In this Help Net Security interview, Sumedh Thakar, President and CEO of Qualys explores the vision behind the Qualys Enterprise TruRisk Platform, a strategic move aimed at redefining how enterprises measure, communicate, and eliminate cyber risk. We delve into how…
Royal Mail cyber security still a mess, say infosec researchers
ALSO: most Mainers are MOVEit victims, NY radiology firm fined for not updating kit, and some critical vulnerabilities Infosec in brief After spending almost a year cleaning up after various security snafus, the UK’s Royal Mail has left an open…
SEC vs. SolarWinds CISO, Classiscam Scam-as-a-Service
In this episode, we discuss the SEC’s charges against SolarWinds’ CISO for misleading investors about a major cyberattack. Plus don’t miss our discussion about the shady world of “Classiscam Scam-as-a-Service,” a very popular cyber criminal service that creates fake user…
Success eludes the International Counter Ransomware Initiative
A swing and a miss by the 50 member countries of the International Counter Ransomware Initiative (CRI), headlined by the US, who have confirmed a commitment to collectively address ransomware. Ransomware, as predicted, is growing at tremendous rates and focusing…
Signal is testing usernames so you don’t have to share your phone number
The Signal messaging service is testing support for usernames as a replacement for phone numbers to serve as user identities This article has been indexed from Malwarebytes Read the original article: Signal is testing usernames so you don’t have to…
CISOs vs. developers: A battle over security priorities
A majority of both developers and CISOs view software supply chain security as a top priority in their roles (70% and 52% respectively), according to Chainguard. However, there is a clear disconnect and even some distrust between CISOs and developers…
The real cost of healthcare cybersecurity breaches
With each step towards digitalization, from cloud computing to electronic records, the healthcare sector faces mounting risks that threaten not just the privacy but the very wellbeing of patients. In this Help Net Security interview, Taylor Lehmann, Director, Office of…
Major Phishing-as-a-Service Syndicate ‘BulletProofLink’ Dismantled by Malaysian Authorities
Malaysian law enforcement authorities have announced the takedown of a phishing-as-a-service (PhaaS) operation called BulletProofLink. The Royal Malaysian Police said the effort, which was carried out with assistance from the Australian Federal Police (AFP) and the U.S. Federal Bureau of Investigation (FBI) on…
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations
Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian government organizations. “This activity is believed to be part of a long-term espionage campaign,” Palo Alto Networks Unit…
Imperial Kitten Attacking Tech Firms with SQLi & Scanning Tools
Researchers detected IMPERIAL KITTEN, an adversary with ties to Iran, conducting strategic web compromise (SWC) operations with a focus on transportation, logistics, and technology firms. The adversary, who has been operating since at least 2017, has been reported to have…
DP World Cyber Attack puts Australia on High Alert
Over the recent weekend, DP World Australia, a prominent maritime freight operator, fell victim to a sophisticated digital attack, prompting swift action from authorities. In response to the breach, access to the corporate network was temporarily halted, and operations at…
Enhancing Ransomware Defense through Micro-Segmentation of Networks
In an era where cyber threats continue to evolve in sophistication, organizations are increasingly turning to advanced security measures to protect their digital assets. One such strategy gaining prominence is micro-segmentation of networks, a powerful approach that proves invaluable in…
Building resilience to shield your digital transformation from cyber threats
Digital transformation projects are top of mind for enterprises. 91% of businesses are currently engaged in some form of digital initiative. Yet, the average cost of a failed, delayed, or scaled-back digital transformation project is more than $4 million dollars.…
Infostealers and the high value of stolen data
The risk of personal and professional data being stolen by nefarious actors looms larger than ever, according to Trend Micro. Understanding the risks associated with data theft, which include identity theft, financial loss, reputational harm, and the potential misuse of…
New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks
Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks aimed at Israel. Dubbed BiBi-Windows Wiper by BlackBerry, the wiper is the Windows counterpart of BiBi-Linux Wiper, which has been put…
10 Best Unified Endpoint Management Tools – 2024
Managing a diverse range of devices, including desktops, mobile devices, and Internet of Things (IoT) devices, is an essential aspect of modern businesses. To efficiently handle these devices, a set of best Unified Endpoint Management Tools (UEM) technologies provide an…
Why backup matters more than ever
Often overlooked but critically essential, backup lies at the core of data security and business continuity. However, data is also susceptible to a myriad of threats, ranging from hardware failures and accidental deletions to malicious cyberattacks. Whether you’re an individual…
Kubernetes adoption creates new cybersecurity challenges
To maintain a competitive edge, modern organizations are evolving toward highly scalable, flexible and resilient applications – leading to the widespread adoption of cloud native technologies like Kubernetes, according to Venafi. Security challenges in cloud native environments In fact, 84%…
Access Control Unveiled: Mastering RBAC for Business Security
Role-Based Access Control (RBAC) is a form of access control system that restricts user access to only those functions and resources for which they are… The post Access Control Unveiled: Mastering RBAC for Business Security appeared first on Security Zap.…
Australia declares ‘nationally significant cyber incident’ after port attack
PLUS: Citrix quits China; Cambodia deports Japanese scammers; Chinese tech CEO disappears; and more Asia in brief Australia’s National Cyber Security Coordinator has described an attack on logistics company DP World as a “nationally significant cyber incident.”… This article has…
The Lorenz ransomware group hit Texas-based Cogdell Memorial Hospital
The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. In early November, the Cogdell Memorial Hospital (Scurry County Hospital District) announced it was experiencing a computer network incident that prevented the hospital from accessing some…
Chess.com Faces Second Data Leak: 476,000 Scraped User Records Leaked
By Waqas The most recent data leak of Chess.com user records occurred on Friday, November 10th, 2023. This is a post from HackRead.com Read the original post: Chess.com Faces Second Data Leak: 476,000 Scraped User Records Leaked This article has…
Australian Nonprofit Cyber Security Is So Poor It Might Be Affecting Donations
Research from Infoxchange indicates that poor cyber security practices in Australia’s not-for-profit sector are putting its donors’ and communities’ data at risk. This article has been indexed from Security | TechRepublic Read the original article: Australian Nonprofit Cyber Security Is…
Unlock Cybersecurity with Mitre ATT&CK and D3FEND Mapping
Introduction In the ever-evolving landscape of cybersecurity, staying ahead of threats such as APT threats is more challenging than ever. That’s where frameworks like Mitre Att&ck and D3fend mapping come into play. These robust frameworks offer a comprehensive approach to understanding, mapping,…