News
-
"NDAA Provision Looks to Close Cybersecurity Gaps in Nuclear Weapons Systems"A bipartisan proposal in the recently passed defense policy bill will form a working group to address previously identified cybersecurity gaps in the nation's nuclear weapons systems.
-
"CISA Issues Request For Information on Secure by Design Software Whitepaper"As part of its global Secure by Design campaign, the US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Request for Information (RFI) on the whitepaper titled "Shifting the Balance of Cybersecurity Risk: Principles and Approaches f
-
"ALPHV/BlackCat Dangles Threat to Critical Infrastructure After Allegedly 'Unseizing' Site From FBI"The ransomware gang ALPHV/BlackCat has announced that its network of affiliates can now target nuclear power plants, hospitals, and critical infrastructure. The move is a response to recent FBI enforcement activity.
-
"EMS Software Hack Exposes 2.7 Million People"A ransomware attack on ESO, a provider of Emergency Medical Services (EMS) software, involves the sensitive details of millions of people, including their healthcare data.
-
"Sophisticated JaskaGO Infostealer Targets macOS and Windows"AT&T Alien Labs researchers discovered JaskaGO, a previously undetected Go-based information stealer that targets Windows and macOS systems. JaskaGO supports a wide range of commands and maintains persistence in various ways.
-
"NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains"The National Security Agency (NSA) recently published its annual report detailing its efforts in cybersecurity and its work with government partners, foreign partners, and defense industrial base (DIB) entities to improve national security.
-
"Behind the Scenes of Matveev's Ransomware Empire: Tactics and Team"Cybersecurity researchers at PRODAFT have detailed the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national indicted earlier this year by the US government for his alleged role in executing thousands of attack
-
"Attackers Exploit 6-Year-Old Microsoft Office Bug to Spread Spyware"In an email campaign characterized by sophisticated evasion tactics, attackers are exploiting a 6-year-old Microsoft Office Remote Code Execution (RCE) flaw to deliver spyware.
-
"Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape"Mozilla recently announced security updates for Firefox and Thunderbird to address 20 vulnerabilities, including several memory safety issues.
-
"8220 Gang Exploits Old Oracle WebLogic Vulnerability to Deliver Infostealers, Cryptominers"According to the Imperva Threat Research team, the 8220 gang has been exploiting an old Oracle WebLogic Server vulnerability, tracked as CVE-2020-14883, to spread malware.
-
"German Police Takes Down Kingdom Market Cybercrime Marketplace"The Federal Criminal Police Office in Germany and the Internet crime-combating unit of Frankfurt have announced the shutdown of a dark web marketplace called Kingdom Market that distributed cybercrime tools, fake government IDs, and more.
-
"Cyber-Incident Costs Surge 11% as Budgets Remain Muted"According to security researchers at S-RM, the average direct cost of a serious cybersecurity incident increased by 11% year-on-year to reach $1.7m in 2023.