New threat trends emerge out of East Asia
Since June 2023, Microsoft has been tracking activity from multiple Chinese and North Korean nation-state groups. Our observations indicate that these threat actors are doubling down on familiar...
View ArticleAustralian federal budget outlines investment in cybersecurity
The Australian federal government has announced the 2024-2025 budget, which includes investments in safe data storage for the upcoming Census, improving the data capability and cyber security of...
View ArticleFBI warns Black Basta ransomware impacted over 500 organizations worldwide
A ransomware-as-a-service operation known as Black Basta has grown to be one of the most prolific cybercrime threats over the past two years, managing to compromise over 500 organizations from around...
View ArticleBacklogs at National Vulnerability Database prompt action from NIST and CISA
Backlogs at the US National Vulnerability Database (NVD), a critical source of information about security flaws in software, have reached crisis proportions, prompting federal agencies to seek help...
View ArticleClock is ticking for companies to prepare for EU NIS2 Directive
Time is running out for businesses to prepare for looming new EU cyber security legislation and risk severe penalties for noncompliance. The Network and Information Systems Directive 2022/0383 –...
View ArticleSinging River ransomware attack now thought to have affected over 895,000
Singing River Health System (SRHS) has more than trebled its estimate of the number of persons affected by the ransomware attack it suffered in August 2023. The health care provider now estimates that...
View ArticleHow you may be affected by the new proposed Critical Infrastructure Cyber...
Creating a world that is safer and more secure is core to our vision at Palo Alto Networks, but this only can be achieved if we’re collectively making the internet, as a whole, safer. To do this...
View ArticleMicrosoft fixes three zero-day vulnerabilities, two actively exploited
Microsoft released its monthly batch of security fixes on Tuesday, which included patches for three vulnerabilities that already had exploits available. Two of those vulnerabilities are being actively...
View ArticleCyber resilience: A business imperative CISOs must get right
In May 2021, when Colonial Pipeline was targeted by the DarkSide hackers, CEO Joseph Blount made the highly controversial decision to pay the $4.4 million ransom. The attack put critical US...
View ArticleBreachForums seized by law enforcement, admin Baphomet arrested
Global law enforcement authorities have seized BreachForums, a notorious hacker forum threat actors used to sell stolen data, and related messaging channels in the Telegram app in a coordinated...
View ArticleCycode rolls out ASPM connector marketplace, analysts see it as bare minimum
Cycode has announced what it called the first marketplace devoted to the application security posture management (ASPM) space, touting the availability of more than 100 connectors and integrations to...
View ArticleCyber resilience: A business imperative CISOs must get right
In May 2021, when Colonial Pipeline was targeted by the DarkSide hackers, CEO Joseph Blount made the highly controversial decision to pay the $4.4 million ransom. The attack put critical US...
View ArticleUS AI experts targeted in cyberespionage campaign using SugarGh0st RAT
Security researchers have warned about a new cyberespionage campaign that targets artificial intelligence experts working in private industry, government and academia. The attackers, likely of Chinese...
View ArticleFCC proposes BGP security measures
Jessica Rosenworcel wants ISPs to tell her how they’re securing BGP (Border Gateway Protocol) , a critical system for routing internet traffic. The chairwoman of the US Federal Communications...
View ArticleDDoS attacks: Definition, examples, and techniques
What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This could be sending a web server...
View ArticleSEC rule for finance firms boosts disclosure requirements
The SEC announced rule changes for some financial companies that will require more customer disclosures when security incidents impact their personal information as well as mandate incident response...
View ArticleThe inside story of Cyber Command’s creation
In June 2009, the Department of Defense created US Cyber Command to address the rapid recognition among military brass that the computer systems they used were increasingly vulnerable to cyberattacks....
View ArticleGlobal stability issues alter cyber threat landscape, ESET reports
Threat actors are boosting attacks across the globe, with geographic events influencing which regions are being hit the hardest, according to a new report from threat intel researchers ESET. Although...
View ArticleDownload the hybrid cloud data protection enterprise buyer’s guide
To safeguard your data in hybrid cloud environments, organizations need to apply basic data security techniques such as encryption, data-loss prevention, secure web gateways, and cloud-access security...
View ArticleEmployee discontent: Insider threat No. 1
In the world of insider risk management (IRM), how an employee views their relationship with their company is as important as how the company views its relationship with the employee. This might sound...
View Article