Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Feed

Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. "The target of the threat actors were Thailand officials based on the nature of the lures," Nikhil Hegde, senior engineer for Netskope's Security Efficacy team, told The Hacker News. "The Yokai backdoor itself is not

 Feed

Germany's Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and their command-and-control (C2) servers by sinkholing the domains

 0CISO2CISO

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini December 13, 2024 The German agency BSI has sinkholed a botnet composed of 30,000 devices shipped with BadBox malware pre-installed. The Federal Office for Information Security (BSI) announced it had blocked communication between the   show more ...

30,000 devices infected with the BadBox malware and the C2. The devices were […] La entrada German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini December 13, 2024 The U.S. Department of Justice (DoJ) announced the seizure of the cybercrime marketplace Rydox (“rydox.ru” and “rydox[.]cc”). The U.S. Department of Justice (DoJ) seized Rydox, a cybercrime marketplace for   show more ...

selling stolen personal data and fraud tools. Kosovars authorities arrested three Kosovo nationals and administrators […] La entrada U.S. authorities seized cybercrime marketplace Rydox – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini December 13, 2024 The Russia-linked APT Gamaredon used two new Android spyware tools called BoneSpy and PlainGnome against former Soviet states. Lookout researchers linked the BoneSpy and PlainGnome Android surveillance families to   show more ...

the Russian APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, and ACTINIUM). These are the first known mobile malware families […] La entrada Experts discovered the first mobile malware families linked to Russia’s Gamaredon – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Bitcoin

Source: securityaffairs.com – Author: Pierluigi Paganini Pierluigi Paganini December 12, 2024 US Bitcoin ATM operator Byte Federal suffered a data breach impacting 58,000 customers, attackers gained unauthorized access to a server via GitLab flaw. US Bitcoin ATM operator Byte Federal disclosed a data breach   show more ...

after threat actors gained unauthorized access to a company server by […] La entrada US Bitcoin ATM operator Byte Federal suffered a data breach – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APAC

Source: www.techrepublic.com – Author: Ben Abbott The Australian Signals Directorate and the Australian Cyber Security Centre have joined cybersecurity institutions from the U.S., Canada, and New Zealand in warning local technology professionals to beware of threat actors affiliated with China, including Salt   show more ...

Typhoon, infiltrating their critical communications infrastructure. The news comes weeks after the Australian […] La entrada Australian IT Pros Urged to Guard Against Chinese Cybersecurity Threats – Source: www.techrepublic.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 academic papers

Source: www.schneier.com – Author: Bruce Schneier About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I’ve been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998. I’m a fellow and   show more ...

lecturer at Harvard’s Kennedy School, a board member of EFF, […] La entrada Friday Squid Blogging: Biology and Ecology of the Colossal Squid – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.schneier.com – Author: Bruce Schneier Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics ­—which has almost 60 million downloads—was published to the Python   show more ...

Package Index (PyPI) package repository. The package contained downloader […] La entrada Ultralytics Supply-Chain Attack – Source: www.schneier.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Deeba Ahmed. SUMMARY Cybersecurity researcher Jeremiah Fowler discovered an unprotected Care1 database with over 4.8 million patient records. Exposed data included names, addresses, medical histories, and Personal Health Numbers (PHNs). Responsibility for the breach and its   show more ...

duration remains unclear. Healthcare data breaches are increasing, posing significant privacy risks. Stronger cybersecurity measures […] La entrada Canadian Eyecare Firm Care1 Exposes 2.2TB of Patient Records – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Owais Sultan. Health Tech is booming, projected to grow from $312.92B in 2024 to $981.23B by 2032. Serhiy Tokarev highlights its social and business impact, with AI, scalability, and global health transformation at its core. Health Tech represents a perfect intersection of   show more ...

business and social impact. That is why Serhiy Tokarev, co-founder […] La entrada Serhiy Tokarev Explains Why Health Tech Startups Are Worth Investing In – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: socprime.com – Author: Daryna Olyniychuk Hot on the heels of russia-linked BlueAlpha’s exploitation of Cloudflare Tunneling services to spread GammaDrop malware, another russia-backed state-sponsored APT group comes to the spotlight. The nefarious actor tracked as Secret Blizzard (aka Turla) APT group   show more ...

has been observed leveraging offensive tools and infrastructure of other hacking collectives. The […] La entrada Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version – Source: socprime.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers. While IOCONTROL is a custom-built backdoor for   show more ...

hijacking IoT devices, it also has a “direct impact” on operational technology (OT) including fuel […] La entrada Iran-linked crew used custom ‘cyberweapon’ in US critical infrastructure attacks – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson A Texan who ran a forum on the dark web where depraved netizens could swap child sex abuse material (CSAM), and chat freely about abusing kids, has been sentenced to 30 years in prison. An FBI probe in 2018 identified Robert Shouse, 37, of Houston, as the   show more ...

administrator of […] La entrada Scumbag gets 30 years in the clink for running CSAM dark-web chatrooms, abusing kids – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Thomas Claburn A year ago, Google announced plans to save people’s Location History, which it now calls Timeline, locally on devices rather than on its servers. “This update gives people even more control over their data – and like before, they have the option   show more ...

to save it indefinitely if they want,” […] La entrada Google Timeline location purge causes collateral damage – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 cyber

Source: go.theregister.com – Author: George Tubin and Michael Newell, Cynet Partner Content Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders is to keep IT environments up and running. To guard against cyber threats and prevent data   show more ...

breaches, it’s vital to understand the current cybersecurity vendor landscape and continually […] La entrada Cyber protection made intuitive and affordable – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: Cybercrime , Endpoint Security , Fraud Management & Cybercrime Around 30,000 German IoT Infected from Backdroored Android Applications Akshaya Asokan (asokan_akshaya) • December 13, 2024     A sinkhole in Germah’s Swabian Alps. (Image: Shutterstock) The   show more ...

