Uncategorized

5 Things CISOs Need to Know About Securing OT Environments 28/06/2023 at 14:05 By For too long the cybersecurity world focused exclusively on information technology (IT), leaving operational technology (OT) to fend for itself. Traditionally, few industrial enterprises had dedicated cybersecurity leaders. Any security decisions that arose fell to the plant and factory managers, who […]

React to this headline:

8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses 28/06/2023 at 14:05 By A ransomware threat called 8Base that has been operating under the radar for over a year has been attributed to a “massive spike in activity” in May and June 2023. “The group utilizes encryption paired with ‘name-and-shame’ techniques to compel their

React to this headline:

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution 28/06/2023 at 11:17 By Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems. “These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements,” SonarSource researcher Thomas

React to this headline:

Part 2: Preparing the Board of Directors for the SEC’s Upcoming Cybersecurity Compliance Regulations 27/06/2023 at 19:17 By In March 2022, the U.S. Securities and Exchange Commission (SEC) issued a proposed rule, the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, that, if adopted, would require companies to disclose their cybersecurity governance capabilities and the

React to this headline:

CISA releases cloud services guidance and resources 27/06/2023 at 19:01 By CISA has recently released the first series of final security guidance resources under the organization’s Secure Cloud Business Applications (SCuBA) project: This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Strawberry hotels deploys digital room keys in Apple Wallet 27/06/2023 at 18:49 By Strawberry hotels has become one of the first outside of North America to adopt digital room keys in Apple Wallet. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

New Mockingjay Process Injection Technique Could Let Malware Evade Detection 27/06/2023 at 18:02 By A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. “The injection is executed without space allocation, setting permissions or even starting a thread,” Security Joes researchers

React to this headline:

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain 27/06/2023 at 17:37 By Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to deliver an unknown payload to targeted systems. “The packages in question seem to be published in pairs, each pair working in unison

React to this headline:

New Mockingjay Process Injection Technique Could Let Malware Evade Detection 27/06/2023 at 17:37 By A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. “The injection is executed without space allocation, setting permissions or even starting a thread,” Security Joes researchers

React to this headline:

69% of healthcare workers worry about erratic behavior from patients 27/06/2023 at 17:03 By According to a survey, frontline workers in the U.S. are concerned for their safety with more than half planning to quit if safety isn’t prioritized. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React

React to this headline:

SNAPPY: Detecting Rogue and Fake 802.11 Wireless Access Points Through Fingerprinting Beacon Management Frames 27/06/2023 at 16:03 By I’ve found a novel technique to detect both rogue and fake 802.11 wireless access points through fingerprinting Beacon Management Frames, and created a tool to do so, called snap.py (Snappy) – the blog post title doesn’t lie!

React to this headline:

How to protect an enterprise’s intellectual property 27/06/2023 at 15:18 By Intellectual property has become a valuable asset for enterprise organizations worldwide. However, theft has also grown in frequency and sophistication. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure 27/06/2023 at 14:47 By Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure of €900 million in illicit criminal proceeds. The law enforcement agency said that a subsequent joint investigation initiated by French and Dutch

React to this headline:

Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation 27/06/2023 at 14:47 By As the business environment becomes increasingly connected, organizations’ attack surfaces continue to expand, making it challenging to map and secure both known and unknown assets. In particular, unknown assets present security challenges related to shadow IT, misconfigurations, ineffective scan coverage, among

React to this headline:

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland 27/06/2023 at 13:47 By A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, Austria, and Switzerland since the start of March 2023. “The actors behind Anatsa aim to steal credentials

React to this headline:

New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks 27/06/2023 at 09:03 By Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code. Tracked as CVE-2023-33299, the flaw is rated 9.6 out of 10 for severity on the

React to this headline:

Security leaders say cloud platform misconfiguration is biggest threat 26/06/2023 at 22:24 By A new survey highlights that security professionals view misconfiguration of cloud platforms or improper setup ranks as the most significant security threat. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

81% of organizations have implemented policies around generative AI 26/06/2023 at 21:03 By Despite security concerns about generative artificial intelligence, businesses are looking to implement the technology within their organizations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers 26/06/2023 at 20:34 By In what’s an ingenious side-channel attack, a group of academics has found that it’s possible to recover secret keys from a device by analyzing video footage of its power LED. “Cryptographic computations performed by the CPU change the power consumption of

React to this headline:

Preparing the Board of Directors for the SEC’s Upcoming Cybersecurity Compliance Regulations 26/06/2023 at 20:01 By In March 2022, the U.S. Securities and Exchange Commission (SEC) issued a proposed rule, the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, that, if adopted, would require companies to disclose their cybersecurity governance capabilities and the role of

React to this headline: