The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data. This article has been indexed from Malwarebytes Read the original…
Category: EN
Five Eyes Agencies Release New AI Security Guidance
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from News ≈ Packet Storm Read the original article: Five Eyes Agencies Release New AI Security Guidance
United Nations Agency Investigating Ransomware Attack Involving Data Theft
United Nations Development Programme (UNDP) investigating a ransomware attack in which hackers stole sensitive data. The post United Nations Agency Investigating Ransomware Attack Involving Data Theft appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read…
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to…
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Zscaler also confirmed MadMxShell uses DLL sideloading and DNS tunneling for C2 communication This article has been indexed from www.infosecurity-magazine.com Read the original article: New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Russia Already Meddling In US Election, Microsoft Warns
Microsoft warns of Russian influence campaigns have begun targetting upcoming US election, albeit at a slower pace than previous operations This article has been indexed from Silicon UK Read the original article: Russia Already Meddling In US Election, Microsoft Warns
Palo Alto ZeroDay Exploited in The Wild Following PoC Release
Palo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified as CVE-2024-3400. This zero-day flaw, found in the GlobalProtect Gateway, is currently under active exploitation by attackers. CVE-2024-3400 allows attackers to execute arbitrary OS commands on…
FIN7 Targets American Automaker’s IT Staff in Phishing Attacks
The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. This article has been indexed from Cyware News – Latest Cyber News…
37 Arrested as Police Smash LabHost International Fraud Network
Police have successfully infiltrated and disrupted the fraud platform “LabHost”, used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK’s Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals…
Ransomware Attack Targets Healthcare Giant, Change Healthcare
A recent cyberattack on Change Healthcare, a subsidiary of United Health, has led to a distressing data extortion situation, further complicating an already tumultuous ordeal. Let’s delve into the details to understand the gravity of the situation and its…
Iranian Hacker Group Blast Out Threatening Texts to Israelis
Handala, an Iranian cyber outfit, has claimed to have taken down the Iron Dome missile defence system and breached Israel’s radars. A major cyber attack is believed to have unfolded when the Handala hacking group, which is renowned for…
Gurucul federated search provides insights into data that is not centralized
Gurucul announced enhancements to its federated search capabilities. Gurucul federated search empowers users to run queries from a single console across any data source, including data lakes, cloud object storage, databases, identity systems, threat intel sources, and SIEMs – including…
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). “FIN7 identified employees at the company who worked in the IT department…
Microsoft and Google are top brands misused to scam users
Online users are increasingly becoming targets of phishing attacks, with hackers exploiting the names of leading technology companies to lure unsuspecting victims into scams that result in financial loss or malware infections. According to research from Check Point technology, scammers…
Russian APT44 – The Most Notorious Cyber Sabotage Group Globally
As Russia’s invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS, APT44) cyber threat group remains highly active and increasingly integrated with Russian conventional military operations in support of Moscow’s war aims. However, Sandworm’s disruptive operations now…
FIN7 Hackers Attacking IT Employees Of Automotive Industry
IT employees in the automotive industry are often targeted by hackers because they have access to sensitive information such as customer data, intellectual property, and critical systems. The connected technologies’ dependence on the automotive industry and the value of their…
185K people’s sensitive data in the pits after ransomware raid on Cherry Health
Extent of information seized will be a concern for those affected Ransomware strikes at yet another US healthcare organization led to the theft of sensitive data belonging to just shy of 185,000 people.… This article has been indexed from The…
SoumniBot Exploiting Android Manifest Flaws to Evade Detection
A new banker, SoumniBot, has recently been identified. It targets Korean users and is incredible by using an unusual method to evade investigation and detection, notably obfuscating the Android manifest. In addition to its unique obfuscation, SoumniBot stands out for…
Unpacking the NIST cybersecurity framework 2.0
The NIST cybersecurity framework (CSF) helps organizations improve risk management using common language that focuses on business drivers to enhance cybersecurity. NIST CSF 1.0 was released in February 2014, and version 1.1 in April 2018. In February 2024, NIST released…
Miercom NGFW Security Benchmark 2024: Why It Matters for Cloud Network Security
As businesses increasingly transition to the cloud, cloud security is a top priority. Customers tell us that the greater their confidence in their cloud security, the faster they will migrate, and the more workloads they will move to the cloud.…