Security Onion Solutions has recently rolled out the latest version of its network security monitoring tool, Security Onion 2.4.50. This updated version comes equipped with an array of new features and bug fixes, making it an even more critical tool…
Category: EN
Six things we learned from the LockBit takedown
A sweeping law enforcement operation led by the U.K.’s National Crime Agency this week took down LockBit, the notorious Russia-linked ransomware gang that has for years wreaked havoc on businesses, hospitals, and governments around the world. The action saw LockBit’s…
Attackers Quick to Weaponize CVE-2023-22527 for Malware Delivery
On January 16, 2024, Atlassian disclosed a critical vulnerability affecting Confluence Data Center and Confluence Server, tracked as CVE-2023-22527. The vulnerability is an unauthenticated OGNL injection bug, allowing unauthenticated attackers to execute Java expressions, invoke methods, navigate object relationships, and…
Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment,…
NCSC Sounds Alarm Over Private Branch Exchange Attacks
The UK’s National Cyber Security Centre has produced new guidance for smaller firms on PBX attacks This article has been indexed from www.infosecurity-magazine.com Read the original article: NCSC Sounds Alarm Over Private Branch Exchange Attacks
Following in Mitre’s footsteps and malware behavior
The MITRE framework helps all defenders speak the same language regarding attackers’ modus operandi. VirusTotal provides multiple data points where MITRE’s Tactics and Techniques are dynamically extracted from samples when detonated in our sandboxes. In particular, samples’ MITRE mapping can…
Building Customer Trust through Transparent Safety and Security Practices
Last year, the Securities and Exchange Commission adopted rules on cybersecurity risk management that focused on transparency. Much of the adopted rules were focused on investors, but the rules also underscored the importance of the impact to customers when cybersecurity…
Cybersecurity Trends in 2024: 5 Key Areas to Follow
As we are well into 2024 now, we at Fortra want to continue our commitment to empowering you all with the knowledge and tools needed to protect you, your organization, and even your family. This year, we will be looking…
Attacker Breakout Time Falls to Just One Hour
It now takes threat actors on average just 62 minutes to move laterally from initial access, Crowdstrike claims This article has been indexed from www.infosecurity-magazine.com Read the original article: Attacker Breakout Time Falls to Just One Hour
Silicon In Focus Podcast: Connectivity in Orbit
Welcome to the Silicon In Focus Podcast, where we bring you the latest insights and discussions at the intersection of technology and innovation. In today’s episode, we’re diving into the fascinating world of 5G satellite communications. This article has been…
Orgs are having a major identity crisis while crims reap the rewards
Hacking your way in is so 2022 – logging in is much easier Identity-related threats pose an increasing risk to those protecting networks because attackers – ranging from financially motivated crime gangs and nation-state backed crews – increasingly prefer to…
A common goal for European cyber security
Complying with the EU’s NIS2 Directive Webinar It was growing threat levels and an increase in reported cybersecurity attacks since digitalization which pushed the European Union to introduce the original Network and Information Security (NIS) Directive in 2016.… This article…
Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private
End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your…
New ‘VietCredCare’ Stealer Targeting Facebook Advertisers in Vietnam
Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess…
2024’s Cyber Battleground Unveiled: Escalating Ransomware Epidemic, the Evolution of Cyber Warfare Tactics and strategic use of AI in defense – Insights from Check Point’s Latest Security Report
Key Takeaways: · Rising Threats: Cybersecurity landscape faces an unprecedented surge in ransomware attacks, with 1 in every 10 organizations globally being targeted in 2023. · Evolution of Tactics: Adversaries exploit zero-day vulnerabilities, employ disruptive wipers, utlise emerging RaaS (Ransomware-as-a-Service)…
Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers
Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The vulnerability CVE-2024-21410 is a bypass vulnerability that can be exploited by an attacker to bypass the SmartScreen user experience and inject code to potentially gain…
VMware Urges to Remove Enhanced EAP Plugin to Stop Auth & Session Hijack Attacks
VMware has issued an urgent advisory to administrators to remove a deprecated authentication plugin vulnerable to severe security threats. The Enhanced Authentication Plugin (EAP), which provided seamless login capabilities to vSphere’s management interfaces, is susceptible to authentication relay and session…
Hybrid Mesh and the Check Point Infinity Platform
Gartner has recently recognized Check Point as a Representative Vendor for Hybrid Mesh Firewall Platforms (“Hybrid Mesh”). This blog explores what hybrid mesh is and how the Check Point Infinity Platform delivers on the promise of a cyber security strategy…
Europe’s data protection laws cut data storage by making information-wrangling pricier
GDPR also slashed processing costs by over a quarter Europe’s General Data Protection Regulation (GDPR) has led European firms to store and process less data, recent economic research suggests, because the privacy rules are making data more costly to manage.……
Quebec Law 25: All You Need to Know
Quebec Law 25 regulates how companies operating in Quebec manage people’s data. Read here on the law’s key requirements and how to comply. The post Quebec Law 25: All You Need to Know appeared first on Scytale. The post Quebec…