Category: EN

What is the threat landscape, and why should you care?

The threat landscape is the entirety of potential and identified cyber threats affecting a particular sector, group of users, time period, and so forth. It includes a wide range of threats, such as malware, phishing attacks, ransomware, and social engineering…

Read more →

The State of Maine disclosed a data breach that impacted 1.3M people

The State of Maine disclosed a data breach that impacted about 1.3 million people after an attack hit its MOVEit file transfer install. The State of Maine was the victim of the large-scale hacking campaign that targeted organizations using the MOVEit file transfer…

Read more →

Navigating Interconnections: Correlations Between the US Tech 100 Index and Major Indices

By Owais Sultan In the ever-evolving landscape of financial markets, the US Tech 100 Index, represented by the Nasdaq 100, emerges… This is a post from HackRead.com Read the original post: Navigating Interconnections: Correlations Between the US Tech 100 Index…

Read more →

Week in review: Sumo Logic breach, 7 free cyber threat maps, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Exploring the global shift towards AI-specific legislation In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving…

Read more →

Security Affairs newsletter Round 445 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Police…

Read more →

Data Privacy at the Core: Ensuring Safe Business Operations

Data privacy is an increasingly important consideration when running a business. Organizations must ensure the security and confidentiality of their customers’ data. This article provides… The post Data Privacy at the Core: Ensuring Safe Business Operations appeared first on Security…

Read more →

It’s Still Easy for Anyone to Become You at Experian

In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian…

Read more →

Police seized BulletProftLink phishing-as-a-service (PhaaS) platform

The Royal Malaysian Police announced the seizure of the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. The Royal Malaysian Police announced to have dismantled the notorious BulletProftLink phishing-as-a-service (PhaaS) platform. A joint international operation conducted by the Malaysian police, the FBI, and the Australian…

Read more →

Effluence Backdoor: A Lingering Menace in Atlassian Confluence Servers

According to current cybersecurity developments, despite intensive efforts to patch vulnerabilities in Atlassian Confluence servers, the infamous Effluence backdoor remains a persistent danger. Because of this online shell’s invisibility and the possible threats it poses to companies, security experts and…

Read more →

Here’s How to Implement Generative AI for Improved Efficiency and Innovation in Business Processes

  Global business practices are being revolutionised by generative artificial intelligence (AI). With the use of this technology, businesses can find inefficiencies, analyse patterns and trends in huge databases, and create unique solutions to challenges. In the business world of…

Read more →

From Concealed to Revealed: Dark Web Slip-Up Exposes Ransomware Mastermind

A group of researchers responded to an ad offering the opportunity to join up with a RaaS operation and found themselves attending a cybercriminal job interview held by an organization that is one of the most active threat actors in…

Read more →

Report: Retailers Face Challenges in Coping with Ransomware Attacks

  In a disconcerting revelation, a recently released report suggests that retailers are finding themselves increasingly outmatched in the ongoing battle against ransomware operators. Conducted by cybersecurity experts Sophos, the survey enlisted the perspectives of 3,000 IT and cybersecurity leaders…

Read more →

Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers

A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering campaigns. Microsoft attributed the activity to a threat actor it calls Sapphire Sleet, describing it as a “shift in…

Read more →

Serbian National Pleads Guilty For Operating a Darknet Website

After being apprehended by the US government, a Serbian citizen confessed to placing multiple orders on the Monopoly drugs market, which operates on the darknet. The individual in question has admitted to engaging in the illicit purchase of drugs through…

Read more →

Chinese APT Infrastructure Mimics Cloud Backup Services

Cambodian government entities were discovered to be targeted and compromised by Chinese APT actors. The threat actors are using the infrastructure to masquerade as a cloud backup service. The infrastructure also exhibits several malicious nature and persistent connections. China has…

Read more →

Microsoft Authenticator New Feature Blocks Malicious Notification by Default

In an age where online threats loom large, safeguarding our personal and professional accounts has never been more critical.  With hackers tirelessly attempting to breach security barriers, the need for robust identity verification methods has become paramount.  In response to…

Read more →

SysAid Ransomware: Unveiling the Zero-Day Menace

A zero-day ransomware attack has recently been reported on, affecting SysAid, a well-known provider of IT service management and help desk services. The cybersecurity community has been shaken by the occurrence, which has prompted swift response and a careful examination…

