telegram over two years show this user divided their time between online gaming, maintaining a DDoS botnet, and promoting the sale or renting of their botnets to other users. “I use ddos for many things not just to be a skid,” Vars_Secc pronounced. “Why do you think I haven’t sold my net?” They then proceeded to list the most useful qualities of their botnet: -I use it to hit off servers that ban me or piss me off -I used to ddos certain games to get my items back since the data reverts to when u joined -I use it for server side desync RCE vulnerabilities -I use it to sometimes ransom -I use it when bored as a source of entertainment Flashpoint shows that in June 2023, Vars_Secc responded to taunting from a fellow member in the Telegram channel SecHub who had threatened to reveal their personal details to the federal government for a reward. “Man I’ve been doing this shit for 4 years,” Vars_Secc replied nonchalantly. “I highly doubt the government is going to pay millions of dollars for data on some random dude operating a pointless ddos botnet and finding a few vulnerabilities here and there.” For several months in 2023, Vars_Secc also was an active member of the Russian-language crime forum XSS, where they sold access to a U.S. government server for $2,000. However, Vars_Secc would be banned from XSS after attempting to sell access to the Russian telecommunications giant Rostelecom. [In this, Vars_Secc violated the Number One Rule for operating on a Russia-based crime forum: Never offer to hack or sell data stolen from Russian entities or citizens]. On June 20, 2023, Vars_Secc posted a sales thread on the cybercrime forum Ramp 2.0 titled, “Selling US Gov Financial Access.” “Server within the network, possible to pivot,” Vars_Secc’s sparse sales post read. “Has 3-5 subroutes connected to it. Price $1,250. Telegram: Vars_Secc.” Vars_Secc also used Ramp in June 2023 to sell access to a “Vietnam government Internet Network Information Center.” “Selling access server allocated within the network,” Vars_Secc wrote. “Has some data on it. $500.” BUG BOUNTIES The Vars_Secc identity claimed on Telegram in May 2023 that they made money by submitting reports about software flaws to HackerOne, a company that helps technology firms field reports about security vulnerabilities in their products and services. Specifically, Vars_Secc said they had earned financial rewards or “bug bounties” from reddit.com, the U.S. Department of Defense, and Coinbase, among 30 others. “I make money off bug bounties, it’s quite simple,” Vars_Secc said when asked what they do for a living. “That’s why I have over 30 bug bounty reports on HackerOne.” A month before that, Vars_Secc said they’d found a vulnerability in reddit.com. “I poisoned Reddit’s cache,” they explained. “I’m going to exploit it further, then report it to reddit.” KrebsOnSecurity sought comment from HackerOne, which said it would investigate the claims. This story will be updated if they respond. The Vars_Secc telegram handle also has claimed ownership of the BreachForums member “Boxfan,” and Intel 471 shows Boxfan’s early posts on the forum had the Vars_Secc Telegram account in their signature. In their most recent post to BreachForums in January 2024, Boxfan disclosed a security vulnerability they found in Naver, the most popular search engine in South Korea (according to statista.com). Boxfan’s comments suggest they have strong negative feelings about South Korean culture. “Have fun exploiting this vulnerability,” Boxfan wrote on BreachForums, after pasting a long string of computer code intended to demonstrate the flaw. “Fuck you South Korea and your discriminatory views. Nobody likes ur shit kpop you evil fucks. Whoever can dump this DB [database] congrats. I don’t feel like doing it so I’ll post it to the forum.” The many identities tied to Kiberphant0m strongly suggest they are or until recently were a U.S. Army soldier stationed in South Korea. Kiberphant0m’s alter egos never mentioned their military rank, regiment, or specialization. However, it is likely that Kiberphant0m’s facility with computers and networking was noticed by the Army, which undoubtedly would have placed them in some kind of role involving both. According to the U.S. Army’s website, the bulk of its forces in South Korea reside within the Eighth Army, which has a dedicated cyber operations unit focused on defending against cyber threats. On April 1, 2023, Vars_Secc posted to a public Telegram chat channel a screenshot of the National Security Agency’s website. The image indicated the visitor had just applied for some type of job at the NSA. A screenshot posted by Vars_Secc on Telegram on April 1, 2023, suggesting they just applied for a job at the National Security Agency. The NSA has not yet responded to requests for comment. Reached via Telegram, Kiberphant0m acknowledged that KrebsOnSecurity managed to unearth their old handles. “I see you found the IP behind it no way,” Kiberphant0m replied. “I see you managed to find my old aliases LOL.” Kiberphant0m denied being in the U.S. Army or ever being in South Korea, and said all of that was a lengthy ruse designed to create a fictitious persona. “Epic opsec troll,” they claimed. Asked if they were at all concerned about getting busted, Kiberphant0m called that an impossibility. “I literally can’t get caught,” Kiberphant0m said, declining an invitation to explain why. “I don’t even live in the USA Mr. Krebs.” Below is a mind map that hopefully helps illustrate some of the connections between and among Kiberphant0m’s apparent alter egos. A mind map of the connections between and among the identities apparently used by Kiberphant0m. Click to enlarge.

