Uncategorized

Trustwave Action Response: Zero Day Exploitation of MOVEit (CVE-2023-34362) 02/06/2023 at 23:42 By On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. The vulnerability being exploited is an SQL injection and has since been patched. Resources links, including one for […]

React to this headline:

OSHA cites retail chain for exposing employees to electrical hazards 02/06/2023 at 22:53 By Following several investigations, the Occupational Health and Safety Administration (OSHA) has cited Dollar General for workplace safety violations. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Health tracking app charged by FTC for sharing sensitive information 02/06/2023 at 22:03 By Fertility app Premom was charged by the FTC for sharing users’ sensitive information with third parties, and sharing sensitive health data to Google. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this

React to this headline:

90% of CISOs say certifications improved security confidence 02/06/2023 at 21:34 By According to a report focusing on Chief Information Security Officer (CISO) perspectives, 50% identified cloud security as their top concern.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Hear From AEG and Trustwave at Gartner Security & Risk Management 2023 02/06/2023 at 20:46 By If you’re heading to Gartner Security & Risk Management 2023 in National Harbor, MD, June 5-7, get ready for a compelling session from Anschutz Entertainment Group (AEG) and Trustwave. This article is an excerpt from Trustwave Blog View Original

React to this headline:

CISA seeks input from public safety agencies, organizations 02/06/2023 at 20:07 By Public safety organizations are asked to complete the SAFECOM Nationwide Survey to help assess emergency communications capabilities and needs. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Report: Advanced phishing attacks grew 356% in 2022 02/06/2023 at 18:01 By A new report analyzed the most prevalent cyberattack trends and identified an 87% increase in the total number of attacks over the course of last year. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to

React to this headline:

What CISOs need to know to mitigate quantum computing risks 02/06/2023 at 16:54 By Although quantum computing can lead to positive and transformative solutions, the development also poses a significant threat to cybersecurity. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Four testing priorities for stronger API security 02/06/2023 at 16:54 By For a modern digital enterprise, the ubiquity, vulnerability and obscurity of APIs creates a perfect storm when it comes to application security. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Simplifying complexity for a secure hybrid multicloud environment 02/06/2023 at 16:54 By Managing cybersecurity threats can seem overwhelming under the best of circumstances, and today’s threat landscape has never been more complex. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America 02/06/2023 at 16:53 By Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. “Horabot enables the threat actor to control the victim’s Outlook mailbox, exfiltrate contacts’ email addresses, and send phishing emails with

React to this headline:

The Importance of Managing Your Data Security Posture 02/06/2023 at 15:20 By Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do

React to this headline:

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering 02/06/2023 at 13:18 By The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that’s designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of “basic machine enumeration

React to this headline:

North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks 02/06/2023 at 09:45 By U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics to strike think tanks, academia, and news media sectors. The “sustained information gathering efforts” have been attributed to

React to this headline:

MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited 02/06/2023 at 06:51 By A critical flaw in Progress Software’s in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to take over vulnerable systems. The shortcoming, which is yet to be assigned a CVE identifier, relates to a severe SQL

React to this headline:

White House makes summer storm plans 01/06/2023 at 22:26 By The President discussed ongoing national efforts to prepare for extreme weather events and plans to improve storm response and resilience.  This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Maryland TSA rolls out mobile ID security checks for android users 01/06/2023 at 21:02 By The Transportation Security Administration in Maryland will now accept Maryland mobile-driver’s licenses from Google Wallet at security checkpoints. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline:

Simulate a Crisis, Avoid a Catastrophe 01/06/2023 at 20:50 By Sports teams and the armed forces understand that ensuring everyone knows their role and has practiced it until they can do the job in the dark with their eyes closed is the only way to guarantee the proper reaction when it’s time to go to

React to this headline:

Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks 01/06/2023 at 20:06 By An analysis of the “evasive and tenacious” malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active for a single day. What’s more, 50% of the servers don’t remain active for more than a week,

React to this headline:

Maria Milosavljevic named next CISO at ANZ 01/06/2023 at 19:16 By ANZ announced Maria Milosavljevic has been appointed CISO, replacing Lynwen Connick, who will retire in October after six years as ANZ’s CISO. This article is an excerpt from Subscribe to Security Magazine’s RSS Feed View Original Source React to this headline:

React to this headline: