By Milica D. Djekic The security of the Internet of Things (IoT) is one of the main challenges of today. Many IoT assets could get an easy target to cyber […] The post How To Improve Security Capacities of The…
Category: EN
Russian TrickBot Malware Developer Sentenced to Prison in US
Vladimir Dunaev sentenced to 5 years in prison after admitting to participating in the development and distribution of the TrickBot malware. The post Russian TrickBot Malware Developer Sentenced to Prison in US appeared first on SecurityWeek. This article has been…
Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware
The China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan. The post Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS…
Critical Jenkins Vulnerability Leads to Remote Code Execution
A critical vulnerability in Jenkins’ built-in CLI allows remote attackers to obtain cryptographic keys and execute arbitrary code. The post Critical Jenkins Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS…
Perfecting the Defense-in-Depth Strategy with Automation
Medieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is the…
Weekly Blog Wrap-Up (January 22- January 25, 2023)
Welcome to the TuxCare Weekly Blog Wrap-Up – your go-to resource for the latest insights on cybersecurity strategy, Linux security, and how to simplify the way your organization protects its data and customers. At TuxCare, we understand the importance of…
What are the Common Security Challenges CISOs Face?
Chief Information Security Officers (CISOs) hold a critical and challenging role in today’s rapidly evolving cybersecurity landscape. Here are the common security challenges CISOs face. As organizations increasingly rely on technology to drive their operations, CISOs face complex security challenges…
Chinese Hackers Hijack Software Updates to Install Malware Since 2005
In order to obtain unauthorized access and control, hackers take advantage of software vulnerabilities by manipulating updates. By corrupting the updates, hackers can disseminate malware, compromise user data, and build backdoors for future attacks. This enables hackers to compromise a…
Watch out, experts warn of a critical flaw in Jenkins
Jenkins maintainers addressed several security vulnerabilities, including a critical remote code execution (RCE) flaw. Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community. The automation server supports developers build, test and deploy…
GitLab Arbitrary File Write Vulnerability (CVE-2024-0402) Alert
Overview Recently, NSFOCUS CERT detected that GitLab officially released a security announcement and fixed an arbitrary file write vulnerability (CVE-2024-0402) in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to path traversal issues, authenticated attackers can copy files to…
Collaboration Achievement: NSFOCUS and China University of Geosciences Article Secures Spotlight in Acclaimed Journal TIFS
In a recent achievement, the paper BABD: A Bitcoin Address Behavior Dataset for Pattern Analysis, a collaboration between the NSFOCUS research team and Professor Ren Wei’s team at the Computer School of China University of Geosciences, has been featured in…
Malicious Ads on Google Target Chinese Users with Fake Messaging Apps
Chinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. “The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where…
Data Privacy Week: Companies are Banning Generative AI Due to Privacy Risks
Cisco found that privacy and data security risks have led to over a quarter of organizations banning generative AI, at least temporarily, while a majority have instituted controls This article has been indexed from www.infosecurity-magazine.com Read the original article: Data…
Nozomi Unveils Wireless Security Sensor for OT, IoT Environments
Nozomi Networks extends its offering with Guardian Air, a security sensor designed to help organizations detect wireless threats in OT and IoT. The post Nozomi Unveils Wireless Security Sensor for OT, IoT Environments appeared first on SecurityWeek. This article has…
Guide: The Best Cybersecurity Conferences and Events of 2024
There is no doubt that our world has never seen as much data as what… The post Guide: The Best Cybersecurity Conferences and Events of 2024 appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read…
Pwn2Own Automotive 2024 Day 2 – Tesla hacked again
Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team (@Synacktiv) compromised the Tesla infotainment system on the second day of the Pwn2Own Automotive…
Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive
Participants have earned more than $1.3 million for hacking Teslas, EV chargers and infotainment systems at Pwn2Own Automotive. The post Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive appeared first on SecurityWeek. This article has been…
Everything you need to know about the SEC Form 8-K
You may have heard more about the SEC Form 8-K recently due to changes that went into effect on Dec 16, 2023. From the SEC’s press release: The new rules will require registrants to disclose on the new Item 1.05…
Controversy Surrounds TFL’s Alleged Data Fraud and Hefty Penalties
Citizens residing in the European Union are facing challenges in settling fines sent by Transport for London (TFL), with penalties ranging from £1000 to £6000 or more. The concern lies not only in the imposed fines but also in the…
Top 10 Ways to Avoid Cybersecurity Misconfigurations
In the ever-evolving landscape of digital threats, cybersecurity mis-configurations have emerged as a significant vulnerability that can expose organizations to serious risks. Ensuring the security of your systems and networks requires proactive measures to prevent misconfigurations. Here are the top…