Latest Cybersecurity News and Articles
22 March 2023
The threat group tracked as REF2924 has been observed deploying previously unseen malware in its attacks aimed at entities in South and Southeast Asia.
The malware, dubbed NAPLISTENER by Elastic Security Labs, is an HTTP listener programmed in C# and is designed to evade "network-based forms of detection."
REF2924 is the moniker assigned to an activity cluster linked to attacks against an entity
22 March 2023
In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023, that the hacking forum has been officially taken down but emphasized that "it's not the end."
"You are allowed to hate me, and disagree with my decision but I promise what is to come will be better for us all," Baphomet noted in a message posted on the BreachForums Telegram
21 March 2023
EXECUTIVE SUMMARY: The dawn of a new digital era? Since its launch in November of 2022, the scary-smart AI chatbot known as ChatGPT has produced widespread excitement about the transformative power of generative artificial intelligence technology. For some, using the technology feels like magic, as human-like responses that seem plausible, actionable and individually customized appear […]
The post How to invest in ChatGPT (and should you?) appeared first on CyberTalk.
21 March 2023
Rules have been proposed for the CHIPS Incentives Program by the Department of Commerce to ensure funded technology is not used for malign purposes.
21 March 2023
Data collected by the HP Threat Research team shows that from Q2 2022, attackers have been diversifying their techniques to find new ways to breach devices and steal data using QR code scam campaigns.
21 March 2023
By Benny Zemmour, Group Manager Cloud Security, Check Point. Why modern development demands agentless workload protection In the age of fast-paced software development cycles and complex applications, security must be automated. As such, agentless security solutions have become a de facto standard for many modern organizations wishing to ensure that security is integrated into cloud […]
The post Improving security velocity with agentless workloads appeared first on CyberTalk.
21 March 2023
About 25% of respondents to a CyberRisk Alliance (CRA) survey who partially or fully implemented zero trust say they’ve had a hard time getting full buy-in from other departments when it comes to scaling these ideas across the enterprise.
21 March 2023
Organizations that use human-machine interface (HMI) and supervisory control and data acquisition (SCADA) products from UK-based industrial software maker Aveva have been informed about the existence of several potentially serious vulnerabilities.
21 March 2023
A company’s finance department holds the company’s crown jewels: They ensure financial transactions and systems are secure. The finance department is a key component of a company’s overall security.
21 March 2023
Amid the ongoing war between Russia and Ukraine, government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea have been attacked as part of an active campaign that drops a previously unseen, modular framework dubbed CommonMagic.
"Although the initial vector of compromise is unclear, the details of the next stage imply the use of spear phishing or similar
21 March 2023
The Maryland-based cybersecurity company said the seed-stage financing was provided by Ballistic Ventures and Ten Eleven Ventures, two firms active in funding cybersecurity companies.
21 March 2023
ASEC said it identified three different ShellBot versions – LiGhT's Modded perlbot v2, DDoS PBot v2.0, and PowerBots (C) GohacK – the first two of which offer a variety of DDoS attack commands using HTTP, TCP, and UDP protocols.
21 March 2023
Baffin Bay Networks, based in Sweden, adds to Mastercard’s multi-layered approach to cybersecurity and helps to stop attacks, while mitigating exposure to risk across the ecosystem.
21 March 2023
In October 2022, Kaspersky researchers identified an active infection of government, agriculture, and transportation organizations located in the Donetsk, Lugansk, and Crimea regions.
21 March 2023
Details of Medicare beneficiaries that were exposed during the incident included names, addresses, dates of birth, phone numbers, social security numbers, and Medicare Beneficiary Identifiers.
21 March 2023
The incident is among Clop's ongoing attacks against vulnerable GoAnywhere MFT servers belonging to established enterprises. Although the company states no real customer data is impacted, it did not address if corporate or employee data was stolen.
21 March 2023
The healthcare sector continues to face a significant increase in cybersecurity threats putting patients’ lives and personal data at risk.
21 March 2023
One issue that has been frequently raised in private sector responses to the RFI is the importance of regulatory harmonization of cyber incident reporting timelines issued at different levels of government and by international organizations.
21 March 2023
The discovered packages – which were downloaded 150K times over the past month (before they were removed from the NuGet repository) – contained a “download & execute” type of payload.
21 March 2023
Because security has been prioritized over UX for so long, it was very often added without properly accounting for the impact of security measures on UX. You can’t fix what you can’t measure, see and experience.