Uncategorized

The Importance of Managing Your Data Security Posture

The Importance of Managing Your Data Security Posture 02/06/2023 at 15:20 By Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do […]

React to this headline:

Loading spinner

The Importance of Managing Your Data Security Posture Read More »

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering 02/06/2023 at 13:18 By The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of “basic machine enumeration

React to this headline:

Loading spinner

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering Read More »

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks 02/06/2023 at 09:45 By U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors. The “sustained information gathering efforts” have been attributed to

React to this headline:

Loading spinner

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks Read More »

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited 02/06/2023 at 06:51 By A critical flaw in Progress Software’s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems. The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL

React to this headline:

Loading spinner

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited Read More »

Maryland TSA rolls out mobile ID security checks for android users

Maryland TSA rolls out mobile ID security checks for android users 01/06/2023 at 21:02 By The Transportation Security Administration in Maryland will now accept Maryland mobile-driver’s licenses from Google Wallet at security checkpoints. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Maryland TSA rolls out mobile ID security checks for android users Read More »

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks 01/06/2023 at 20:06 By An analysis of the “evasive and tenacious” malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What’s more, 50% of the servers don’t remain active for more than a week,

React to this headline:

Loading spinner

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks Read More »

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin 01/06/2023 at 19:03 By Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, “Nguyen Huu Tai, who also

React to this headline:

Loading spinner

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin Read More »

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware 01/06/2023 at 19:03 By A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. “The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with

React to this headline:

Loading spinner

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware Read More »

FTC: Ring failed to stop hackers from accessing users’ cameras

FTC: Ring failed to stop hackers from accessing users’ cameras 01/06/2023 at 18:18 By Under the proposed FTC order, Ring is prohibited from profiting from unlawfully accessing consumers videos and must pay $5.8 million in consumer refunds. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this

React to this headline:

Loading spinner

FTC: Ring failed to stop hackers from accessing users’ cameras Read More »

7,500 fraudulent pharmaceutical listings were taken down in 2022

7,500 fraudulent pharmaceutical listings were taken down in 2022 01/06/2023 at 17:32 By Pharmaceutical fraud targeting patients and organizations was targeted in a recent report by BrandShield and the Pharmaceutical Security Institute.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

7,500 fraudulent pharmaceutical listings were taken down in 2022 Read More »

How organizations can protect against phishing campaigns

How organizations can protect against phishing campaigns 01/06/2023 at 16:14 By With cybersecurity threats on the rise, there are two crucial steps an organization can take to avoid falling victim to a credential phishing attack. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

How organizations can protect against phishing campaigns Read More »

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection 01/06/2023 at 15:43 By Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools. “It may be the first supply chain attack to take advantage of the fact that Python

React to this headline:

Loading spinner

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection Read More »

How Wazuh Improves IT Hygiene for Cyber Security Resilience

How Wazuh Improves IT Hygiene for Cyber Security Resilience 01/06/2023 at 15:43 By IT hygiene is a security best practice that ensures that digital assets in an organization’s environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in

React to this headline:

Loading spinner

How Wazuh Improves IT Hygiene for Cyber Security Resilience Read More »

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics 01/06/2023 at 12:49 By The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a “number of

React to this headline:

Loading spinner

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics Read More »

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT 01/06/2023 at 11:16 By Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that’s employed by the North Korean state-sponsored actor known as ScarCruft. “RokRAT is a sophisticated remote access trojan (RAT) that has been observed as a critical component within the

React to this headline:

Loading spinner

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT Read More »

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites 01/06/2023 at 07:51 By WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin

React to this headline:

Loading spinner

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites Read More »

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks 01/06/2023 at 07:51 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting different

React to this headline:

Loading spinner

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks Read More »

Scroll to Top