image for News Desk 2024: Can ...

 Feed

GenAI's 30%-50% coding productivity boost comes with a downside — it's also generating vulnerabilities. Veracode's Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.

 Feed

The Akuvox Smart Intercom/Doorphone suffers from an insecure service API access control. The vulnerability in ServicesHTTPAPI endpoint allows users with "User" privileges to modify API access settings and configurations. This improper access control permits privilege escalation, enabling unauthorized access to   show more ...

administrative functionalities. Exploitation of this issue could compromise system integrity and lead to unauthorized system modifications.

 Feed

Debian Linux Security Advisory 5819-1 - Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in denial of service, CLRF injection or information disclosure.

 Feed

Ubuntu Security Notice 7126-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An   show more ...

attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libsoup could enter an infinite loop when reading certain websocket data. An attacker could possibly use this issue to cause a denial of service.

 Feed

Ubuntu Security Notice 7127-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that libsoup did not   show more ...

correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

 Feed

Ubuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.

 Feed

Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

 Feed

Ubuntu Security Notice 6988-2 - USN-6988-1 fixedCVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Ben Kallus discovered that Twisted incorrectly handled response order when   show more ...

processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS.

 Feed

Ubuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

 Feed

Ubuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service.

 Feed

Ubuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root.

 Feed

Red Hat Security Advisory 2024-10389-03 - Red Hat OpenShift Virtualization release 4.13.11 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

 Feed

Red Hat Security Advisory 2024-10386-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

 Feed

Red Hat Security Advisory 2024-10385-03 - A security update is now available for Red Hat JBoss Enterprise Application Platform 8.0. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

 Feed

Red Hat Security Advisory 2024-10289-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Issues addressed include denial of service and traversal vulnerabilities.

 Feed

Red Hat Security Advisory 2024-10275-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

 Feed

A threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet. "This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a

 Feed

An INTERPOL-led operation has led to the arrest of 1,006 suspects across 19 African countries and the takedown of 134,089 malicious infrastructures and networks as part of a coordinated effort to disrupt cybercrime in the continent. Dubbed Serengeti, the law enforcement exercise took place between September 2 and October 31, 2024, and targeted criminals behind ransomware, business email

 Feed

Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in real-world attacks. Also tracked as IranuKit, it was uploaded

 Feed

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of the most common multi-stage attack scenarios that are active right now. URLs and Other Embedded

 Feed

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024. "In this attack,

 Feed

A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until August 2024 with the release of version r1720. As of November 26, 2024,

 Campaign

Source: www.infosecurity-magazine.com – Author: A widespread distributed denial-of-service (DDoS) campaign leveraging accessible tools and targeting IoT devices and enterprise servers has been uncovered by security researchers. Orchestrated by a threat actor known as Matrix, the operation highlights how minimal   show more ...

