Ensuring data stays secure even after cyberattack infiltration Webinar Daily incursions are underway with the aim of removing every bit of data that you’ve got – the cyber criminals’ aim is to break in and get out again laden with…
Tag: EN
Firefox and Chrome Updates Patch High-Severity Vulnerabilities
Mozilla and Google have recently released important security updates for their web browsers, Firefox and Chrome. These updates include patches for several vulnerabilities, including some potentially harmful memory safety bugs. First, let’s talk about Firefox. Mozilla unveiled Firefox version 119,…
Avoiding Common Linux Configuration Mistakes that Lead to Security Vulnerabilities
The robust security features of Linux make it the preferable choice for many enterprises. However, like any other operating system, security vulnerabilities can occur in Linux due to misconfigurations. These vulnerabilities may expose your system to potential risks, making it…
New TuxCare Partner Program Arms System Integrators with Modernized Linux Security Offerings
PALO ALTO, Calif. – November 8, 2023 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it debuted a new partner program aimed at helping system integrators offer the latest tools for modernizing their customers’ Linux security…
NextGen’s Vulnerability: Protecting Healthcare Data
In the realm of healthcare, the security and integrity of patient data are paramount. However, a recent discovery has shed light on a critical vulnerability within Mirth Connect, an open-source data integration platform by NextGen HealthCare. NextGen’s vulnerability, identified as…
Marina Bay Sands breach exposed data of 665,000 customers
Singapore-based luxury resort and casino Marina Bay Sands has suffered a data breach that exposed data of 665,000 non-casino rewards program members. The Marina Bay Sands data breach “Marina Bay Sands became aware of a data security incident on 20…
Webinar: Kickstarting Your SaaS Security Strategy & Program
SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so…
Threat Actor Farnetwork Linked to Five Ransomware Schemes
Group-IB lifts the lid on prolific cyber-criminal This article has been indexed from www.infosecurity-magazine.com Read the original article: Threat Actor Farnetwork Linked to Five Ransomware Schemes
North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz
The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts…
Bad eIDAS: Europe ready to intercept, spy on your encrypted HTTPS connections
EFF warns incoming rules may return web ‘to the dark ages of 2011’ Lawmakers in Europe are expected to adopt digital identity rules that civil society groups say will make the internet less secure and open up citizens to online…
Experts Expose Farnetwork’s Ransomware-as-a-Service Business Model
Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities. Singapore-headquartered Group-IB, which attempted to infiltrate a private RaaS program that…
Fresh Optus Australia server disruption not caused by a Cyber Attack
Optus, the Australian counterpart of Singapore Telecommunications, faced a significant disruption on Wednesday, leading to widespread service outages affecting millions of customers. While some initially speculated that the outage was the result of a national emergency or a state-sponsored attack,…
The 3 key stages of ransomware attacks and useful indicators of compromise
For SOC teams to be able to defend their organization against ransomware attacks, they need to have the right security toolset, but also an understanding of the three primary ransomware attack stages. In this article, we will dive into those…
eBPF Kubernetes Security Tool Tetragon Improves Performance and Stability
Isovalent has announced the 1.0 release of Cilium Tetragon, their eBPF-based Kubernetes security observability and runtime enforcement tool. Policies and filters can be applied directly via eBPF to monitor process execution, privilege escalations, and file and network activity. Tetragon can…
Iranian APT Hackers Attacking Education & Tech Sectors to Steal Sensitive Data
Cybersecurity researchers link attackers to the Iranian-backed APT group “Agonizing Serpens,” which has upgraded its capabilities and uses various tools to bypass security measures. Hackers target and steal sensitive data for various reasons, including: They may sell the stolen data…
Aqua Trivy open-source security scanner now finds Kubernetes security risks
The Aqua Trivy open-source scanner now supports vulnerability scanning for Kubernetes components and Kubernetes Bill of Materials (KBOM) generation. Now, companies can better understand the components within their Kubernetes environment and how secure they are to reduce risk. “Aqua Trivy…
AI-assisted coding and its impact on developers
The emergence of AI has put into question the roles of software developers everywhere. In this Help Net Security video, Cat Hicks, VP of Research Insights at Pluralsight, discusses pressing questions that engineering organizations face regarding the rapidly-changing possibilities of…
Chinese APT Targeting Cambodian Government
Cambodian government entities were targeted by a Chinese APT masquerading as cloud backup services. Our findings include C2 infrastructure and more. The post Chinese APT Targeting Cambodian Government appeared first on Unit 42. This article has been indexed from Unit…
Companies have good reasons to be concerned about generative AI
Companies need help to get visibility into the operations of their AI programs, potentially reducing productivity while creating significant risks around governance, data security, and more, according to Portal26. Two-thirds of respondents admitted to a Generative AI security or misuse…
QNAP OS Command Injection Vulnerability Let Attackers Execute Malicious Commands
Two critical OS command injection flaws have been discovered in multiple QNAP products, which include QTS, Multimedia Console, Media Streaming add-on, QuTS Hero, and QuTScloud. These vulnerabilities existed in the QTS operating system and applications on network-attached storage (NAS) devices,…