Tag: EN

Headlines on Trending Cyber Attacks from Google News

Global Sanctions Imposed on Russian-Linked REVIL Ransomware Operator Governments of Australia, UK, and the United States have jointly sanctioned Alexander Gennadievich, a hacker associated with the Russian-linked REVIL Ransomware group. Gennadievich’s involvement in the Medibank data breach has raised international…

Read more →

The Insider Threat: Can Employees Pose a Greater Risk than Hackers

In the ever-evolving landscape of cybersecurity, organizations face a multitude of threats that can compromise their sensitive data and operations. While external threats from hackers and cyber criminals are well-recognized, there’s an often-underestimated risk that originates from within – the…

Read more →

The effect of omission bias on vulnerability management

Whether we’d like to admit it to ourselves or not, all humans harbor subconscious biases that powerfully influence our behavior. One of these is the omission bias, which has interesting ramifications in the world of cyber security, specifically vulnerability management.…

Read more →

10 USA cybersecurity conferences you should visit in 2024

Security BSides Security BSides offers attendees an opportunity to engage and present their ideas actively. Characterized by its intensity, these events are filled with discussions, demonstrations, and interactive participation. BSides are happening all over the USA. To find an event…

Read more →

Why resilience leaders must prepare for polycrises

In this Help Net Security video, Frank Shultz, CEO of Infinite Blue, discusses how more frequent and severe disruptions and our increasingly interconnected world collide to create a new threat for resilience leaders to manage: polycrises. These multiple concurrent or…

Read more →

NodeZero Updated With Attack Content for Critical Confluence RCE

On 16 January, Atlassian released a security advisory concerning CVE-2023-22527 that affects vulnerable out-of-date versions of Confluence Data Center and Server. The post NodeZero Updated With Attack Content for Critical Confluence RCE appeared first on Horizon3.ai. The post NodeZero Updated…

Read more →

Organizations invest more in data protection but recover less

92% of organizations will increase 2024 data protection spend, to achieve cyber resilience amidst continued threats of ransomware and cyberattacks, according to Veeam Software. Respondents shared that cyberattacks remain the top cause of outages and that while organizations are putting…

Read more →

Whitepaper: MFA misconceptions

While a valuable tool in the cybersecurity toolkit, MFA is not immune to weaknesses. Read the “MFA Misconceptions” whitepaper to understand its limitations and how integrating it with other robust security measures is crucial for building a resilient defense mechanism.…

Read more →

Software supply chain attacks are getting easier

ReversingLabs identified close to 11,200 unique malicious packages across three major open-source software platforms in 2023: npm, PyPI, and RubyGems. These findings mark an astounding 1,300% increase in malicious packages from 2020 and an increase of 28% over 2022 when…

Read more →

Securing Remote Work: A Guide for Businesses

In today’s business landscape, remote work has become the standard, necessitating a heightened focus on safeguarding sensitive information. As cyber threats continue to proliferate, organizations… The post Securing Remote Work: A Guide for Businesses appeared first on Security Zap. This…

Read more →

Fragging: The Subscription Model Comes for Gamers

< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> We’re taking part in Copyright Week, a series of actions and discussions supporting key principles that should guide copyright policy. Every day this week, various groups are…

Read more →

FTC Bars X-Mode from Selling Sensitive Location Data

< div class=”field field–name-body field–type-text-with-summary field–label-hidden”> < div class=”field__items”> < div class=”field__item even”> Update, January 23, 2024: Another week, another win! The FTC announced a successful enforcement action against another location data broker, InMarket. Phone app location data brokers are…

Read more →

Watch out, a new critical flaw affects Fortra GoAnywhere MFT

Fortra addressed a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) product. Fortra warns customers of a new authentication bypass vulnerability tracked as CVE-2024-0204 (CVSS score 9.8), impacting the GoAnywhere MFT (Managed File Transfer) product. Fortra GoAnywhere Managed File Transfer…

Read more →

CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive

On January 22, 2024 Fortra posted a security advisory for their GoAnywhere MFT product. This advisory details an authentication bypass vulnerability, CVE-2024-0204, that allows an unauthenticated attacker to create an […] The post CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive…

Read more →