Uncategorized

Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors

Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors 05/06/2023 at 08:28 By A surge in TrueBot activity was observed in May 2023, cybersecurity researchers disclosed. “TrueBot is a downloader trojan botnet that uses command and control servers to collect information on compromised systems and uses that compromised system as a launching point for […]

Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors Read More »

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts 05/06/2023 at 08:28 By An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. “This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts Read More »

Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council’s Certified CISO Hall of Fame Report 2023

Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council’s Certified CISO Hall of Fame Report 2023 03/06/2023 at 11:36 By A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity

Cloud Security Tops Concerns for Cybersecurity Leaders: EC-Council’s Certified CISO Hall of Fame Report 2023 Read More »

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal 03/06/2023 at 11:36 By An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an “extremely high degree

New Linux Ransomware Strain BlackSuit Shows Striking Similarities to Royal Read More »

FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring

FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring 03/06/2023 at 11:36 By The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises a $25 million penalty for breaching children’s privacy laws

FTC Slams Amazon with $30.8M Fine for Privacy Violations Involving Alexa and Ring Read More »

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362)

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362) 02/06/2023 at 23:42 By On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. The vulnerability being exploited is an SQL injection and has since been patched. Resources links, including one for

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362) Read More »

OSHA cites retail chain for exposing employees to electrical hazards

OSHA cites retail chain for exposing employees to electrical hazards 02/06/2023 at 22:53 By Following several investigations, the Occupational Health and Safety Administration (OSHA) has cited Dollar General for workplace safety violations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

OSHA cites retail chain for exposing employees to electrical hazards Read More »

Health tracking app charged by FTC for sharing sensitive information

Health tracking app charged by FTC for sharing sensitive information 02/06/2023 at 22:03 By Fertility app Premom was charged by the FTC for sharing users’ sensitive information with third parties, and sharing sensitive health data to Google. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Health tracking app charged by FTC for sharing sensitive information Read More »

Hear From AEG and Trustwave at Gartner Security & Risk Management 2023

Hear From AEG and Trustwave at Gartner Security & Risk Management 2023 02/06/2023 at 20:46 By If you’re heading to Gartner Security & Risk Management 2023 in National Harbor, MD, June 5-7, get ready for a compelling session from Anschutz Entertainment Group (AEG) and Trustwave. This article is an excerpt from Trustwave Blog View Original

Hear From AEG and Trustwave at Gartner Security & Risk Management 2023 Read More »

Simplifying complexity for a secure hybrid multicloud environment

Simplifying complexity for a secure hybrid multicloud environment 02/06/2023 at 16:54 By Managing cybersecurity threats can seem overwhelming under the best of circumstances, and today’s threat landscape has never been more complex. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source

Simplifying complexity for a secure hybrid multicloud environment Read More »

New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America

New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America 02/06/2023 at 16:53 By Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. “Horabot enables the threat actor to control the victim’s Outlook mailbox, exfiltrate contacts’ email addresses, and send phishing emails with

New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America Read More »

The Importance of Managing Your Data Security Posture

The Importance of Managing Your Data Security Posture 02/06/2023 at 15:20 By Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do

The Importance of Managing Your Data Security Posture Read More »

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering 02/06/2023 at 13:18 By The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of “basic machine enumeration

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering Read More »

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks 02/06/2023 at 09:45 By U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors. The “sustained information gathering efforts” have been attributed to

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks Read More »

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited 02/06/2023 at 06:51 By A critical flaw in Progress Software’s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems. The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited Read More »

Scroll to Top