Read more →

IBM Unveils Cloud-Native QRadar SIEM to Maximize Power of SOC Professionals

IBM has recently announced the launch of its Cloud-Native SIEM solution, which is designed to enhance the scale, speed, and flexibility of security teams. With this new offering, organizations can benefit from improved threat detection and response capabilities, empowering them…

Read more →

OpenAI Reveals ChatGPT is Being Attacked by DDoS

AI organization behind ChatGPT, OpenAI, has acknowledged that distributed denial of service (DDoS) assaults are to blame for the sporadic disruptions that have plagued its main generative AI product. As per the developer’s status page, ChatGPT and its API have…

Read more →

Cyber threat intelligence: Getting on the front foot against adversaries

By collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber risk This article has been indexed from WeLiveSecurity Read the original article: Cyber threat…

Read more →

Spyware disguised as a news app – Week in security with Tony Anscombe

The Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spyware This article has been indexed from WeLiveSecurity Read the original article: Spyware…

Read more →

Canada Remembrance Day / Jour du Souvenir du Canada

<a class=” sqs-block-image-link ” href=”https://www.veterans.gc.ca/eng/remembrance”> <img alt=”” height=”2339″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/d2597b02-fbc6-4896-bf17-e2079d9be997/Canada+Remembrance+Day+Jour+du+Souvenir+du+Canada.jpeg?format=1000w” width=”1771″ /> </a><figcaption class=”image-caption-wrapper”> With Deep Respect We Honor Our Canadian Allies, Family And Friends On This Remembrance Day 2023 / Avec un profond respect, nous honorons nos alliés canadiens, notre…

Read more →

2023 United States Veteran’s Day

<img alt=”” height=”800″ src=”https://images.squarespace-cdn.com/content/v1/5355d604e4b03c3e9896e131/902dc390-59c6-49cb-80d0-424c8e079c42/2023+Veterans+Day+Poster.jpg?format=1000w” width=”600″ /><figcaption class=”image-caption-wrapper”> The Veterans Day National Committee (VDNC) chose the winner of this years’ 2023 Veteran’s Day Poster Contest (in a 2023 mid-year time frame). The winner was chosen, and Gene Russell, a VA employee,…

Read more →

Serbian pleads guilty to running ‘Monopoly’ dark web drug market

The Serbian citizen Milomir Desnica (33) has pleaded guilty to running the dark web Monopoly drug marketplace. Milomir Desnica, a 33-year-old Serbian citizen, admited to being responsible for operating the illicit Monopoly drug marketplace on the dark web. The man…

Read more →

NordVPN Review 2023: Comprehensive Security for Your Business

NordVPN and Its Importance in 2023 Digital threats are evolving at an unprecedented rate. Thus, the importance of robust cybersecurity measures for modern businesses cannot be overstated. Among the plethora of tools at a company’s disposal, Virtual Private Networks (VPNs)…

Read more →

Mullvad’s public encrypted DNS Servers run in RAM now

Sweden-based VPN provider Mullvad announced today that its public encrypted DNS servers run fully in RAM. The announcement comes less than two months after Mullvad completed the migration of its VPN infrastructure […] Thank you for being a Ghacks reader.…

Read more →

Hackers Leaks Scraped LinkedIn Data of 35 Million Users

Threat actors have recently leaked personal information of over 35 million online users, by illicitly accessing a LinkedIn database. Apparently, the hackers are operating under the name ‘USDOD.’ The database, on the other hand, has been released in a popular…

Read more →

Improper Authorization in Confluence Data Center and Server (CVE-2023-22518)

In early November, the cybersecurity community witnessed the exploitation of a zero-day vulnerability in Confluence Data Center and Server. This critical vulnerability was related to Improper Authorization and assigned CVE-2023-22518 identifier. In this blog, we delve into the details of…

Read more →

Remote Work Warriors: Essential Security Essentials

In the era of remote work, a key concern is that of security. Without the same physical controls in place as with on-site operations, organizations… The post Remote Work Warriors: Essential Security Essentials appeared first on Security Zap. This article…

Read more →

Intel Faces ‘Downfall’ Bug Lawsuit, Seeking $10K per Plaintiff

A class action suit claims Intel knowingly sold billions of faulty chips for years. The outcome could help define where poor vulnerability remediation becomes outright negligence. This article has been indexed from Dark Reading Read the original article: Intel Faces…