technical knowledge combined with public scripts can enable global scale cyber-attacks. Matrix’s attack framework, analyzed in […] La entrada New DDoS Campaign Exploits IoT Devices and Server Misconfigurations – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: A UK NHS Trust has declared a major incident and has cancelled all outpatient appointments, citing “cybersecurity reasons.” Wirral University Teaching Hospital (WUTH) has also urged the public to only attend its Emergency Department for “genuine   show more ...

emergencies” while it responds. A spokesperson for the NHS Trust said on November 25: “A […] La entrada NHS Trust Declares Major Incident for “Cybersecurity Reasons” – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Cybercriminals have been observed ramping up operations ahead of the holiday shopping season, driven by darknet marketplaces offering tools and services to exploit e-commerce platforms and consumers. A report from FortiGuard Labs, Understanding Threat Actor   show more ...

Readiness for the Upcoming Holiday Season, has revealed how these underground networks are equipping attackers with […] La entrada Darknet Services Fuel Holiday Scams and E-Commerce Exploits – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Aggressive

Source: www.infosecurity-magazine.com – Author: Chinese state-sponsored threat actor Earth Estries is deploying new malware tools to target government and telecoms organizations globally, according to an analysis by Trend Micro. This includes two backdoors named GhostSpider and Masol RAT to avoid detection and   show more ...

enable prolonged espionage operations. The researchers also observed that the group often implants […] La entrada Aggressive Chinese APT Group Targets Governments with New Backdoors – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Software vendor Blue Yonder, which supplies supply chain management tools to major retailers worldwide, has been hit by a ransomware attack which has affected Starbucks and some UK supermarkets. Blue Yonder confirmed on November 21 that it was experiencing   show more ...

disruptions to its managed services-hosted environment due to the attack. Those disruption […] La entrada Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Over a third of organizations have admitted that they face major challenges monitoring the use of unsanctioned AI tools in the enterprise, according to Strategy Insights. The London-headquartered consulting firm polled 3320 directors from companies across the US,   show more ...

UK, Germany, the Nordics and Benelux regions in order to better understand how […] La entrada Over a Third of Firms Struggling With Shadow AI – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.infosecurity-magazine.com – Author: UK consumers have been on the receiving end of a huge influx of online fraud, losing over £11bn ($13.8bn) in the past 12 months, according to Cifas. The fraud prevention non-profit surveyed 2000 Brits to compile its latest report, The State of Scams in the UK. It   show more ...

revealed that fraud losses […] La entrada UK Scam Losses Surge 50% Annually to £11.4bn – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.mcafee.com – Author: Amy Bunn. When it comes to identity theft, trust your gut when something doesn’t feel right. Follow up. What you’re seeing could be a problem.   A missing bill or a mysterious charge on your credit card could be the tip of an identity theft iceberg,   show more ...

one that can run deep if left unaddressed. Here, we’ll look at several signs of identity theft […] La entrada How to Detect Signs of Identity Theft – Source:www.mcafee.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: cyble.com – Author: daksh sharma. Overview The Computer Emergency Response Team of India (CERT-In) has issued an urgent vulnerability note (CIVN-2024-0349) regarding multiple security flaws in Android. These vulnerabilities, identified as “High” in severity, affect Android versions 12, 12L, 13, 14,   show more ...

and 15, potentially putting millions of devices worldwide at risk. This advisory serves […] La entrada CERT-In Alert: Multiple Vulnerabilities in Android Impacting Millions of Devices – Source:cyble.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Joan Goodchild Source: Jess Rodriguez via Alamy Stock Photo Hiring and retaining neurodivergent talent is a crucial step toward fostering a more inclusive and innovative workforce in cybersecurity. But traditional hiring processes and standardized training programs can   show more ...

often create barriers for these individuals and lead companies to lose out on talent. […] La entrada 8 Tips for Hiring and Training Neurodivergent Talent – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: heimdalsecurity.com – Author: Livia Gyongyoși Most organizations today use dozens – or even hundreds – of cybersecurity tools. In theory, that’s a good thing. There are hundreds of types of threats out there, so using specialized point solutions to address them individually makes a lot of sense.   show more ...

