Cybersecurity professionals stand on the frontlines, ever-vigilant against an increasing tide of cyber threats. From protecting sensitive corporate data to safeguarding our personal information, the battle against cybercrime is ongoing. In today’s digital era, cybercriminals are becoming more sophisticated and…
Category: EN
Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)
CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability…
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
The stealer malware known as LummaC2 (aka Lumma Stealer) now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to “delay detonation of the sample…
Why Defenders Should Embrace a Hacker Mindset
Today’s security leaders must manage a constantly evolving attack surface and a dynamic threat environment due to interconnected devices, cloud services, IoT technologies, and hybrid work environments. Adversaries are constantly introducing new attack techniques, and not all companies have internal…
Understanding the UK government’s new cybersecurity regime, GovAssure
With the ever-growing threat of cyberattacks on the UK government and Critical National Infrastructure cyber safety matters more than ever. With the rising tide of ever-resent threat in mind, GovAssure was launched by the UK government in April 2023. It’s…
Resecurity partners with University of Jeddah to improve cybersecurity education
Resecurity announced a strategic partnership with University of Jeddah, one of the leaders in higher education in the Kingdom of Saudi Arabia, to further strengthen the country’s cybersecurity talent pipeline and facilitate capacity building programs for academia. This landmark partnership…
Navigating the Waters of AI: Safeguarding Against Data Security Risks
In the era of rapid technological advancement, artificial intelligence (AI) has emerged as a powerful tool with transformative potential across various industries. While AI brings unprecedented opportunities, it also introduces new challenges, particularly in the realm of data security. As…
K-12 Schools Improve Protection Against Online Attacks, but Many Are Vulnerable to Ransomware Gangs
Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. The post K-12 Schools Improve…
US Announces $70 Million Cybersecurity Boost for Rural, Municipal Utilities
The US Department of Energy is offering $70 million in funding to improve the cybersecurity of rural and municipal utilities. The post US Announces $70 Million Cybersecurity Boost for Rural, Municipal Utilities appeared first on SecurityWeek. This article has been…
250 Organizations Take Part in Electrical Grid Security Exercise
Over 250 organizations take part in GridEx VII, the largest North American exercise focusing on the security of the electrical grid. The post 250 Organizations Take Part in Electrical Grid Security Exercise appeared first on SecurityWeek. This article has been…
How are Crypto Phishing Scams Done, and How Do You Avoid Them?
Crypto phishing scams are fraudulent activities designed to steal your cryptocurrency assets, typically by tricking you into revealing your private keys or sending your cryptocurrencies to the scammer’s wallet. These scams often involve deception, social engineering, and manipulation. Here’s how…
DarkGate Internals
Introduction & Objectives DarkGate is sold as Malware-as-a-Service (MaaS) on various cybercrime forums by RastaFarEye persona, in the past months it has been used by multiple threat actors such as TA577 and Ducktail. DarkGate is a loader with RAT capabilities…
Now a Stock Market business hires hackers
Six Group, a technology firm responsible for securing the operations of Spanish and Swiss Bourses, is actively recruiting hackers to counter sophisticated attempts to breach its network. The motivation behind hiring these cybersecurity experts is to gain insights into the…
Ransomware group wants to partner up with government, files SEC complaint against its victim
Cyber gangs cross a new milestone Cyber gangs just crossed a milestone – they have started filing complaints with the US Securities and Exchange Commission… The post Ransomware group wants to partner up with government, files SEC complaint against its…
Secretary Fined For Accessing Scores of Patient Records
NHS worker broke strict rules governing the special category data This article has been indexed from www.infosecurity-magazine.com Read the original article: Secretary Fined For Accessing Scores of Patient Records
Shear Takes Over As OpenAI Interim Chief, Promises Independent Probe
Twitch co-founder Emmett Shear takes over as OpenAI interim chief executive after failed talks to bring back ousted Sam Altman This article has been indexed from Silicon UK Read the original article: Shear Takes Over As OpenAI Interim Chief, Promises…
Change Variance: How Tiny Differences Can Impact Your IT World
In the vast and ever-evolving universe of information technology, there’s one constant: change (that and cliches about constants!). Servers, systems, and software – they all get updated and modified. But, have you ever stopped to consider how even tiny differences…
Phishing Trends Examined by the SANS Institute
Earlier this year, the SANS Institute published a blog exploring emerging phishing trends. This kind of research is an invaluable resource for all individuals and organizations looking to identify and rebuff phishing attacks. In this article, we’ll cover some of…
The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season
As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023. This article has been indexed from Securelist Read the original article: The dark side of Black Friday:…
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
Bitcoin wallets created between 2011 and 2015 are susceptible to a new kind of exploit called Randstorm that makes it possible to recover passwords and gain unauthorized access to a multitude of wallets spanning several blockchain platforms. “Randstorm() is a term we…