Read more →

Senate Leaders Plan to Prolong NSA Surveillance Using a Must-Pass Bill

Top senate officials are planning to save the Section 702 surveillance program by attaching it to a must-pass piece of legislation. Critics worry a chance to pass privacy reforms will be missed. This article has been indexed from Security Latest…

Read more →

Maine government says data breach affects 1.3 million people

The government of Maine has confirmed over a million individuals had personal information stolen in a data breach earlier this year by a Russia-linked ransomware gang. In a statement published Thursday, the Maine government said hackers exploited a vulnerability in…

Read more →

Friday Squid Blogging: The History and Morality of US Squid Consumption

Really interesting article. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. This article has been indexed from Schneier on Security…

Read more →

IBM to Bring AI to Cloud-Native SIEM Platform

IBM will add watsonx generative AI capabilities to its security information event management (SIEM) platform early next year. The post IBM to Bring AI to Cloud-Native SIEM Platform appeared first on Security Boulevard. This article has been indexed from Security…

Read more →

The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure

US government officials continue to warn that the public and private sectors need to identify and root out China-backed attackers lurking in industrial control systems. This article has been indexed from Security Latest Read the original article: The NSA Seems…

Read more →

Senate Leaders Are Trying to Extend a Controversial NSA Surveillance Program

Top senate officials are planning to save the Section 702 surveillance program by attaching it to a must-pass piece of legislation. Critics worry a chance to pass privacy reforms will be missed. This article has been indexed from Security Latest…

Read more →

Experts discuss demonstrating the value of digital ID, acknowledging concerns, barriers to adoption, and more at EXCITE

The fact that people have privacy and security concerns around the idea of a digital government is valid and should be acknowledged, said industry heavyweights at the EXCITE fall summit. Public and private sector technologists should consider whether they are…

Read more →

Toronto Public Library says ‘sensitive’ information may have been copied

Toronto’s public library system now says “sensitive information” may have been copied by the ransomware gang that hit the institution. “Based on the ongoing investigation, we have now determined that sensitive data may have been exposed,” the municipal library says…

Read more →

McLaren Health Care revealed that a data breach impacted 2.2 million people

McLaren Health Care (McLaren) experienced a data breach that compromised the sensitive personal information of approximately 2.2 million individuals. McLaren Health Care (McLaren) disclosed a data breach that occurred between late July and August. The security breach exposed the sensitive…

Read more →

Cyber Security Today, Week in Review for the week ending Friday, Nov. 10, 2023

This episode discusses Okta’s explanation of a hack, Cloudflare’s explanation of a power outag This article has been indexed from IT World Canada Read the original article: Cyber Security Today, Week in Review for the week ending Friday, Nov. 10,…

Read more →

‘CitrixBleed’ Linked to Ransomware Hit on China’s State-Owned Bank

Meanwhile, CISA joins the call to patch CVE-2023-4966 immediately amid reports of mass-exploit activity; at least 5,000 orgs remain exposed. This article has been indexed from Dark Reading Read the original article: ‘CitrixBleed’ Linked to Ransomware Hit on China’s State-Owned…

Read more →

State of Maine Becomes Latest MOVEit Victim to Surface

The state said 1.3 million individuals have been affected by this breach, which includes Social Security numbers and taxpayer information. This article has been indexed from Dark Reading Read the original article: State of Maine Becomes Latest MOVEit Victim to…

Read more →

OpenAI: DDoS Attack the Cause of ChatGPT Outages

The outages that dogged OpenAI’s popular ChatGPT generative AI chatbot this week were caused by a distributed denial-of-service attack that has since been resolved, according to the company. The AI tech vendor reported a major outage across ChatGPT and its…

Read more →

Sapphire Sleet Hackers Attacking LinkedIn Users Based on Their Expertise

In a recent development, cybersecurity experts have identified a significant shift in the tactics employed by Sapphire Sleet, a notorious threat actor known for cryptocurrency theft through social engineering.  Microsoft’s threat intelligence team has been closely monitoring Sapphire Sleet, a…

Read more →

‘Shields Ready’ Critical Infrastructure Initiative Addresses Inevitable Cyberattacks

A cyberattack is coming, disasters are certain, and the US government wants critical infrastructure firms ready to handle any disruption. Welcome to Shields Ready. This article has been indexed from Dark Reading Read the original article: ‘Shields Ready’ Critical Infrastructure…

