Uncategorized

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks 01/06/2023 at 20:06 By An analysis of the “evasive and tenacious” malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What’s more, 50% of the servers don’t remain active for more than a week, […]

React to this headline:

Maria Milosavljevic named next CISO at ANZ 01/06/2023 at 19:16 By ANZ announced Maria Milosavljevic has been appointed CISO, replacing Lynwen Connick, who will retire in October after six years as ANZ’s CISO. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Unmasking XE Group: Experts Reveal Identity of Suspected Cybercrime Kingpin 01/06/2023 at 19:03 By Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group. According to Menlo Security, which pieced together the information from different online sources, “Nguyen Huu Tai, who also

React to this headline:

New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware 01/06/2023 at 19:03 By A previously unknown advanced persistent threat (APT) is targeting iOS devices as part of a sophisticated and long-running mobile campaign dubbed Operation Triangulation that began in 2019. “The targets are infected using zero-click exploits via the iMessage platform, and the malware runs with

React to this headline:

FTC: Ring failed to stop hackers from accessing users’ cameras 01/06/2023 at 18:18 By Under the proposed FTC order, Ring is prohibited from profiting from unlawfully accessing consumers videos and must pay $5.8 million in consumer refunds. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this

React to this headline:

7,500 fraudulent pharmaceutical listings were taken down in 2022 01/06/2023 at 17:32 By Pharmaceutical fraud targeting patients and organizations was targeted in a recent report by BrandShield and the Pharmaceutical Security Institute.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

How organizations can protect against phishing campaigns 01/06/2023 at 16:14 By With cybersecurity threats on the rise, there are two crucial steps an organization can take to avoid falling victim to a credential phishing attack. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Malicious PyPI Packages Using Compiled Python Code to Bypass Detection 01/06/2023 at 15:43 By Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools. “It may be the first supply chain attack to take advantage of the fact that Python

React to this headline:

How Wazuh Improves IT Hygiene for Cyber Security Resilience 01/06/2023 at 15:43 By IT hygiene is a security best practice that ensures that digital assets in an organization’s environment are secure and running properly. Good IT hygiene includes vulnerability management, security configuration assessments, maintaining asset and system inventories, and comprehensive visibility into the activities occurring in

React to this headline:

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics 01/06/2023 at 12:49 By The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a “number of

React to this headline:

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT 01/06/2023 at 11:16 By Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that’s employed by the North Korean state-sponsored actor known as ScarCruft. “RokRAT is a sophisticated remote access trojan (RAT) that has been observed as a critical component within the

React to this headline:

Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites 01/06/2023 at 07:51 By WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin

React to this headline:

Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks 01/06/2023 at 07:51 By The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-28771 (CVSS score: 9.8), the issue relates to a command injection flaw impacting different

React to this headline:

Managing third-party risks in the supply chain 01/06/2023 at 07:20 By Security executives who combine security culture, compliance and risk assessments can reduce the impact of security threats to enterprise supply chains. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Non-human identities: Secure them now, not later 01/06/2023 at 07:20 By Now is the time to secure non-human identities — access tokens, integrations and authentication tools — to prevent future cyberattacks. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

FTC orders Edmodo to stop using minor education data for advertising 31/05/2023 at 22:41 By Education technology provider Edmodo received an order from the FTC for collecting children’s personal data without proper parental consent. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

52% of consumers confident in detecting deepfake videos 31/05/2023 at 21:32 By  According to a recent artificial intelligence (AI) and technology report, consumers appear to overestimate their ability to spot deepfakes. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Federal Transit Administration proposes changes to safety plan 31/05/2023 at 20:34 By The FTA has proposed updates to the National Public Safety Plan to create a blueprint for transit agencies to adopt stronger safety measures. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

AMA: Campus Safety Leader Edition — Todd Jones 31/05/2023 at 20:03 By In this AMA episode from Security magazine, Todd Jones, Director of Campus Safety at the Minneapolis College of Art and Design, talks campus security. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining 31/05/2023 at 19:53 By A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet Storm Center (ISC), which detected a spike in HTTP requests for “/nifi” on

React to this headline: