This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, April 22nd, 2024…
Tag: EN
MITRE admits ‘nation state’ attackers touched its NERVE R&D operation
PLUS: Akira ransomware resurgent; Telehealth outfit fined for data-sharing; This week’s nastiest vulns Infosec In Brief In a cautionary tale that no one is immune from attack, the security org MITRE has admitted that it got pwned.… This article has…
USENIX Security ’23 – On the Security Risks of Knowledge Graph Reasoning
Authors/Presenters: *Zhaohan Xi, Tianyu Du, Changjiang Li, Ren Pang, Shouling Ji, Xiapu Luo, Xusheng Xiao, Fenglong Ma and Ting Wang* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open…
Akira Ransomware Group Takes In $42 million from 250 Attacks in a Year
The Akira ransomware has been around for just more than a year, but has caused its share of damage, racking up more than 250 victims and pulling in about $42 million in ransom, according to law enforcement and cybersecurity agencies…
Akira ransomware received $42M in ransom payments from over 250 victims
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments. A joint advisory published by CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL) revealed that since…
DuneQuixote campaign targets the Middle East with a complex backdoor
Threat actors target government entities in the Middle East with a new backdoor dubbed CR4T as part of an operation tracked as DuneQuixote. Researchers from Kaspersky discovered the DuneQuixote campaign in February 2024, but they believe the activity may have…
Cyberattackers Employ Elusive “CR4T” Backdoor to Target Middle Eastern Governments
A recent revelation by Russian cybersecurity firm Kaspersky sheds light on a covert cyber campaign dubbed DuneQuixote, which has been clandestinely targeting government bodies in the Middle East. This campaign involves the deployment of a newly identified backdoor called…
New AI Speed Cameras Record Drivers on Their Phones
New AI cameras have been deployed in vans to record drivers using their phones while driving or driving without a seatbelt. During a 12-hour evaluation in March, South Gloucestershire Council discovered 150 individuals not wearing seatbelts and seven drivers…
Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Critical…
Information Stealer Malware Preys on Gamers via Deceptive Cheat Code Baits
There is a new info-stealing malware that appears as a cheat on a game called Cheat Lab, and it promises downloaders that if they convince their friends to download it too, they will receive a free copy. It is…
Androxgh0st Malware Compromises Servers Worldwide for Botnet Attack
By Deeba Ahmed Veriti Research exposes surge in Androxgh0st attacks, exploiting CVEs and building botnets for credential theft. Patch systems, monitor for web shells, and use behavioral analysis to protect yourself. This is a post from HackRead.com Read the original…
Weighing Down Cyberrisk Options: How to Make Objective Cybersecurity Decisions Without Negatively Impacting the Organization’s IT Teams?
By Mike Starr, CEO of Trackd It’s often paid lip service to (or worse, intentionally neglected), and rarely appreciated, but there’s an operational cost to be paid for security. Security […] The post Weighing Down Cyberrisk Options: How to Make…
Review: ‘Artificial Intelligence — A Primer for State and Local Governments’
A new book by Alan Shark offers an excellent guide and an AI road map for state and local governments. He answers basic questions that public-sector leaders are asking in 2024. The post Review: ‘Artificial Intelligence — A Primer…
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the…
Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be…
Critical CrushFTP zero-day exploited in attacks in the wild
Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn. CrushFTP is a file transfer server software that enables secure and efficient file transfer capabilities. It supports various features such as FTP, SFTP,…
What is Mobile Application Security Testing? Explained
Mobile application security testing is a critical aspect of modern software development, driven by the widespread use of mobile devices in our daily lives, which store vast amounts of personal data like photos, email access, social media accounts, and payment…
USENIX Security ’23 – PrivGraph: Differentially Private Graph Data Publication by Exploiting Community Information
Authors/Presenters: *Quan Yuan, Zhikun Zhang, Linkang Du, Min Chen, Peng Cheng, Mingyang Sun* Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated…
A French hospital was forced to reschedule procedures after cyberattack
A French hospital was forced to return to pen and paper and postpone medical treatments after a cyber attack. A cyber attack hit Hospital Simone Veil in Cannes (CHC-SV) on Tuesday, impacting medical procedures and forcing personnel to return to pen and paper.…
GenAI Presents a Fresh Challenge for SaaS Security Teams
The software industry witnessed a pivotal moment with the introduction of Open AI’s ChatGPT in November 2022, sparking a race dubbed the GenAI race. This event spurred SaaS vendors into a frenzy to enhance their tools with generative AI-driven productivity…