But the drawback of all these point […] La entrada Cybersecurity Silos Disrupt Your Defense. See How Unified Security Platforms Prevent it – Source: heimdalsecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini November 26, 2024 Blue Yonder, a supply chain software provider, suffered a ransomware attack, impacting operations for clients like Starbucks and grocery stores. A ransomware attack on Blue Yonder disrupted operations for several   show more ...

customers, including Starbucks and U.K. grocery chain Sainsbury. “A ransomware attack has disrupted a third-party software […] La entrada Software firm Blue Yonder providing services to US and UK stores, including Starbucks, hit by ransomware attack – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini November 26, 2024 Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. The code is now available on GitHub. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting   show more ...

x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. […] La entrada The source code of Banshee Stealer leaked online – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini November 26, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency   show more ...

(CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8) to its Known Exploited Vulnerabilities […] La entrada U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini November 26, 2024 Thai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members of two Chinese   show more ...

cybercrime organizations, one of these groups carried out SMS blaster attacks. […] La entrada Thai police arrested Chinese hackers involved in SMS blaster attacks – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 AI

Source: grahamcluley.com – Author: Graham Cluley Skip to content In episode 26 of The AI Fix, an AI does surgery on pork chops, holographic Jesus wants your consent to use cookies, Mark opens the pod bay doors, our hosts discover OpenAI’s couch potato health coach, and Graham finds a robot made of drain pipes.   show more ...

Graham […] La entrada The AI Fix #26: Would AI kill sentient robots, and is water wet? – Source: grahamcluley.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.bitdefender.com – Author: Graham Cluley A security researcher has blamed misconfigured implementations of Microsoft Power Pages for a slew of data breaches from web portals – including the leak of 1.1 million NHS employee records. It’s the latest discovery by Dublin-based security   show more ...

researcher Aaron Costello, who previously discovered the health and personal details of […] La entrada Data leaks from websites built on Microsoft Power Pages, including 1.1 million NHS records – Source: www.bitdefender.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Mary Henry AWS re:Invent 2024 is next week, right after a late Thanksgiving when we’re kicking off the last few weeks of a busy year. For many organizations, now is the time to review costs and plan budgets. For many, that means taking a hard look at cloud spend and   show more ...

thinking […] La entrada AWS re:Invent 2024: Optimize Your Kubernetes with Fairwinds and NetApp – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Daniel Glick As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a long-term effort by the DoD to   show more ...

improve how software is developed, deployed, and managed across its network, […] La entrada Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Marc Handelman Tuesday, November 26, 2024 Home » Security Bloggers Network » DEF CON 32 – Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panel Authors/Presenters: Vangelis Stykas Our sincere appreciation to DEF CON, and the Presenters/Authors for   show more ...

publishing their erudite DEF CON 32 content. Originating from the conference’s events located […] La entrada DEF CON 32 – Behind Enemy Lines: Engaging and Disrupting Ransomware Web Panel – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 'Cyber

Source: cyble.com – Author: daksh sharma. Overview The 2023–2024 Annual Cyber Threat Report from the Australian Signals Directorate (ASD) reports a new rise in cyber threats targeting both individuals and businesses in Australia. As global tensions escalate, particularly due to ongoing conflicts such as   show more ...

