Cybersecurity Failures: Lawsuits, Outages, and International Threats In this episode of Cybersecurity Today, host Jim Love covers a range of critical cybersecurity issues. The U.S. sues Georgia Tech for not meeting cybersecurity standards as a Pentagon contractor. A potential cyber…
Category: EN
Cyber Attack disrupts operations at Seattle Tacoma International Airport
A sophisticated cyber attack has reportedly disrupted operations at Seattle-Tacoma International Airport, affecting one of the busiest airports in the Pacific Northwest. The attack, which occurred early Saturday morning, targeted the airport’s website and phone systems, causing significant disruptions. However,…
How Chaos Engineering Makes Corporate Networks Resilient to Cyber Attacks
In an era where cyber threats are becoming increasingly sophisticated, traditional security measures alone are often not enough to safeguard corporate networks. This is where Chaos Engineering comes into play. By intentionally introducing controlled disruptions into a system, Chaos Engineering…
New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards
Cybersecurity researchers have uncovered new Android malware that can relay victims’ contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware…
Event Logging Key to Detecting LOTL Attacks, Security Agencies Say
A report by CISA, the FBI, the NSA, and international agencies lay out the argument that event logging tools help enterprises better detect attacks that rely on LOTL techniques used by threat groups to evade security protections during an attack.…
Two strategies to protect your business from the next large-scale tech failure
The CrowdStrike event in July clearly demonstrated the risks of allowing a software vendor deep access to network infrastructure. It also raised concerns about the concentration of digital services in the hands of a few companies. A prescient Reddit post…
Ransomware Attacks, Demands, and Payments Rise in Q2
In Q2 2024, new ransomware groups, including PLAY, Medusa, RansomHub, INC Ransom, BlackSuit and some additional lesser-known factions, led a series of attacks that eclipsed the first quarter of this year by 16% and the second quarter of 2023 by…
Prism Infosec Debuts Red Team Engagement Service
Prism Infosec, an independent cybersecurity consultancy,has introduced PULSE testing service. The service aims to help entities that may not have the resources to dedicate to a full-scale red team exercise and assess their defense capabilities against real-world threats. The company…
Secure Web Gateway Vulnerabilities Exposed: SquareX’s Research Stirs the Industry
Vivek Ramachandran, Founder & CEO of SquareX, at DEF CON Main Stage. At DEF CON 32 this year, SquareX presented compelling research that revealed the shortcomings of Secure Web Gateways (SWG) in protecting the browser and demonstrated 30+ foolproof methods to…
Adversaries love bots, short-lived IP addresses, out-of-band domains
Fastly found 91% of cyberattacks – up from 69% in 2023 – targeted multiple customers using mass scanning techniques to uncover and exploit software vulnerabilities, revealing an alarming trend in attacks spreading across a broader target base. Industries ranked by…
Rebrand, regroup, ransomware, repeat
Changes witnessed over the last few years have led to larger ransomware groups breaking into smaller units, posing more considerable challenges for law enforcement. Ransomware actors are evading arrest more easily and adapting methods with innovative technologies. In this Help…
Nuclei: Open-source vulnerability scanner
Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false…
ISC Stormcast For Monday, August 26th, 2024 https://isc.sans.edu/podcastdetail/9112, (Mon, Aug 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, August 26th, 2024…
Alleged Karakut ransomware scumbag charged in US
Plus: Microsoft issues workaround for dual-boot crashes; ARRL cops to ransom payment, and more Infosec in brief Deniss Zolotarjovs, a suspected member of the Russian Karakurt ransomware gang, has been charged in a US court with allegedly conspiring to commit…
GenAI buzz fading among senior executives
GenAI adoption has reached a critical phase, with 67% of respondents reporting their organization is increasing its investment in GenAI due to strong value to date, according to Deloitte. “The State of Generative AI in the Enterprise: Now decides Next,”…
BlackSuit Ransomware
Key Takeaways In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware. The threat actor … Read More This article has been indexed from The…
Pavel Durov’s Arrest Leaves Telegram Hanging in the Balance
Durov has reportedly been detained in France over Telegram’s alleged failure to adequately moderate illegal content on the messaging app. His arrest sparked backlash and left some associates asking, what now? This article has been indexed from Security Latest Read…
Traderie – 364,898 breached accounts
In September 2022, the in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles. The…
North Korea Exploited Windows Zero-Day Vulnerability to Install Fudmodule
North Korea’s Lazarus hacking group has once again exploited a zero-day vulnerability in Microsoft Windows to deploy malware on targeted devices. On August 13, Microsoft addressed this issue with its monthly Patch Tuesday updates, fixing a flaw in the…
The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’
The Port of Seattle, which also operates the Seattle-Tacoma International Airport, said it was hit with a “possible cyberattack” that appeared to affect websites and phone systems. The port first noted the outages via social media on Saturday morning, with…