APT29 (aka Cozy Bear, aka Midnight Blizzard) has been spotted targeting German political parties for the first time, Mandiant researchers have shared. Phishing leading to malware The attack started in late February 2024, with phishing emails containing bogus invitations to…
Tag: EN
New “GoFetch” Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys
A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher…
Police Bust Multimillion-Dollar Holiday Fraud Gang
Law enforcers have arrested nine suspected members of a prolific cyber-fraud gang This article has been indexed from www.infosecurity-magazine.com Read the original article: Police Bust Multimillion-Dollar Holiday Fraud Gang
Payments Regulator Probing String Of Payments Failures
Payments regulator says it is monitoring string of failures that affected payments systems at McDonald’s, Sainsbury’s, Tesco and Greggs within five days This article has been indexed from Silicon UK Read the original article: Payments Regulator Probing String Of Payments…
Microsoft Pays Anthropic AI $650m After Poaching Staff
Microsoft reportedly paying $650m to AI start-up Anthropic after poaching most of staff as company girds for AI arms race This article has been indexed from Silicon UK Read the original article: Microsoft Pays Anthropic AI $650m After Poaching Staff
A week in security (March 18 – March 24)
A list of topics we covered in the week of March 18 to March 24 of 2024 This article has been indexed from Malwarebytes Read the original article: A week in security (March 18 – March 24)
Russian Cozy Bear Group Targets German Politicians
Mandiant observes what it claims is the first ever APT29 campaign aimed at political parties This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Cozy Bear Group Targets German Politicians
10 cloud development gotchas to watch out for
The benefits of developing software in the cloud include increased flexibility and reliability, greater efficiency, and reduced costs. But cloud-based development also presents a host of challenges. Knowing what to watch out for is the first step to protecting your applications…
The Looming Cyber Threat in Real Estate
In our interconnected world, the real estate industry has embraced technology to revolutionize its operations, enhance customer experiences, and streamline business processes. Yet, while this technological evolution has brought immense benefits to the property sector, it has also attracted the…
Managed Cybersecurity Services Secure Modern Environments
In an era characterized by relentless digital transformation and interconnectedness, cybersecurity has evolved into a complex and dynamic battleground. Businesses, governments, and individuals find themselves locked in a perpetual struggle against a relentless flood of evolving threats. From sophisticated cybercriminal…
GoFetch side-channel attack against Apple systems allows secret keys extraction
Researchers demonstrated a new side-channel attack, named GoFetch, against Apple CPUs that could allow an attacker to obtain secret keys. A team of researchers from several US universities demonstrated a new microarchitectural side-channel attack named GoFetch that could allow attackers…
Kubernetes RCE Vulnerability Allows Remote Code Execution
Tomer Peled, an Akamai cybersecurity security researcher, recently discovered a Kubernetes RCE vulnerability that allows threat actors to remotely execute code on Windows endpoints. Not only this but the threat actors can have full system privileges while executing the code. …
Fears Over ‘Mass Surveillance’ With Bill Changes
techUK and other tech, human rights groups say proposed changes to Investigatory Powers Act could introduce ‘mass surveillance’ This article has been indexed from Silicon UK Read the original article: Fears Over ‘Mass Surveillance’ With Bill Changes
Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place…
Data Security Trends: 2024 Report Analysis
Data Security Trends: 2024 Report Analysis madhav Mon, 03/25/2024 – 05:08 < div> Amid ongoing economic uncertainty and a progressively complex threat landscape, businesses are trying to navigate increasingly stringent regulatory requirements while bolstering their security posture. The 2024 Thales…
The ISO 27000 family of protocols and their role in cybersecurity
The ISO 27000 family of protocols represent a series of standards developed by the International Organization for Standardization (ISO) to address various aspects of information security management. These standards provide a framework for organizations to establish, implement, maintain, and continually…
Hackers Claiming Unauthorized Access to the Fortinet Devices of Many Companies
Hackers have claimed unauthorized access to Fortinet devices across various companies. This breach highlights cybercriminals’ persistent threat to corporate security infrastructures and the importance of robust cybersecurity measures. Overview of the Breach A tweet from a dark-themed webpage has surfaced,…
That Asian meal you eat on holidays could launder money for North Korea
United Nations finds IT contract and crypto scams are just two of DPRK’s illicit menu items If you dine out at an Asian restaurant on your next holiday, the United Nations thinks your meal could help North Korea to launder…
Understanding the Various Types of DDoS Attacks and Their Implications
In today’s interconnected digital world, Distributed Denial of (DDoS) attacks have emerged as a significant threat to online businesses, organizations, and even individuals. These attacks can disrupt essential services, compromise sensitive data, and incur substantial financial losses. Understanding the different…
20 essential open-source cybersecurity tools that save you time
Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of…