In a recent analysis, MQsTTang, a newly designed custom backdoor, has been scrutinized by ESET researchers. After a thorough investigation, the source of this malware has been attributed to the infamous Mustang Panda APT group by the experts. Tracing back…
OneTrust Certification Automation helps businesses transcend traditional compliance barriers
OneTrust introduces OneTrust Certification Automation to the OneTrust ecosystem to help organizations navigate the complex and evolving regulatory landscape. OneTrust Certification Automation brings together automation, pre-built policies, and controls for 29 industry frameworks, over 100 integrations, and tailored guidance from…
iD Tech – 415,121 breached accounts
In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates of birth and plain text passwords which appear to have…
Where are the women in cyber security? On the dark side, study suggests
Also, Royal ransomware metastasizes to other critical sectors, and this week’s critical vulnerabilities In Brief If you can’t join them, then you may as well try to beat them – at least if you’re a talented security engineer looking for…
Understanding Academic Software Solutions
By Owais Sultan Academic software allows educators to manage to learn and evaluate progress. Most educational institutions are already on their… This is a post from HackRead.com Read the original post: Understanding Academic Software Solutions This article has been indexed…
A Privacy Hero’s Final Wish: An Institute to Redirect AI’s Future
Peter Eckersley did groundbreaking work to encrypt the web. After his sudden death, a new organization he founded is carrying out his vision to steer artificial intelligence toward “human flourishing.” This article has been indexed from Security Latest Read the…
IT Security News Weekly Summary – Week 09
IT Security News Daily Summary 2023-03-05 Credential Stuffing attack on Chick-fil-A impacted +71K users How to avoid billion-dollar fines due to unsecured messaging apps New CISO appointments, February 2023 Iron Tiger updates malware to target Linux platform BrandPost: It’s Time…
IT Security News Daily Summary 2023-03-05
Credential Stuffing attack on Chick-fil-A impacted +71K users How to avoid billion-dollar fines due to unsecured messaging apps New CISO appointments, February 2023 Iron Tiger updates malware to target Linux platform BrandPost: It’s Time to Create More Opportunities for Women…
Credential Stuffing attack on Chick-fil-A impacted +71K users
American fast-food restaurant chain Chick-fil-A reported that the accounts of over 71K users were compromised as a result of a credential stuffing campaign. The American fast-food restaurant chain Chick-fil-A notified over 71K users that their accounts have been compromised in…
How to avoid billion-dollar fines due to unsecured messaging apps
End-to-end encryption is one key to securing an enterprise’s internal messaging. Read about encryption and other essentials here. This article has been indexed from Security News | VentureBeat Read the original article: How to avoid billion-dollar fines due to unsecured…
New CISO appointments, February 2023
The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the…
Iron Tiger updates malware to target Linux platform
Iron Tiger, an advanced persistent threat (APT) group, has updated their SysUpdate malware to include new features and add malware infection support for the Linux platform, according to a report by Trend Micro. The earliest sample of this version was…
BrandPost: It’s Time to Create More Opportunities for Women in Cybersecurity
Undoubtedly, our industry needs to create more initiatives to attract a more diverse group of professionals—including women—to STEM-focused careers like cybersecurity. While we’ve collectively made some progress on this front, a great deal of work still needs to be done…
HPE to acquire Axis Security to deliver a unified SASE offering
Hewlett Packard Enterprise has agreed to buy cloud security services provider Axis Security, its third acquistion since January, to deliver a unified secure access service edge (SASE) offering. The acquisition is aimed at incorporating the Axis security service edge (SSE)…
Dubai’s Crypto Industry Introduces New Licensing Regulations
The crypto industry in Dubai is witnessing a huge breakthrough since the jurisdiction has recently come up with its new crypto regulatory framework, apparently providing individuals with a concrete licensing regime for their digital asset issues and service vendors. The…
A GoAnywhere MFT hack Exposes Hatch Bank’s Data Breach
Hackers exploited a zero-day vulnerability in Hatch Bank’s internal file transfer software, allowing access to thousands of Social Security numbers from customers, according to Hatch Bank, a digital-first bank that provides infrastructure for fintech companies offering their brand credit…
Crypto Scammer Monkey Drainer Shuts Down Criminal Operations
Cyber threats are not new in the crypto space. The industry has been witnessing advanced cyber security attacks since its inception and even recorded more during the 2022 crypto winter, especially in the DeFi Sector. According to Yahoo Finance, the…
For Your Mid to Large-Sized Firm, Here Are Four Best Cybersecurity Practices
As technology advances and becomes more sophisticated, cybercriminals continue to look for new ways to take advantage of enterprises. A cyber attack could result in financial loss, loss of reputation, and legal repercussions, among other catastrophic and permanent harms.…
Digital Resignation is Initial Stage of Safeguarding Privacy Online
Several internet businesses gather and use our personal information in exchange for access to their digital goods and services. With the use of that data, they can forecast and affect our behavior in the future. Recommendation algorithms, targeted marketing,…
Browser Security report reveals major online security threats
LayerX has published its annual browser security report in which the company highlights the most prominent browser security risks of 2022. The report includes predictions and recommendations for 2023 as well. The […] Thank you for being a Ghacks reader.…
Beware of Bot Malware: Understanding the Dangers and How to Protect Your Computer
How Bot Malware Spreads and Infects Your Computer Bot malware, also known as botnet malware, is a type of malicious software designed to create a network of infected computers or “bots” that can be remotely controlled by a hacker. These…
Best Ways To Change Your Password On A Chromebook
Passwords are the keys to our security on the internet, and thus mustn’t be taken for granted. Thanks to browsers’ options, our passwords can be easily saved, without further need to type […] Thank you for being a Ghacks reader.…
Stay Ahead of the Game: How AI Can Help You Avoid Cybersecurity Traps
I have never been a victim of cyber threats, but from what I’ve heard, the effects are devastating. Cybersecurity officers and consultants work tirelessly to implement security strategies to fight hackers. Artificial […] Thank you for being a Ghacks reader.…
Week in review: LastPass breach, GCP data exfiltration, UEFI bootkit
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google Cloud Platform allows data exfiltration without a (forensic) trace Attackers can exfiltrate company data stored in Google Cloud Platform (GCP) storage buckets without leaving…
Cyberattack on British Retailer WH Smith Exposes Employees` Data
Threat actors breached WH Smith, the 1,700 locations UK retailer, and exposed data belonging to current and former employees. WH Smith has more than 12,500 employees and reported a revenue of $1.67 billion in 2022. What Kind of Data Was…
Chinese Hackers Are Using a New Backdoor to Deploy Malware
This year, the Chinese cyberespionage group Mustang Panda began deploying a new custom backdoor named ‘MQsTTang’ in attacks. This advanced persistent threat (APT), also known as TA416 and Bronze President, targets organizations worldwide with customized versions of PlugX malware. In January…
How Royal Ransomware Could Wreak Havoc on the U.S. Digital Economy
Earlier this year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an advisory regarding the Royal Ransomware gang. The Royal Ransomware group first appeared in the United States in September 2022—the U.S. Health and Human Services Cybersecurity Coordination Center…