Latest Cybersecurity News and Articles
09 August 2024
The number of incidents affecting GitHub, Bitbucket, GitLab, and Jira is on the rise, leading to outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and data loss for DevSecOps teams, according to GitProtect.io.
09 August 2024
The exploitation of old common vulnerabilities and exposures (CVEs) rose by 10% from 2023 to 2024.
09 August 2024
According to a report by Rapid7, a total of 21 new or rebranded groups have emerged since January 2024, alongside existing groups like LockBit, which has survived law enforcement crackdowns.
09 August 2024
Consumer Reports cautioned against relying too heavily on data removal services, as many fall short of expectations despite high costs. The study highlighted the need for better protection of consumer data and stricter regulations on data brokers.
09 August 2024
The attack begins with a phishing email that directs recipients to what appears to be an Amazon account verification link. However, this link is a deceptive graphic hosted on Google Drawings, a component of the Google Workspace suite.
09 August 2024
The sports and entertainment industries face unique cybersecurity challenges due to the rapid technological advancements being implemented. Cyber-physical systems like augmented reality and smart sensors increase security concerns.
09 August 2024
A ransomware drill focused on healthcare called Operation 911 was conducted at Black Hat USA 2024 by Las Vegas law enforcement, the FBI, and Semperis. During the drill, a simulated ransomware attack targeted a fictitious hospital.
09 August 2024
Kursk region in Russia was hit by a large-scale DDoS attack during Ukraine's cross-border incursion, affecting government, business websites, and critical services. NetBlocks reported disruptions in internet connectivity linked to the attacks.
09 August 2024
RustScan is a fast and versatile open-source port scanner with Adaptive Learning for optimal performance. It can scan all 65,000 ports in 3 seconds and supports a scripting engine for customization.
09 August 2024
Ireland's Data Protection Commission (DPC) has taken Twitter to court over concerns regarding the use of AI user data. The DPC is specifically worried about the personal data of millions of European users being used to train AI systems for Grok.
09 August 2024
A Forescont study showed that outdated software components in OT/IoT cellular routers and SOHO routers are linked to known vulnerabilities, with an average of 20 exploitable n-days affecting the kernel in widely used firmware images.
09 August 2024
The $27 million in costs included insurance recoveries, investigation and remediation costs, customer notifications, legal fees, and settlement costs for a class-action lawsuit.
09 August 2024
The vulnerabilities were promptly patched by AWS after being reported by Aqua Security researchers. These flaws in services like CloudFormation, CodeStar, and Service Catalog could potentially lead to a full account takeover if exploited.
09 August 2024
CISA has released a guide to enhance how organizations evaluate software manufacturers' security practices, emphasizing product security over enterprise security measures for defending against cyber threats.
09 August 2024
The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a "laptop farm" to help get North Koreans remote jobs with American and British companies.
Matthew Isaac Knoot is charged with conspiracy to cause damage to protected computers, conspiracy to launder monetary instruments, conspiracy to commit wire fraud, intentional
09 August 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive data.
The agency said it has seen adversaries "acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature."
It also
08 August 2024
The Grand Palais exhibition hall in Paris experienced a ransomware attack, and security leaders are sharing their insights.
08 August 2024
The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes.
Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers.
Kimsuky, also known by the names APT43, ARCHIPELAGO,
08 August 2024
On behalf of the FTC, the Department of Justice sued video-sharing platform TikTok with violating the Children’s Online Privacy Protection Act.
08 August 2024
Threat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8.