News
-
"Research Shows Mobile Phone Users Do Not Understand What Data They Might Be Sharing"New research from the School of Management at the University of Bath reveals that privacy and security features designed to give consumers greater control over the sharing of their data by smartphone apps are widely misunderstood. For example, 43 percent…
-
"Microsoft Authenticator Mandates Number Matching to Counter MFA Fatigue Attacks"In order to make multi-factor authentication (MFA) less susceptible to social engineering attacks, Microsoft Authenticator will now require number matching for all push notifications. The use of MFA fatigue attacks by cybercriminals has proven effective…
-
"Data Breaches and Exfiltrated Data From Fortune 1000 Companies Rise by 7%"According to a new report from the cybercrime analytics company SpyCloud, the amount of data breaches and exfiltrated data from Fortune 1000 companies on the dark web has increased by 7 percent year-over-year. As a result, organizations are at more risk…
-
"Business Leaders Don't Understand Cybersecurity"Delinea's new survey of over 2,000 Information Technology (IT) security decision-makers reveals that only 39 percent of respondents believe their company's leadership has a solid grasp of cybersecurity's role as a business enabler. In addition, more than…
-
"Adobe Patches 14 Vulnerabilities in Substance 3D Painter"Adobe recently announced security updates for its Substance 3D Painter product to address more than a dozen vulnerabilities. This is the only product for which the software giant released updates this Patch Tuesday. Adobe stated that the 3D…
-
"CISA, FBI Need Data from Cybercrime Victims to Support Policy"Federal entities at the forefront of policing cybercrime and ransomware in the US urge organizations to continue reporting cyber incidents to help fill data gaps. Recent executive actions call for a stricter approach to penalizing ransomware incidents.…
-
"$1.1M Paid to Resolve Ransomware Attack on California County"Southern California News Group reported that a $1.1 million payment was made to resolve a ransomware attack on a California county’s law enforcement computer network. The San Bernardino County Sheriff’s Department announced in April that a “network…
-
"Kremlin-Linked 'Snake' Espionage Malware Eliminated, Justice Department Says"US and international law enforcement agencies have announced the successful dismantling of a malware implant used by a Kremlin-sponsored hacking group. The US Justice Department (DOJ) obtained court authorization that permitted US law enforcement to wipe…
-
"AndoryuBot DDoS Botnet Exploiting Ruckus AP Vulnerability"Owners of Ruckus access points (APs) have been warned by Fortinet that a DDoS botnet named AndoryuBot has been exploiting a recently patched vulnerability to hack devices. The vulnerability in question is tracked as CVE-2023-25717, and it was…
-
"Royal Ransomware Gang Quickly Expands Reign"The Royal ransomware group has become more active this year, targeting critical infrastructure organizations with various tools. Based on the group's leak site, Palo Alto Networks' Unit 42 reports that it has affected 157 organizations since its…
-
"85K+ MS Exchange Servers Remain Vulnerable to Severe RCE Bugs"According to researchers at Cybernews, months after Microsoft urged organizations to update their software to address Exchange server vulnerabilities, over 85,000 servers remain vulnerable to attack. Russia-linked malicious actors have exploited similar…
-
"Microsoft: Iranian APTs Exploiting Recent PaperCut Vulnerability"Microsoft recently warned that more threat actors have started targeting a recently patched vulnerability in PaperCut MF/NG print management solutions, including Iranian state-sponsored groups. The critical flaw tracked as CVE-2023-27350 (CVSS…