Latest Cybersecurity News and Articles
30 August 2024
U.S. cybersecurity leaders are focusing on preparing for the potential risks posed by quantum cryptography tools that could threaten critical infrastructure and national security.
30 August 2024
The FBI investigation revealed that the suspect, Daniel Rhyne, had accessed the company's systems without authorization and changed passwords for various accounts. Rhyne's actions were intended to deny the company access to its systems and data.
30 August 2024
Third-party risk management is a critical issue in the wake of the CrowdStrike IT outage, revealing vulnerabilities within financial institutions related to supply chain resilience, especially in vital sectors like financial services.
30 August 2024
More than 150 people filed complaints to the Information Commissioner’s Office (ICO) regarding the delay in responding to subject access requests (SARs) after the cyberattack in October 2021.
30 August 2024
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism.
The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to
30 August 2024
Over the last few years, ransomware attacks have become a major concern for schools and colleges in the US, with an average of $500,000 being lost per day due to downtime from these attacks, according to Comparitech.
30 August 2024
Grove Group, a cybersecurity and cloud services company based in Cape Town, brings around 600 customers across 51 countries to Integrity360. This acquisition will also enhance Integrity360's security operations center (SOC) business.
30 August 2024
As International Women in Cyber Day draws closer, security professionals are reflecting on the progress made as well as the challenges women continue to face in the industry.
30 August 2024
The spear-phishing emails impersonate reputable companies like Periscope Holdings and R.S. Hughes, prompting victims to surrender their Microsoft credentials by clicking on a file attachment.
30 August 2024
Key aspects of the NIS2 Directive include a focus on proactive cybersecurity measures for entities within its scope, such as risk analysis, incident handling, and supply chain security.
30 August 2024
Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns.
Recorded Future's Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly
30 August 2024
The PoorTry Windows driver, originally used to disable EDR solutions, has now evolved into an EDR wiper, deleting crucial files to make system restoration harder. Sophos has confirmed actual EDR wiping attacks in the wild.
30 August 2024
California has passed a landmark bill that requires internet browsers and mobile operating systems to make it easier for consumers to opt out of sharing their private data with websites for targeted advertising.
30 August 2024
The Department of Information and Communications Technology (DICT) is focusing on enhancing cybersecurity in the Philippines through the National CyberSecurity Plan (NCSP) 2023-2028.
30 August 2024
Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool.
"The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to
30 August 2024
Cisco is strengthening its AI security by acquiring Robust Intelligence, a startup led by a former Harvard professor. This acquisition emphasizes the importance of AI security in modern IT infrastructure.
30 August 2024
The vulnerability, known as CVE-2024-7029, allows attackers to remotely execute commands on the compromised device. The targeted device is the AVM1203 surveillance camera from AVTECH.
30 August 2024
The latest variant employs obfuscated PowerShell commands to download and execute malicious payloads, utilizing Windows binaries like Mshta.exe and Dllhost.exe for stealth.
30 August 2024
The most dangerous vulnerability you’ve never heard of.
In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of
30 August 2024
APT33 used the new Tickler malware to infiltrate government and defense organizations in the US and the UAE. The group, known as Peach Sandstorm and Refined Kitten, is linked to the Iranian Revolutionary Guard Corps.