Honeywell’s 2024 GARD USB Threat Report analyzes malware discovered on USB devices used in industrial settings, highlighting a significant increase in malware prevalence, with a 33% rise in detections compared to the prior year. The malware poses a serious threat…
Tag: EN
REvil Ransomware Affiliate Sentenced for 13 Years in Prison
A Ukrainian national, Yaroslav Vasinskyi, has been sentenced to 13 years and seven months in prison. Vasinskyi, known in the cyber underworld as Rabotnik, was also ordered to pay over $16 million in restitution for his role in orchestrating more…
REvil ransomware scum sentenced to almost 14 years inside, ordered to pay $16 million
After extorting $700 million from thousands of victims A Ukrainian man has been sentenced to almost 14 years in prison and ordered to pay more than $16 million in restitution for his role in infecting thousands of victims with REvil…
Think tank: China’s tech brands refine and define Beijing’s propaganda push
Taking down TikTok won’t stop the CCP’s attempt to control global narratives Chinese tech companies that serve as important links in the world’s digital supply chains are helping Beijing to execute and refine its propaganda strategy, according to an Australian…
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabilities (KEV) catalog, owing to active exploitation in the wild. Tracked as CVE-2023-7028 (CVSS score: 10.0), the maximum severity vulnerability could facilitate account takeover by…
Inside Ukraine’s Killer-Drone Startup Industry
Ukraine needs small drones to combat Russian forces—and is bootstrapping its own industry at home. This article has been indexed from Security Latest Read the original article: Inside Ukraine’s Killer-Drone Startup Industry
United Health CEO testifies before senate for ransomware attack
In February of this year, a ransomware assault on Change Healthcare caused significant disruptions in medical supply chains and billing procedures, prompting the company to isolate its computer network and launch a clinical investigation. Fast forward two months from the…
Attention all Windows Users! The Microsoft April Security Update Could Break Your VPN
In a recent development that has caught the attention of IT administrators and users alike, Microsoft has acknowledged a significant issue affecting VPN connections on Windows devices. This problem has emerged following the installation of the April 2024 security update,…
2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element
The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches, according to Verizon’s 2024 Data Breach Investigations Report, which analyzed a record-high 30,458 security incidents and 10,626 confirmed…
User Privacy Threats Around T-Mobile’s ‘Profiling and Automated Decisions’
In today’s digital age, it is no secret that our phones are constantly tracking our whereabouts. GPS satellites and cell towers work together to pinpoint our locations, while apps on our devices frequently ping the cell network for updates on…
Securing your organization’s supply chain: Reducing the risks of third parties
When Stephen Hawking said that “we are all now connected by the internet, like neurons in a giant brain”, very few people understood the gravity of his statement. But ten years on from his famous interview with USA Today, it’s…
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests. “This malware is modular, designed primarily to steal authentication material found…
Bitwarden launches standalone Bitwarden Authenticator app
Bitwarden has released a first public version of Bitwarden Authenticator, a two-factor authentication app for Android and iOS. The app generates codes for services, which are then required to sign to accounts. […] Thank you for being a Ghacks reader.…
Post DBIR 2024: 7 Ways to Reduce Your Cyber Risk
The Verizon DBIR is the most anticipated annual report on data breaches with many incredible insights, and this year is no exception. The most surprising finding is the rapid explosion in vulnerability exploitation, which now constitutes one of the most…
reNgine: Open-source automated reconnaissance framework for web applications
reNgine is an open-source automated reconnaissance framework for web applications that focuses on a highly configurable and streamlined recon process. Developing reNgine reNgine was developed to overcome the constraints of conventional reconnaissance tools. It is a good choice for bug…
Understanding emerging AI and data privacy regulations
In this Help Net Security interview, Sophie Stalla-Bourdillon, Senior Privacy Counsel & Legal Engineer at Immuta, discusses the AI Act, the Data Act, and the Health Data Space Regulation. Learn how these regulations interact, their implications for both public and…
Women rising in cybersecurity roles, but roadblocks remain
The ISC2 study on women in cybersecurity, a comprehensive research effort that collected responses from 2,400 women, has revealed several significant findings. These include promising trends in women’s entry into the profession, their roles within teams, and their comparable achievements…
A million Australian pubgoers wake up to find personal info listed on leak site
Allegations fly regarding unpaid contractors and iffy infosec Over a million records describing Australians who visited local pubs and clubs have apparently been posted online.… This article has been indexed from The Register – Security Read the original article: A…
AI-driven phishing attacks deceive even the most aware users
Vishing and deepfake phishing attacks are on the rise as attackers leverage GenAI to amplify social engineering tactics, according to Zscaler. AI automates and personalizes various aspects of the attack process AI-driven phishing attacks leverage AI tools to enhance the…
Panda Restaurant Corporate Systems Hacked: Customer Data Exposed
Panda Restaurant Group, Inc., a leading name in the fast-food industry, has confirmed a significant breach in its corporate data systems. The incident, which came to light on March 10, 2024, has potentially compromised the personal information of an undisclosed…