A 22-year-old Russian national has been indicted in the U.S. for his alleged role in staging destructive cyber attacks against Ukraine and its allies in the days leading to Russia’s full-blown military invasion of Ukraine in early 2022. Amin Timovich…
Tag: EN
Google Announced Chrome Enterprise Core Features for IT, Security Teams
Google has unveiled new features for Chrome Enterprise Core, formerly known as Chrome Browser Cloud Management. As organizations increasingly rely on cloud computing, hybrid work models, and Bring Your Device (BYOD) policies, the need for robust browser management has never…
Heimdal and Escom Bulgaria Partner to Strengthen Cybersecurity in Bulgaria
Heimdal has agreed to a long-term partnership with Escom Bulgaria to distribute our products in Bulgaria, so we sat down with Mr. Alexander Zhekov, Escom Bulgaria’s Managing Director. He’s a seasoned professional with over 10 years of security experience. Escom…
Update: MOVEit Transfer Vulnerability Targeted Amid Disclosure Drama
The non-profit cybersecurity organization, the Shadowserver Foundation, has observed exploitation attempts against CVE-2024-5806. They noted that the exploitation began soon after the vulnerability details were made public. This article has been indexed from Cyware News – Latest Cyber News Read…
Chinese State Actors Use Ransomware to Conceal Real Intent
A new report warns that Chinese APT groups are using ransomware to conceal cyber-espionage activity This article has been indexed from www.infosecurity-magazine.com Read the original article: Chinese State Actors Use Ransomware to Conceal Real Intent
Multiple TP-Link Omada Vulnerabilities Let Attackers Execute Remote Code
Multiple vulnerabilities have been identified in the TP-Link Omada system, a software-defined networking solution widely used by small to medium-sized businesses. These vulnerabilities, if exploited, could allow attackers to execute remote code, leading to severe security breaches. The affected devices…
Chinese Cyberspies Employ Ransomware in Attacks for Diversion
The adoption of ransomware in cyberespionage attacks helps adversaries blur the lines between APT and cybercriminal activity, leading to potential misattribution or concealing the true nature of the operation. This article has been indexed from Cyware News – Latest Cyber…
Strong Authentication: What It Is and Why You Need It
An amazing post The post Strong Authentication: What It Is and Why You Need It appeared first on Security Boulevard. This article has been indexed from Security Boulevard Read the original article: Strong Authentication: What It Is and Why You…
Lattice launches two solutions to help users stay ahead of cyberthreats
Lattice Semiconductor launched two new solutions to address customer challenges around increasing threats to system security. The company announced the Lattice MachXO5D-NX family of advanced secure control FPGAs, offering crypto-agile algorithms, hardware root of trust features with integrated flash, and…
Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application
A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow…
US offers $10 million for information on indicted WhisperGate malware suspect
A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. If convicted, he faces a maximum penalty of five years in prison. The U.S. Department of…
New P2Pinfect version delivers miners and ransomware on Redis servers
Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads.…
Adversaries Seek to Take Advantage of Global Events – How To Prepare for the 2024 Paris Olympics
The 2024 Paris Olympics is set to begin on July 26, global adversaries are paying close attention and such a high-profile event serves as an opportunity for bad actors to cash in on vulnerable organizations and users with poor cyber…
Ransomware attacks launched on the world by China and North Korea
According to a joint investigation by security analysts from SentinelOne and Recorded Future, a significant ransomware campaign targeted government and critical infrastructure between 2021 and 2023, with new details now coming to light. The attacks occurred in two distinct clusters.…
Cyber insurance as part of the cyber threat mitigation strategy
Why organizations of every size and industry should explore their cyber insurance options as a crucial component of their risk mitigation strategies This article has been indexed from WeLiveSecurity Read the original article: Cyber insurance as part of the cyber…
Gitleaks: Open-source solution for detecting secrets in your code
Gitleaks is an open-source SAST tool designed to detect and prevent hardcoded secrets such as passwords, API keys, and tokens in Git repositories. With more than 15 million Docker downloads, 16,200 GitHub stars, 7 million GitHub downloads, thousands of weekly…
New ransomware, infostealers pose growing risk in 2024
BlackBerry detected and stopped 3.1 million cyberattacks (37,000 per day) in the first quarter of 2024. Between January and March 2024, BlackBerry detected 630,000 malicious hashes, representing a 40% increase from its previous reporting period. 60% of attacks targeting industry…
75% of new vulnerabilities exploited within 19 days
Last year alone, over 30,000 new vulnerabilities were published, with a new vulnerability emerging approximately every 17 minutes — averaging 600 new vulnerabilities per week, according to Skybox Security. The report highlights a critical gap in remediation efforts, with the…
Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability – Patch ASAP!
A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass…
Google Chrome Users at Risk: Study Reveals Dangerous Extensions Affecting 280 Million
A recent study has unveiled a critical security threat impacting approximately 280 million Google Chrome users who have installed dangerous browser extensions. These extensions, often masquerading as useful tools, can lead to severe security risks such as data theft,…