A list of topics we covered in the week of December 2 to December 8 of 2024 This article has been indexed from Malwarebytes Read the original article: A week in security (December 2 – December 8)
Tag: EN
Massachusetts hospital breach, Recall’s next deployment, Blue Yonder restoration
Anna Jaques Hospital confirms details of Christmas Day ransomware breach Microsoft expands Recall preview to Intel and AMD Copilot+ PCs Blue Yonder announces restoration progress after November 21 attack Thanks to today’s episode sponsor, ThreatLocker Do zero-day exploits and supply…
Security Service Edge Adoption Report 2024
Introduction Hybrid work is the new reality for many businesses, but it also poses new challenges for cybersecurity. CISOs and security architects need to rethink how they protect their critical resources from cyber threats, as they have to deal with…
TPM 2.0: The new standard for secure firmware
Connected devices are better protected from cyberattacks and less likely to be compromised by errors thanks to the new TPM 2.0 specification from the Trusted Computing Group (TCG). Manufacturers attach a Trusted Platform Module (TPM) to a device to help…
QNAP High Severity Vulnerabilities Let Remote attackers to Compromise System
QNAP Systems, Inc. has identified multiple high-severity vulnerabilities in its operating systems, potentially allowing attackers to compromise systems and execute malicious activities. These issues affect several versions of QNAP’s QTS and QuTS hero operating systems. Users are urged to update…
2023 Anna Jaques Hospital data breach impacted over 310,000 people
Anna Jaques Hospital revealed that the ransomware attack it suffered last year has exposed sensitive health data for over 316,000 patients. On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. The hospital revealed that the security breach exposed…
Data Governance and the Mandate for Tougher Security in 2025
The challenges around data governance are evolving rapidly, driven by the rapid adoption of generative AI, stringent regulatory requirements, and heightened cybersecurity risks. As we approach 2025, organisations are realising that traditional approaches to data governance are no longer sufficient.…
Email and Other Fraud – It Gets Personal: Cyber Security Today for Monday, December 9, 2024
Cybersecurity Today: Email Frauds, Google Warnings, and U.S. Telecom Hacks In this episode of Cybersecurity Today, host Jim Love discusses a personal encounter with email fraud attempts, including invoice scams and fake payroll changes. Google issues a stark warning to…
The Rising Threat of Pegasus Spyware: New Findings and Growing Concerns
Over the past few years, we’ve witnessed a series of alarming reports about the infamous Pegasus spyware, developed by Israeli cyber intelligence firm NSO Group. The spyware has been at the center of numerous scandals, notably involving high-profile targets such…
Privacy Concerns Amid Growing Mobile Security Threats: A Digital Dilemma
In today’s hyper-connected world, mobile phones have become much more than just communication devices—they are personal hubs of information, storing everything from our financial details and social media activities to our most intimate conversations and health data. With the increasing…
Healthcare Security Strategies for 2025
Imagine this: It’s a typical Tuesday morning in a bustling hospital. Doctors make their rounds, nurses attend to patients, and the hum of medical equipment creates a familiar backdrop. Suddenly, screens go dark, vital systems freeze, and a chilling message…
Tanya Janca on Secure Coding, AI in Cybersecurity, and Her New Book
Join us for an insightful episode of the Shared Security Podcast as Tanya Janca returns for her fifth appearance. Discover the latest on her new book about secure coding, exciting updates in Application Security, and the use of AI in…
Hackers Use Artificial Intelligence to Create Sophisticated Social Engineering Attacks
The Federal Bureau of Investigation (FBI) has issued a warning about a growing trend in cybercrime, hackers leveraging generative artificial intelligence (AI) to develop highly sophisticated social engineering attacks. With advancements in AI technology, cybercriminals are crafting fraud schemes that…
The EU Cyber Resilience Act: Enhancing Digital Security in the AI Era
On 20 November 2024, the EU Cyber Resilience Act (CRA) was published in the Official Journal of the EU, kicking off the phased implementation of the CRA obligations. The European Union has introduced the Cyber Resilience Act to bolster the cybersecurity…
Who handles what? Common misconceptions about SaaS security responsibilities
In this Help Net Security interview, James Dolph, CISO at Guidewire, addresses common misconceptions about security responsibilities in cloud environments, particularly in SaaS, and how these misunderstandings can lead to security risks. What common misconceptions do you encounter about the…
Top cybersecurity books for your holiday gift list
The holiday season is approaching, and with it, the tradition of gift-giving. For professionals and enthusiasts alike, a well-chosen book can provide both knowledge and inspiration. To help with ideas on what to give, we’ve compiled a list of cybersecurity…
What makes for a fulfilled cybersecurity career
In this Help Net Security video, Richard Hummel, NETSCOUT’s Director of Threat Intelligence, talks about his journey into cybersecurity and offers insight for those that are interested in pursuing it as a career. The post What makes for a fulfilled…
Businesses plagued by constant stream of malicious emails
36.9% of all emails received by businesses (20.5 billion) in 2024 were unwanted, according to Hornetsecurity’s analysis of 55.6+ billion emails processed through their security services between November 1, 2023 and October 31, 2024 – and 2.3% of those contained…
Blue Yonder ransomware termites claim credit
Also: Mystery US firm compromised by Chinese hackers for months; Safe links that aren’t; Polish spy boss arrested, and more Infosec in brief Still smarting over that grocery disruption caused by a ransomware attack on supply chain SaaS vendor Blue…
Why Compliance in Cloud Security Can’t Be Ignored
How Does Compliance Impact Cloud Security? Are we fully conscious of the significant correlation between compliance and cloud security? With the increasing reliance on cloud-based solutions, the challenge of maintaining security compliance in the cloud environment has become a pivotal…