Russia’s invasion of Ukraine and strife in the Middle East, cybercriminals […] La entrada The 2023–2024 Annual Cyber Threat Report Reveals Rising Cyber Threat Trends for Individuals and Businesses – Source:cyble.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Eduard Kovacs Researchers at offensive cyber solutions provider AmberWolf have disclosed the details of a new attack method that can be leveraged against widely used corporate VPN clients. VPNs are often used by organizations for secure remote access, but the AmberWolf   show more ...

researchers showed that the attack surface they introduce should not […] La entrada New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Ionut Arghire A Russia-linked APT actor has been observed chaining two recent zero-day vulnerabilities in Firefox and Windows to deploy a backdoor on the victims’ machines, ESET reports. The hacking group, tracked as RomCom, Storm-0978, Tropical Scorpius, and UNC2596,   show more ...

has been conducting opportunistic and targeted campaigns against various sectors, as part […] La entrada Russian APT Chained Firefox and Windows Zero-Days Against US and European Targets – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Associated Press Interpol arrested 1,006 suspects in Africa during a massive two-month operation, clamping down on cybercrime that left tens of thousands of victims, including some who were trafficked, and produced millions in financial damages, the global police   show more ...

organization said Tuesday. Operation Serengeti, a joint operation with Afripol, the African Union’s […] La entrada Interpol Clamps Down on Cybercrime and Arrests Over 1,000 Suspects in Africa – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Aria Operations

Source: www.securityweek.com – Author: Ryan Naraine Virtualization software vendor VMware on Tuesday released a high-severity bulletin with patches for at least five security defects in its Aria Operations product. The company documented five distinct vulnerabilities in the cloud IT operations platform and   show more ...

warned that malicious hackers can craft exploits to elevate privileges or launch cross-site […] La entrada VMware Patches High-Severity Vulnerabilities in Aria Operations – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Ionut Arghire IBM on Monday announced patches for multiple vulnerabilities across its products, including two high-severity remote code execution (RCE) issues in Data Virtualization Manager and Security SOAR. Tracked as CVE-2024-52899 (CVSS score of 8.5), the flaw in Data   show more ...

Virtualization Manager for z/OS could allow a remote, authenticated attacker to inject […] La entrada IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Array Networks

Source: www.securityweek.com – Author: Ionut Arghire The US cybersecurity agency CISA on Monday warned of the in-the-wild exploitation of a critical-severity vulnerability in Array Networks’ Array AG and vxAG secure access gateway products. The issue, tracked as CVE-2023-28461 (CVSS score of 9.8), is   show more ...

described as a remote code execution (RCE) flaw that “allows an attacker […] La entrada Chinese Hackers Exploiting Critical Vulnerability in Array Networks Gateways – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Ionut Arghire Auto insurance companies Geico and Travelers were fined $11 million in New York over data breaches that impacted the personal information of over 120,000 individuals. The insurance quoting tools of Government Employees Insurance Company (Geico) were targeted   show more ...

in several cyberattacks starting November 2020, leading to the compromise of a […] La entrada New York Fines Geico and Travelers $11 Million Over Data Breaches – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cell phones

Source: www.schneier.com – Author: Bruce Schneier This is from 404 Media: The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released versions of   show more ...

Apple’s mobile […] La entrada What Graykey Can and Can’t Unlock – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.hackerone.com – Author: HackerOne. Cybercriminals don’t take a break during the holiday shopping season. On the contrary, last year’s holiday season resulted in a 227% increase in adware and a 53% increase malvertising attacks. This year, 62% of consumers are concerned about becoming victims   show more ...

of cybercrime, with an 11% increase in shoppers specifically worried about AI […] La entrada Why Retail and E-commerce Organizations Trust Security Researchers During the Holiday Shopping Season – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.hackerone.com – Author: Sandeep Singh. The NIS2 Directive represents an essential evolution in the European Union’s approach to cybersecurity, building upon the first NIS Directive. It responds to today’s more interconnected digital world and the growing sophistication of cyber threats.   show more ...

 As cybercrime escalates, with global damage reaching $8.5 trillion in 2023, the need for robust, adaptable cybersecurity […] La entrada Network and Information Systems Directive (NIS2) Compliance: What You Need to Know – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-11
Aggregator history
Wednesday, November 27
FRI
SAT
SUN
MON
TUE
WED
THU
NovemberDecemberJanuary