July 26, 2024
Via: Dark ReadingIn the realm of cybersecurity risk, the obscure dark corner of the room is operational technology (OT). This is the space where computers and physical function come together, opening and closing valves, flipping breakers, stamping metal, and changing the temperature in your […]
Cloud Computing, Cybersecurity, Tech
July 25, 2024
Via: Dark ReadingOrganizations have plenty of tools to identify cloud risks, vulnerabilities, and misconfigurations, but not so much for remediating cloud risks. For most organizations, significant back-and-forth is needed between DevOps and security teams to validate the risk, understand the root cause, […]
July 24, 2024
Via: StateScoopAll eight branches of the Jefferson County Clerk’s Office in Louisville, Kentucky, remain closed after a ransomware attack on Monday. The clerk’s office, responsible for issuing vehicle and voter registrations, professional licenses and housing deeds, told Spectrum News 1, which […]
July 23, 2024
Via: CSO OnlineResearchers have linked a previously unattributed Mac backdoor and a new Windows Trojan to a Chinese APT group known as Daggerfly that has been around for over a decade and targets organizations and individuals around the world. The group appears […]
July 19, 2024
Via: CSO OnlineWhat is hashcat? Hashcat is a popular and effective password cracker widely used by both penetration testers and sysadmins, as well as criminals and spies. Cracking passwords is different from guessing a web login password, which typically allows only a […]
July 18, 2024
Via: Dark ReadingIranian cyber-espionage group MuddyWater is pivoting from controlling infected systems with legitimate remote-management software to instead dropping a custom-made backdoor implant. As recently as April, the group infected systems by targeting Internet-exposed servers or through spear phishing, ending with the […]
July 16, 2024
Via: CSO OnlineWalt Disney’s internal communications on Slack have been leaked online, exposing sensitive details about ad campaigns, studio technology, and interview candidates, according to a Wall Street Journal report. The hacker group NullBulge claimed responsibility, stating in a blog post that they […]
July 15, 2024
Via: CSO OnlineThere is plenty of intelligence that can be gathered from call data records if you know where to look. Spy agencies have been doing it effectively for years. Last week we learned via an SEC 8K filing that data has […]
July 11, 2024
Via: CSO OnlineSpending sprees, acquisitions, siloed departments, and escalating security concerns have many CISOs drowning in security solutions. Here’s how to rein in the tool sprawl and ensure enhanced security as you streamline your security stack. Organizations have been on a spending […]
July 10, 2024
Via: CSO OnlineRansomware attack saw LockBit group access and download critical customer information. The number of persons affected by a recent data breach at Evolve Bank & Trust exceeds 7.64 million, a document submitted to the Office of the Maine Attorney General this week […]
July 8, 2024
Via: CSO OnlineChina and other nation-state bad actors are probing the defenses of critical infrastructure worldwide and legacy or outdated systems are prime targets. The time to mitigate that risk is now. Rare is the element of critical infrastructure ecosystem that doesn’t […]
June 24, 2024
Via: CSO OnlineProperly securing APIs will help your organization defend against cyberattacks, drive operational efficiencies, satisfy audit and compliance requirements and enable innovation. Simply put, APIs (short for application programming interface) are how machines, cloud workloads, automation and other non-human entities communicate […]
Cybersecurity, Federal, Policy
June 21, 2024
Via: CSO OnlineThe popular antivirus software vendor will be prohibited from selling its software within the US or providing updates to software already in use. The Biden administration has reached a decision to block all new sales of Kaspersky Labs’ products and […]
June 19, 2024
Via: Dark ReadingInadequate cybersecurity architecture can cause irreparable damage to an organization, which is why boards and C-suite executives are heeding recommendations to implement policies and procedures to mitigate risk. In addition, boardrooms are also paying attention to other hot topics, including […]
June 18, 2024
Via: CIOOver the last few years, AI adoption has grown exponentially. But with it comes a number of risks around endpoint security. Learn what they are and how you can protect against these new threats. AI has made endpoint security even […]
June 14, 2024
Via: InformationWeekA zero-trust network is true to its namesake: zero trust. Zero-trust networks provide continuous authentication of users and activities on the network. This is in contrast to what traditional network authorization schemes do: authenticate users once, at the time that they initially […]
Cybersecurity, Hardware & Software, Tech
June 13, 2024
Via: Dark ReadingNvidia has issued 10 security alerts detailing vulnerabilities in the company’s GPU drivers and virtualization software. The vulnerabilities, if successfully exploited, could allow attackers to steal or tamper with data, execute arbitrary code, or take control of programs, the company […]
June 12, 2024
Via: ArsTechnicaHackers working for the Chinese government gained access to more than 20,000 VPN appliances sold by Fortinet using a critical vulnerability that the company failed to disclose for two weeks after fixing it, Netherlands government officials said. The vulnerability, tracked […]
June 10, 2024
Via: Dark ReadingAccording to Coalition’s research, Common Vulnerabilities and Exposures (CVEs) are expected to increase by 25% in 2024 to a shocking height of 34,888 vulnerabilities, or roughly 2,900 per month. As attack surfaces continue to expand rapidly, business leaders face mission-critical […]
June 5, 2024
Via: CSO OnlineThe ransomware payload is designed for an easy and quicker payday over a deep, double-extortive infection. Arctic Wolf’s incident response team has identified a new ransomware variant, referred to as Fog — targeting the education and recreation sectors in the […]