Sophos claims more victims are taking longer to recover This article has been indexed from www.infosecurity-magazine.com Read the original article: Three-Quarters of Retail Ransomware Attacks End in Encryption
Category: EN
Royal Mail jeopardizes users with open redirect flaw
Royal Mail has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of…
Preventing data theft with ADX technology
Ensuring data stays secure even after cyberattack infiltration Webinar Daily incursions are underway with the aim of removing every bit of data that you’ve got – the cyber criminals’ aim is to break in and get out again laden with…
Firefox and Chrome Updates Patch High-Severity Vulnerabilities
Mozilla and Google have recently released important security updates for their web browsers, Firefox and Chrome. These updates include patches for several vulnerabilities, including some potentially harmful memory safety bugs. First, let’s talk about Firefox. Mozilla unveiled Firefox version 119,…
Avoiding Common Linux Configuration Mistakes that Lead to Security Vulnerabilities
The robust security features of Linux make it the preferable choice for many enterprises. However, like any other operating system, security vulnerabilities can occur in Linux due to misconfigurations. These vulnerabilities may expose your system to potential risks, making it…
New TuxCare Partner Program Arms System Integrators with Modernized Linux Security Offerings
PALO ALTO, Calif. – November 8, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it debuted a new partner program aimed at helping system integrators offer the latest tools for modernizing their customers’ Linux security…
NextGen’s Vulnerability: Protecting Healthcare Data
In the realm of healthcare, the security and integrity of patient data are paramount. However, a recent discovery has shed light on a critical vulnerability within Mirth Connect, an open-source data integration platform by NextGen HealthCare. NextGen’s vulnerability, identified as…
Marina Bay Sands breach exposed data of 665,000 customers
Singapore-based luxury resort and casino Marina Bay Sands has suffered a data breach that exposed data of 665,000 non-casino rewards program members. The Marina Bay Sands data breach “Marina Bay Sands became aware of a data security incident on 20…
Webinar: Kickstarting Your SaaS Security Strategy & Program
SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so…
Threat Actor Farnetwork Linked to Five Ransomware Schemes
Group-IB lifts the lid on prolific cyber-criminal This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Farnetwork Linked to Five Ransomware Schemes
North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz
The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts…
Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections
EFF warns incoming rules may return web ‘to the dark ages of 2011’ Lawmakers in Europe are expected to adopt digital identity rules that civil society groups say will make the internet less secure and open up citizens to online…
Experts Expose Farnetwork’s Ransomware-as-a-Service Business Model
Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities. Singapore-headquartered Group-IB, which attempted to infiltrate a private RaaS program that…
Fresh Optus Australia server disruption not caused by a Cyber Attack
Optus, the Australian counterpart of Singapore Telecommunications, faced a significant disruption on Wednesday, leading to widespread service outages affecting millions of customers. While some initially speculated that the outage was the result of a national emergency or a state-sponsored attack,…
The 3 key stages of ransomware attacks and useful indicators of compromise
For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary ransomware attack stages. In this article, we will dive into those…
eBPF Kubernetes Security Tool Tetragon Improves Performance and Stability
Isovalent has announced the 1.0 release of Cilium Tetragon, their eBPF-based Kubernetes security observability and runtime enforcement tool. Policies and filters can be applied directly via eBPF to monitor process execution, privilege escalations, and file and network activity. Tetragon can…
Iranian APT Hackers Attacking Education & Tech Sectors to Steal Sensitive Data
Cybersecurity researchers link attackers to the Iranian-backed APT group “Agonizing Serpens,” which has upgraded its capabilities and uses various tools to bypass security measures. Hackers target and steal sensitive data for various reasons, including: They may sell the stolen data…
Aqua Trivy open-source security scanner now finds Kubernetes security risks
The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk. “Aqua Trivy…
AI-assisted coding and its impact on developers
The emergence of AI has put into question the roles of software developers everywhere. In this Help Net Security video, Cat Hicks, VP of Research Insights at Pluralsight, discusses pressing questions that engineering organizations face regarding the rapidly-changing possibilities of…
Chinese APT Targeting Cambodian Government
Cambodian government entities were targeted by a Chinese APT masquerading as cloud backup services. Our findings include C2 infrastructure and more. The post Chinese APT Targeting Cambodian Government appeared first on Unit 42. This article has been indexed from Unit…