Posted inNews
From Dark Reading – Geopolitical Conflicts: 5 Ways to Cushion the Blow
By prioritizing key areas, security leaders can navigate the complexities of geopolitical conflicts more effectively. Read More
Posted inNews
From Cyber Security News – Lessons Learned from the CISA – Ivanti Cyberattack – 2024
[[{"value":"In today’s digital era, the frequency and sophistication of cyberattacks are on the rise, posing a serious threat to businesses and organizations worldwide. Among these incidents, the cyberattack on the…
Posted inNews
From Security Week – In Other News: Airline Privacy Review, SEC’s SolarWinds Hack Probe, Apple MFA Bombing
[[{"value":"Noteworthy stories that might have slipped under the radar: US government conducting airline privacy review, SEC’s overreaching SolarWinds hack probe, MFA bombing of Apple users. The post In Other News:…
Posted inResearch
From Cybercrime Magazine – Security Awareness Training: Road Signs With Radar Systems For Employees
[[{"value":"This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in Verdict Sausalito, Calif. – Mar. 29, 2024 Verdict reports that Cybersecurity training programs deployed in…
Posted inNews
From Security Week – Pentagon Outlines Cybersecurity Strategy for Defense Industrial Base
[[{"value":"US Defense Department releases defense industrial base cybersecurity strategy with a focus on four key goals. The post Pentagon Outlines Cybersecurity Strategy for Defense Industrial Base appeared first on SecurityWeek."}]] Read…
Posted inNews
From Security Week – The Complexity and Need to Manage Mental Well-Being in the Security Team
[[{"value":"It is the CISO’s responsibility to build and maintain a high functioning team in a difficult environment – cybersecurity is a complex, continuous, and adversarial environment like none other outside…
Posted inNews
From The Hacker News – TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy
A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless.
"TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and February of 2024," the Black Lotus Labs team at Lumen
Posted inNews
From Dark Reading – Iran’s Evolving Cyber-Enabled Influence Operations to Support Hamas
Understanding Iran's techniques, coupled with comprehensive threat intel, can give organizations an edge in identifying and defending against these attacks. Read More
Posted inNews
From Cyber Security News – Cisco Warns of Password Spraying Attacks Exploiting VPN Services
[[{"value":"Password spraying is a technique hackers often take advantage of because it enables them to gain unauthorized access to many accounts or systems. They can potentially compromise many targets with…
Posted inNews
From Security Week – Energy Department Invests $15 Million in University Cybersecurity Centers
[[{"value":"The US Department of Energy announces $15 million funding for university-based electric power cybersecurity centers. The post Energy Department Invests $15 Million in University Cybersecurity Centers appeared first on SecurityWeek."}]] Read…
Posted inNews
From Cyber Security News – GitLab Security Flaw Let Attackers Inject Malicious Scripts: Patch Now
[[{"value":"GitLab has announced the release of updated versions for both its Community Edition (CE) and Enterprise Edition (EE), addressing critical vulnerabilities that could potentially allow attackers to inject malicious scripts…
Posted inNews
From The Hacker News – The Golden Age of Automated Penetration Testing is Here
Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manual approach often misses opportunities to find and fix security issues early on, leaving businesses vulnerable to
Posted inArticles
From Schneier on Security – Lessons from a Ransomware Attack against the British Library
You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but. Read More
Posted inBreaches
From Security Week – Massachusetts Health Insurer Data Breach Impacts 2.8 Million
[[{"value":"Harvard Pilgrim Health Care says the personal information of over 2.8 million individuals was stolen in a year-old ransomware attack. The post Massachusetts Health Insurer Data Breach Impacts 2.8 Million…
Posted inBreaches
From The Hacker News – New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking
Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions.
The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante. It has been described as a case of improper