Read more →

Poloniex crypto-exchange offers 5% cut to thieves if they return that $120M they nicked

White hat bounty looks more like a beg bounty The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of user funds from the cryptocurrency exchange in a raid on Friday.… This article…

Read more →

Leaky DICOM Medical Standard Exposes Millions of Patient Records

A 30-year-old, rarely updated protocol for medical devices has exposed reams of highly personal data, thanks to a lack of proper security throughout owner environments. This article has been indexed from Dark Reading Read the original article: Leaky DICOM Medical…

Read more →

ChatGPT: OpenAI Attributes Regular Outages to DDoS Attacks

ChatGPT and the associated APIs have been affected by regular outages, citing DDoS attacks as the reason — the Anonymous Sudan group claimed responsibility. This article has been indexed from Dark Reading Read the original article: ChatGPT: OpenAI Attributes Regular…

Read more →

‘Shields Ready’ Critical Infrastructure Initiative Addresses Inevitable Cyberattack

A cyberattack is coming, disasters are certain, and the US government wants critical infrastructure firms ready to handle any disruption. Welcome to Shields Ready. This article has been indexed from Dark Reading Read the original article: ‘Shields Ready’ Critical Infrastructure…

Read more →

World’s Largest Bank ICBC Discloses Crippling Ransomware Attack

By Deeba Ahmed Reportedly, it was a ransomware attack orchestrated by the notorious LockBit gang. This is a post from HackRead.com Read the original post: World’s Largest Bank ICBC Discloses Crippling Ransomware Attack This article has been indexed from Hackread…

Read more →

Advancing IoT Security: IoT Security Analytics Tools

The advent of the Internet of Things (IoT) has ushered in a new era of connectivity, revolutionizing various sectors, including homes, industries, and urban areas. However, this widespread connectivity also brings about significant security challenges, necessitating robust threat detection and…

Read more →

World’s Biggest Bank Hacked: ICBC Walks Trades on USBs

Plan B is sneakernet: After Industrial and Commercial Bank of China ransomware attack, U.S. Treasury trades settled by bike messengers with flash drives. The post World’s Biggest Bank Hacked: ICBC Walks Trades on USBs appeared first on Security Boulevard. This article…

Read more →

Microsoft: Iran’s Cyberattacks on Israel Exaggerated & Fabricated

Despite claims to the contrary, Iranian cyberattackers have been less strategic and more opportunistic over the last month as the Israel-Hamas war continues. This article has been indexed from Dark Reading Read the original article: Microsoft: Iran’s Cyberattacks on Israel…

Read more →

In Other News: EU Government Surveillance, Rewards for Iranian Hackers, Evolution of Chinese Spying

Noteworthy stories that might have slipped under the radar: EU regulation enables government surveillance, US offering rewards for Iranian hackers, evolution of Chinese spying.  The post In Other News: EU Government Surveillance, Rewards for Iranian Hackers, Evolution of Chinese Spying…

Read more →

Cavelo Raises CA$5 Million for Attack Surface Management Platform

Cavelo has raised CA$5 million (~US$3.6 million USD) to help organizations comply with data protection regulations. The post Cavelo Raises CA$5 Million for Attack Surface Management Platform appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed…

Read more →

GitHub Universe: Open Source Trends Report and New AI Security Products

GitHub Advanced Security gains AI features, and GitHub Copilot now includes a chatbot option. GitHub Copilot Enterprise is expected in February 2024. This article has been indexed from Security | TechRepublic Read the original article: GitHub Universe: Open Source Trends…

Read more →

S.T.O.P.: Putting a Check on Unchecked Local N.Y. Government Surveillance

< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> Recently I got the chance to speak with longtime Electronic Frontier Alliance member Surveillance Technology Oversight Project (S.T.O.P.). They’ve got a new Advocacy Manager, Kat Phan, and exciting projects are coming…

Read more →

Strangely enough, no one wants to buy a ransomware group that has cops’ attention

Ransomed.vc shuts after 20% discount fails to entice bids Short-lived ransomware outfit Ransomed.vc claims to have shut down for good after a number of suspected arrests.… This article has been indexed from The Register – Security Read the original article:…

