Uncategorized

Federal Cybersecurity Posture is Improving, but Additional Work Remains

Federal Cybersecurity Posture is Improving, but Additional Work Remains 06/06/2023 at 20:54 By Former Texas Congressman William “Mac” Thornberry and Trustwave Government Services President Bill Rucker recently sat down to discuss several pressing issues impacting the federal government’s cybersecurity preparedness, the impact the Russia-Ukraine War has had on cyber, and what remains to be done […]

Federal Cybersecurity Posture is Improving, but Additional Work Remains Read More »

What security leaders can learn from Smashing Pumpkins hacker attack

What security leaders can learn from Smashing Pumpkins hacker attack 06/06/2023 at 20:32 By While stealing music from a band might not be equal to obtaining and releasing customer personal information, there are still lessons to learn from this incident. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

What security leaders can learn from Smashing Pumpkins hacker attack Read More »

Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices

Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices 06/06/2023 at 17:17 By Thousands of adware apps for Android have been found to masquerade as cracks or modded versions of popular apps to redirect users to serve unwanted ads to users as part of a campaign ongoing since October 2022.

Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices Read More »

Why authentication is good Medicine for today’s data breach epidemic

Why authentication is good Medicine for today’s data breach epidemic 06/06/2023 at 16:17 By Even though the data breach threat has been present for decades, many organizations still don’t have a great handle on how to prevent it. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Why authentication is good Medicine for today’s data breach epidemic Read More »

5 Reasons Why IT Security Tools Don’t Work For OT

5 Reasons Why IT Security Tools Don’t Work For OT 06/06/2023 at 15:31 By Attacks on critical infrastructure and other OT systems are on the rise as digital transformation and OT/IT convergencecontinue to accelerate. Water treatment facilities, energy providers, factories, and chemical plants — the infrastructure that undergirds our daily lives could all be at

5 Reasons Why IT Security Tools Don’t Work For OT Read More »

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now!

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now! 06/06/2023 at 13:32 By Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now! Read More »

Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals

Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals 06/06/2023 at 10:52 By Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that’s designed to capture sensitive data from infected hosts. “The threat actor behind this [ransomware-as-a-service] promotes its offering on forums,” Uptycs said in a new report. “There it requests a share

Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals Read More »

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme 06/06/2023 at 09:09 By A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that’s targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme Read More »

Zyxel Firewalls Under Attack! Urgent Patching Required

Zyxel Firewalls Under Attack! Urgent Patching Required 06/06/2023 at 07:32 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed two recently disclosed flaws in Zyxel firewalls to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities, tracked as CVE-2023-33009 and CVE-2023-33010, are buffer overflow vulnerabilities that could enable an unauthenticated

Zyxel Firewalls Under Attack! Urgent Patching Required Read More »

49% of organizations proactively invest in identity protection

49% of organizations proactively invest in identity protection 05/06/2023 at 23:26 By A new report reveals that 89% of businesses are somewhat or very concerned that new privacy regulations will impact identity security at their organization. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

49% of organizations proactively invest in identity protection Read More »

66% of organizations have increased their investment in SaaS apps

66% of organizations have increased their investment in SaaS apps 05/06/2023 at 21:05 By According to a survey, 58% of organizations estimate their current SaaS security solutions only cover 50% or less of their SaaS applications. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

66% of organizations have increased their investment in SaaS apps Read More »

Automation is no longer the future of cybersecurity: It’s the present

Automation is no longer the future of cybersecurity: It’s the present 05/06/2023 at 16:08 By It’s no secret that we’re facing a critical cybersecurity talent shortage. Despite persistent outcry from security leaders and experts, it’s only getting worse. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Automation is no longer the future of cybersecurity: It’s the present Read More »

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App 05/06/2023 at 16:08 By Microsoft has officially linked the ongoing active exploitation of a critical flaw in the Progress Software MOVEit Transfer application to a threat actor it tracks as Lace Tempest. “Exploitation is often followed by deployment of a web shell with data exfiltration capabilities,” the

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App Read More »

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack 05/06/2023 at 09:46 By Cybersecurity researchers have unearthed a new ongoing Magecart-style web skimmer campaign that’s designed to steal personally identifiable information (PII) and credit card data from e-commerce websites. A noteworthy aspect that sets it apart from other Magecart campaigns is that the hijacked sites

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack Read More »

Scroll to Top