Uncategorized

Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway 15/06/2023 at 18:47 By A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway (ESG) appliances since October 2022. “UNC4841 is an espionage actor behind this wide-ranging campaign in support […]

React to this headline:

CISA releases information on LockBit ransomware 15/06/2023 at 18:28 By CISA and global agencies released an advisory on LockBit detailing how it operates, the history of its development and common attack techniques. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Public sector application flaws increased in last 12 months 15/06/2023 at 17:32 By According to research by Veracode, public sector applications tend to have more flaws and vulnerabilities than private sector applications.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

A Cybersecurity (Installation) Odyssey in the South Pacific 15/06/2023 at 17:02 By I belong to the Cyber Architecture Integration (CAI) for Trustwave Consulting and Professional Service, Pacific, team and while we dabble in several cybersecurity areas, our primary task is to focus on deploying, configuring, and tuning various cybersecurity tools. This article is an excerpt

React to this headline:

Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities 15/06/2023 at 17:01 By The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi. “Vidar threat actors continue to rotate their backend IP infrastructure,

React to this headline:

Brute-forcing ButterflyMX Virtual Keys and Hacking Time Limits 15/06/2023 at 16:18 By Recently, I discovered two vulnerabilities in the ButterflyMX system which were responsibly disclosed to the vendor. The vendor has mitigated the highest-risk vulnerability, which enabled unauthorized attackers to gain access to buildings equipped with the ButterflyMX Access Control System. This article is an

React to this headline:

Securing healthcare data in the era of AI 15/06/2023 at 16:18 By As the healthcare industry embraces the transformative power of AI, it is crucial for healthcare security leaders to understand the associated data security risks. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

AI’s evolving role in strengthening enterprise cybersecurity efforts 15/06/2023 at 16:18 By AI is a crucial component of modern cybersecurity measures, as it increases process efficiency, reduces operational costs and resolves issues related to scaling. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files 15/06/2023 at 16:18 By An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. “Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and

React to this headline:

New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries 15/06/2023 at 15:15 By In what’s a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. “Malicious

React to this headline:

New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT 15/06/2023 at 15:15 By The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations’ sensitive data. But what do we really know about this risk? A new research by Browser Security company LayerX sheds light on the scope and

React to this headline:

Josh Lemos appointed as GitLab Chief Information Security Officer 15/06/2023 at 15:04 By GitLab Inc., has recently announced the appointment of Josh Lemos as Chief Information Security Officer (CISO). This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations 15/06/2023 at 14:31 By The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments. Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec said in

React to this headline:

Microsoft Warns of New Russian State-Sponsored Hacker Group with Destructive Intent 15/06/2023 at 12:16 By Microsoft on Wednesday took the lid off a “novel and distinct Russian threat actor,” which it said is linked to the General Staff Main Intelligence Directorate (GRU) and has a “relatively low success rate.” The tech giant’s Threat Intelligence team,

React to this headline:

LockBit Ransomware Extorts $91 Million from U.S. Companies 15/06/2023 at 08:33 By The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S. organizations since 2020. That’s according to a joint bulletin published by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), the Multi-State Information

React to this headline:

42% of IT professionals aren’t fully prepared for AI 14/06/2023 at 23:07 By According to a survey, 42% if IT leaders believe existing IT infrastructure is not fully prepared for the demands of AI, despite widespread adoption. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this

React to this headline:

42% if IT professionals aren’t fully prepared for AI 14/06/2023 at 21:33 By According to a survey, 42% if IT leaders believe existing IT infrastructure is not fully prepared for the demands of AI, despite widespread adoption. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this

React to this headline:

Managing MDM threats to protect an organization 14/06/2023 at 20:12 By This episode of The Security Podcasts focuses on MDM threats and features AJ Nash, VP and Distinguished Fellow of Intelligence at ZeroFox.   This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Lack of trust reported as top security challenge 14/06/2023 at 20:12 By Security leader’s trust in an organization and their employees’ ability to prevent a cyberattack was analyzed in a recent report by Kroll.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems 14/06/2023 at 20:12 By The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867 (CVSS score: 3.9), “enabled the execution of privileged commands across

React to this headline: