News
-
"FDA Protects Medical Devices Against Cyber-Threats With New Measures"The US Food and Drug Administration (FDA) staff has recently published new guidelines to strengthen the cybersecurity levels of internet-connected products used by hospitals and healthcare providers. According to the FDA, applicants seeking…
-
"Ukrainian Police Bust Multimillion-Dollar Phishing Gang"Ukrainian cyber police have recently disrupted a prolific phishing gang it claims made 160 million hryvnias ($4.3m) from victims across Europe. The Cyber Police of Ukraine claimed in a notice yesterday that over 30 locations were searched as part…
-
"The Foundation of a Holistic Identity Security Strategy"CyberArk reports that only 9 percent of organizations use an agile, holistic, and mature strategy to securing identities across their hybrid and multi-cloud environments. The data-driven model identifies 9 percent of organizations as having the most…
-
"Organizations Consider Self-Insurance to Manage Risk"As the market for cybersecurity insurance evolves, Lloyd's of London plans to exclude the majority of nation-state attacks from its coverage policies. In response to these changes, companies are reevaluating their cyber insurance plans. While Lloyd's…
-
"Winter Vivern Hackers Exploit Zimbra Flaw to Steal NATO Emails"Since February 2023, a Russian hacker group tracked as TA473, also known as Winter Vivern, has exploited vulnerabilities in unpatched Zimbra endpoints to steal the emails of NATO officials, governments, military personnel, and diplomats. Sentinel Labs…
-
"Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor"RedGolf, a Chinese state-sponsored threat group, has been linked to the use of KEYPLUG, a custom Windows and Linux backdoor. According to Recorded Future, RedGolf is a prolific Chinese state-sponsored threat actor group that has likely been targeting…
-
Pub Crawl #72Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.
-
"Over 70% of Employees Keep Work Passwords on Personal Devices"Security researchers at SlashNext have discovered that roughly four out of five employees (71%) store sensitive work passwords on their personal phones, and 66% use their personal texting apps for work. The researchers also found that 95% of…
-
"Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data"According to cybersecurity researchers at Wiz, a misconfiguration in Azure Active Directory (AAD) that exposed applications to unauthorized access could have led to a Bing[.]com takeover. Microsoft's AAD, a cloud-based identity and access…
-
"500k Impacted by Data Breach at Debt Buyer NCB"National accounts receivable management company and debt buyer NCB Management Services has recently started informing roughly 500,000 individuals that their personal information was compromised in a data breach. The company stated that an…
-
"Volume of HTTPS Phishing Sites Surges 56% Annually"Security experts at OpenText have warned that websites displaying a padlock in the browser should be treated with caution after revealing a sharp increase in phishing sites using HTTPS. During the study, researchers analyzed data collected from 95…
-
"SafeMoon 'Burn' Bug Abused to Drain $8.9 Million from Liquidity Pool"The SafeMoon token liquidity pool lost $8.9 million following a hacker's exploitation of a new 'burn' smart contract function that artificially raised the price, allowing the actor to sell SafeMoon at a significantly higher price. Liquidity pools in…