German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture […] La entrada German BSI Disrupts Android Malware Infecting IoT Devices – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: Artificial Intelligence & Machine Learning , Healthcare , Industry Specific Also: How Leading Cybersecurity Firms are Gearing up for 2025 Anna Delaney (annamadeline) • December 13, 2024     Clockwise, from top left: Anna Delaney, Tony Morbin, Marianne Kolbasuk   show more ...

McGee and Michael Novinson In the latest weekly update, ISMG editors discussed […] La entrada ISMG Editors: CEO Shooting Sparks AI Accountability Debate – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider Marianne Kolbasuk McGee (HealthInfoSec) • December 13, 2024   show more ...

    PIH Health Whittier Hospital is among facilities affected by a Dec. 1 ransomware attack on […] La entrada Hackers Steal 17M Patient Records in Attack on 3 Hospitals – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: Attack Surface Management , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Prajeet Nair (@prajeetspeaks) • December 13, 2024     Image: Shutterstock An Iranian state hacking group is using custom malware that researchers liken to a   show more ...

“cyber weapon” to compromise IoT and OT infrastructure in Israel and the United […] La entrada Researchers: Iranian Custom Malware Targets Fuel Systems – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.govinfosecurity.com – Author: Active Directory , Fraud Management & Cybercrime , Ransomware Presented by Commvault     60 minutes     90% of ransomware attacks target Active Directory – and even innocent AD errors can bring productivity to a stop. As Active Directory expands into the   show more ...

cloud, yesterday’s defenses leave today’s organizations vulnerable. To […] La entrada Live Webinar | Active Directory Under Attack: How to Build a Resilient Enterprise – Source: www.govinfosecurity.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.hackerone.com – Author: HackerOne. Forrester Consulting recently published “The Total Economic Impact Of HackerOne Challenge: Improved Security And Compliance”. This blog takes a look at some of Forrester’s main findings including improved security, “the most important benefit of using   show more ...

HackerOne Challenge”.  For all our readers, penetration testing as a service offering was the focus […] La entrada Breaking Down the Benefits of Hacker-Powered Pen Tests – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: www.hackerone.com – Author: HackerOne. HackerOne customers have received more than 120,000 (and counting!) valid security vulnerabilities across more than 1,400 programs of all sizes. Combined, they represent a clear picture of the real-world risks we face today. For the first time ever, HackerOne is   show more ...

providing our list of the top 10 rewarded vulnerability types […] La entrada The HackerOne Top 10 Most Impactful and Rewarded Vulnerability Types – Source:www.hackerone.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Ryan Naraine The US Justice Department on Thursday announced indictments against 14 North Korean nationals for their involvement in a multi-year scheme to pose as remote IT workers to violate sanctions and commit wire fraud, money laundering, and identity theft.  The   show more ...

indictment, unsealed in federal court in St. Louis, details an […] La entrada Fake IT Workers Funneled Millions to North Korea, DOJ Says – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.securityweek.com – Author: Torsten George Phishing is one of the most prevalent tactics, techniques, and procedures (TTPs) in today’s cyber threat landscape. It often serves as a gateway to data breaches that can have devastating consequences for organizations and individuals alike. For instance,   show more ...

the Colonial Pipeline cyberattack in 2021 began with a Phishing-related compromise […] La entrada Phishing: The Silent Precursor to Data Breaches – Source: www.securityweek.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: Cybercrime , Endpoint Security , Fraud Management & Cybercrime Around 30,000 German IoT Infected from Backdroored Android Applications Akshaya Asokan (asokan_akshaya) • December 13, 2024     A sinkhole in Germah’s Swabian Alps. (Image: Shutterstock) The   show more ...

German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture […] La entrada German BSI Disrupts Android Malware Infecting IoT Devices – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: Artificial Intelligence & Machine Learning , Healthcare , Industry Specific Also: How Leading Cybersecurity Firms are Gearing up for 2025 Anna Delaney (annamadeline) • December 13, 2024     Clockwise, from top left: Anna Delaney, Tony Morbin, Marianne Kolbasuk   show more ...

McGee and Michael Novinson In the latest weekly update, ISMG editors discussed […] La entrada ISMG Editors: CEO Shooting Sparks AI Accountability Debate – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider Marianne Kolbasuk McGee (HealthInfoSec) • December 13, 2024   show more ...

    PIH Health Whittier Hospital is among facilities affected by a Dec. 1 ransomware attack on […] La entrada Hackers Steal 17M Patient Records in Attack on 3 Hospitals – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.databreachtoday.com – Author: Attack Surface Management , Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Prajeet Nair (@prajeetspeaks) • December 13, 2024     Image: Shutterstock An Iranian state hacking group is using custom malware that researchers liken to a   show more ...

“cyber weapon” to compromise IoT and OT infrastructure in Israel and the United […] La entrada Researchers: Iranian Custom Malware Targets Fuel Systems – Source: www.databreachtoday.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-12
Aggregator history
Saturday, December 14
SUN
MON
TUE
WED
THU
FRI
SAT
DecemberJanuaryFebruary