Bitwarden announced further enhancements to inline autofill capabilities within the Bitwarden browser extension. Following the recent addition of autofill for cards and identities, this update ensures seamless autofill of passkeys, providing a faster, more secure, and convenient way for users…
Category: EN
OneTrust helps organizations operationalize DORA compliance
OneTrust announced new capabilities to help organizations enhance resilience across the financial sector and operationalize compliance with the EU’s Digital Operational Resilience Act (DORA). Building upon its comprehensive OneTrust Third-Party Management solution, OneTrust will now offer first-to-market capabilities such as…
Arkansas City water treatment facility switched to manual operations following a cyberattack
Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations due to a cyberattack. Arkansas City, Kansas, had to switch its water treatment facility to manual operations over the weekend…
Commvault acquires Clumio to accelerate cyber resilience capabilities for AWS
Commvault announced it will acquire Clumio, a technology leader in data protection for critical cloud data in AWS. This transaction enables Commvault to leverage Clumio’s AWS offerings to provide cyber resilience to next generation applications built on AWS. Clumio serves…
Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware
Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging…
SilentSelfie: Uncovering a major watering hole campaign against Kurdish websites
Our investigation uncovered 25 kurdish websites compromised by four different variants of a malicious script, ranging from the simplest, which obtains the device’s location, to the most complex, which prompts selected users to install a malicious Android application. La publication…
US Capitol data breach and MoneyGram Cyber Attack details
US Capitol Email Data Breach: Information on the Dark Web Recent reports suggest that a hacking group or potentially a state-sponsored actor has gained unauthorized access to the email accounts of over 3,000 congressional staffers. The stolen information is now…
The Importance of Healthcare Data to Ransomware Hackers
In today’s digital age, the healthcare sector has increasingly become a prime target for ransomware attacks. Cyber-criminals recognize that healthcare data is not only valuable but also uniquely vulnerable, leading to a surge in targeted attacks. Understanding why healthcare data…
MoneyGram Confirms Cyberattack Following Outage
MoneyGram, a leading global money transfer service, has confirmed that it was the victim of a cyberattack, following a significant network outage that disrupted customer services worldwide. The company initially reported an issue with connectivity across several of its systems,…
Kansas County Ransomware Attack Exposed Nearly 30,000 Residents’ Sensitive Data
Franklin County, Kansas, has fallen victim to a ransomware attack that compromised the sensitive data of nearly 30,000 residents. The breach occurred on May 19, 2024, and was not discovered until August 29, 2024. According to a report submitted by…
New Android banking trojan Octo2 targets European banks
A new version of the Android banking trojan Octo, called Octo2, supports improved features that allow to takeover infected devices. ThreatFabric researchers discovered a new version of the Android banking trojan Octo, called Octo2, that supports more advanced remote action…
CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593…
Evilginx – an open source program to bypass MFA: Cyber Security Today for Wednesday, September 25, 2024
Evilginx: MFA Bypass Tool, Kaspersky’s Exit & FTC’s Data Surveillance Report – Cyber Security Today In this episode of Cyber Security Today, host Jim Love discusses a new cyber security tool called Evilginx that bypasses multi factor authentication (MFA), Kaspersky’s…
Underfunding and Leadership Gaps Weaken Cybersecurity Defenses
Despite cyber risk growing at an alarming rate, a recent global study from Trend Micro, highlights that many organizations are failing to implement adequate cybersecurity measures due to a lack of strategic leadership and investment. Key Findings of the Report…
Securing non-human identities: Why fragmented strategies fail
In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now outnumbering human identities by 20 to 1, organizations are struggling to secure these…
NetAlertX: Open-source Wi-Fi intruder detector
NetAlertX is an open-source Wi-Fi/LAN intruder detection tool that scans your network for connected devices and alerts you when new or unknown devices are detected. It provides visibility into your network activity to help you monitor unauthorized access. “NetAlertX comes…
Necro Trojan Strikes Google Play Again, Infecting Popular Apps
In a troubling development, the Necro Trojan has resurfaced on Google Play, infecting popular applications and reaching millions of Android devices worldwide. Kaspersky’s cybersecurity researchers discovered the Necro malware in various apps, including some available on official app stores like…
Generative AI Fuels New Wave of Cyberattacks, HP Warns
Attackers are employing AI-generated scripts, leveraging malvertising to distribute rogue PDF tools, and embedding malware in image files. These developments mark a significant shift in the threat landscape, accelerating the frequency and complexity of cyberattacks. This was revealed by HP’s…
Symmetry Systems Shines as Finalist in Cloud Security Alliance Startup Pitchapalooza
https://youtu.be/VVHoUNwQc6k Missed the Cloud Security Alliance Startup Pitchapalooza? Watch the Recording Now! Earlier this year, in May 2024, the Cloud… The post Symmetry Systems Shines as Finalist in Cloud Security Alliance Startup Pitchapalooza appeared first on Symmetry Systems. The post…
Cybersecurity jobs available right now: September 25, 2024
CISO Guardz | Israel | Hybrid – View job details As a CISO, you will develop and implement security policies and procedures to enhance the security of the company’s IT environment. Develop, implement, and maintain a comprehensive information security strategy…