Read more →

Cyber Attack news headlines trending on Google

The Washington State Transportation website and its mobile app experienced a disruption due to a sophisticated cyber attack earlier this week. According to information shared on the X, WSDOT ferry vessel watch social media platform, both online freight services and…

Read more →

After ChatGPT, Anonymous Sudan took down the Cloudflare website

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. Cloudflare confirmed that a DDoS attack…

Read more →

France, UK Seek Greater Regulation of Commercial Spyware

France and the UK are calling for greater regulation of commercial surveillance software in the wake of recent Pegasus and Predator spyware scandals. The post France, UK Seek Greater Regulation of Commercial Spyware    appeared first on SecurityWeek. This article has…

Read more →

Intel Sued Over ‘Downfall’ CPU Vulnerability

A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall. The post Intel Sued Over ‘Downfall’ CPU Vulnerability  appeared first on SecurityWeek. This article has been indexed from…

Read more →

What is the Diamond Model of Intrusion Analysis – And How to Use the Framework

The Diamond Model of Intrusion Analysis is a framework used in cybersecurity to analyze and understand cyber threats and intrusion events. It provides a structured way to break down and analyze cyber incidents, helping security professionals and incident responders to…

Read more →

SysAid IT Service Software 0-day Exploited to Deploy Cl0p Ransomware

SysAid On-Prem software has been reported with a 0-day vulnerability determined during an incident response investigation. According to Microsoft, attackers are exploiting this zero-day vulnerability to infiltrate corporate servers, to steal sensitive data and deploy the notorious Clop ransomware. This…

Read more →

Sapphire Sleet Hackers Attacking Linkedin Users Based on their Expertise

In a recent development, cybersecurity experts have identified a significant shift in the tactics employed by Sapphire Sleet, a notorious threat actor known for cryptocurrency theft through social engineering.  Microsoft’s threat intelligence team has been closely monitoring Sapphire Sleet, a…

Read more →

Cybersecurity Workforce Facing Critical Shortfall, AI Adoption Could Help

The global cybersecurity workforce gap has increased, and most cybersecurity pros said they had skills gaps in their organization. The post Cybersecurity Workforce Facing Critical Shortfall, AI Adoption Could Help appeared first on Security Boulevard. This article has been indexed…

Read more →

SentinelOne integrates with Snyk for end-to-end app security

SentinelOne has partnered with Snyk to unveil the integration of SentinelOne’s Singularity Cloud Workload Security with the Snyk Developer Security Platform. The integration will correlate the cloud runtime threat detections identified by SentinelOne with vulnerabilities found by Snyk in container…

Read more →

Debunking the Myth of “Anonymous” Data

< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> Today, almost everything about our lives is digitally recorded and stored somewhere. Each credit card purchase, personal medical diagnosis, and preference about music and books is recorded…

Read more →

Marna Bay Sands: Data of 665,000 Customers Hacked by Unknown Third Party

  Singapore is renowned for maintaining stringent cybersecurity and data protection standards in the region. Companies in the country are keenly aware of their responsibility to safeguard cybersecurity, particularly concerning data privacy. In the event of cybersecurity incidents, organizations promptly…

Read more →

Japan Aviation Electronics Hit by Cyberattack: Servers Accessed in Security Breach

  A cyberattack orchestrated by the notorious ALPHV ransomware group has been reported as a direct result of the catastrophic impact on the Japanese Aviation Electronics Industry (JAE). The BlackCat hackers have also been blamed for the attack.  It was…

Read more →

Genetic Data Security Strengthened with Two-Factor Authentication

Data security is a major worry in this era of digitization, particularly with regard to sensitive data like genetic information. Major genetic testing companies have recently strengthened the security of their users’ data by making two-factor authentication (2FA) the standard…

Read more →

Check Point Honors U.S. Active Military and Veterans with Launch of Employee Resource Group (ERG)

Check Point is proud to unveil its new U.S. Active Military, Veterans, and Allies Employee Resource Group (ERG), a valuable resource for all US employees – veterans and non-veterans alike. This initiative signifies more than a corporate addition, as it…

Read more →

Data Posture Management in Action: Meet the New Check Point CloudGuard

Traditionally, securing sensitive data begins with scanning your environment and classifying the data, allowing you to pinpoint where sensitive information resides. This audit process instills confidence by enabling you to establish policies to prevent data breaches. However, it is crucial…

Read more →