Deep-learning models have found applications across various industries, from healthcare diagnostics to financial forecasting. However, their high computational demands often require powerful cloud-based servers. This dependency on cloud computing raises notable security concerns, particularly in sensitive sectors like healthcare. Hospitals,…
Category: EN
Navigating the NIS2 Directive: Key insights for cybersecurity compliance and how Sekoia.io can help
To read the French version the article, click here. The European Union (EU) adopted a fundamental directive at the end of 2022 aimed at protecting critical sectors of the European economy from cyber threats. Directive (EU) 2022/2555, better known as…
TeamTNT Hackers Attacking VPS Servers Running CentOS
TeamTNT is targeting CentOS VPS clouds with SSH brute force attacks. It has uploaded a malicious script that disables security, deletes logs, and modifies system files to kill existing miners, remove Docker containers, and redirect DNS to Google servers. The…
UK government’s bank data sharing plan slammed as ‘financial snoopers’ charter’
Access to account info needed to tackle benefit fraud, latest bill claims Privacy campaigners are criticizing UK proposals to force banks to share data from the accounts of government benefit claimants, saying the ploy amounts to “a financial snoopers’ charter…
Threat landscape for industrial automation systems, Q2 2024
In this report, we share statistics on threats to industrial control systems in Q2 2024, including statistics by region, industry, malware and other threat types. This article has been indexed from Securelist Read the original article: Threat landscape for industrial…
Malicious Ads Hide Infostealer in League of Legends ‘Download’
Bitdefender is warning League of Legends fans not to fall for a phishing campaign designed to spread Lumma Stealer malware This article has been indexed from www.infosecurity-magazine.com Read the original article: Malicious Ads Hide Infostealer in League of Legends ‘Download’
Open Source C3 Frameworks Used In Red Teaming Assessments Vulnerable To RCE Attacks
C2 frameworks, crucial for post-exploitation operations, offer open-source alternatives to Cobalt Strike. They streamline the management of compromised systems, enable efficient collaboration, and evade detection by providing customizable behaviors. It is a toolset attackers use to control and manage compromised…
Microsoft Warns Of Vanilla Tempest Hackers Attacking Healthcare Sector
Microsoft has identified a new attack vector employed by the financially motivated threat actor Vanilla Tempest. This actor has been observed leveraging the INC ransomware to target healthcare organizations within the United States. Specifically, Vanilla Tempest is exploiting vulnerabilities in…
Beware Of Fake Captcha Attacks That Delivers Lumma Stealer Malware
In the past four weeks, a significant increase in malware distribution attempts via fake Captcha campaigns has been observed, targeting over 1.4 million users. Lumma Stealer, a hazardous malware designed for data theft, is the primary payload being distributed. Cybercriminals…
Russian Hackers Registering Domains Targeting US Tech Brands
Researchers are tracking a Russian threat actor deploying domains involved in crypto scams targeting the US Presidential Election and tech brands. The scams offer double crypto returns for deposits and are designed to deceive users into sending coins to attacker-controlled…
5 obscure web browsers that will finally break your Chrome addiction
Give one of these alternative browsers just a few minutes of your time and you’ll never go back. They’re all free, so what have you got to lose? This article has been indexed from Latest stories for ZDNET in Security…
Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which…
Critical Arc Browser Vulnerability Let Attackers Execute Remote Code
Arc’s Boosts feature lets users customize websites with CSS and JavaScript. While JavaScript Boosts are not shareable to protect security, they are synced across devices for personal use. Misconfigured Firebase ACLs enabled unauthorized users to modify the creatorID of Boosts,…
Flax Typhoon’s Botnet Actively Exploiting 66 Vulnerabilities In Various Devices
The Five Eyes agencies recently released a joint cybersecurity advisory detailing a new botnet, Flax Typhoon, linked to Chinese state-sponsored actors. The advisory highlights the actors’ use of compromised routers and IoT devices to establish a vast botnet capable of…
Data of 3,191 congressional staffers leaked in the dark web
The personal information of over 3,000 congressional staffers was leaked on the dark web following a major cyberattack on the U.S. Capitol. The personal information of approximately 3,191 congressional staffers has been leaked on the dark web, according to new…
AI use: 3 essential questions every CISO must ask
In July, Wall Street experienced its worst day since 2022, with the tech-focused Nasdaq falling by 3.6%. The downturn was largely triggered by what commentators suggest is the result of underwhelming earnings from some major tech companies. What’s notable is…
Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign
Nation-state threat actors backed by Beijing broke into a “handful” of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to…
CISA Releases Guide to Empower Software Buyers in Creating a Secure Tech Ecosystem
Recognizing that cyber criminals increasingly exploit software vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken the lead with a new resource for software customers—the “Secure by Demand Guide.” The Guide is part of CISA’s ongoing effort to…
PECB Conference 2024: A Global Forum for IT, Security, and Privacy Professionals
The PECB Conference 2024 is set to take place from 30 September to 3 October at the Van der Valk Hotel Breukelen in Amsterdam. This annual event will gather global experts, thought leaders, and professionals to explore the latest trends…
Cybersecurity in E-Commerce
In any organization, regardless of the industry or the size, cybersecurity is one of the most pressing concerns to handle. Some companies, especially those that store and manage large amounts of sensitive data and those that operate primarily in the…