News
-
"BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws"The Internet Systems Consortium (ISC) recently announced patches for multiple high-severity denial-of-service (DoS) vulnerabilities in the DNS software suite BIND. The addressed issues could be exploited remotely to cause named (the BIND daemon…
-
"Large East Asian Companies Attacked With SparkRAT Open-Source Tool"According to SentinelLabs researchers, large companies in East Asia are being attacked with an open-source tool called SparkRAT. They have been observing a hacker group known as "DragonSpark" since October 2022 because of its repeated attacks on large…
-
"New Cyberattacks Are Being Launched Every Minute"Between September and November 2022, BlackBerry's Artificial Intelligence (AI)-driven preventative technology blocked over 1.76 million malware-based attacks. The attacks made up 62 per hour or more than one per minute. Several industries were targeted,…
-
"Bitwarden Password Vaults Become Focus of Phishing Attacks Using Google Advertisements"Google Ads phishing campaigns are now targeting Bitwarden and other password managers in order to steal users' password vault credentials. Bitwarden users began to notice a Google advertisement for "Bitward - Password Manager" in search results for "…
-
"BlackCat Ransomware Gang Stole Secret Military Data From an Industrial Explosives Manufacturer"SOLAR INDUSTRIES INDIA has been added to the list of victims published by the BlackCat ransomware gang on its Tor leak site. The company is a globally recognized industrial explosives manufacturer that provides blasting solutions, including packaged,…
-
"New Mimic Ransomware Abuses 'Everything' Windows Search Tool"Security researchers have discovered Mimic, a new ransomware strain that searches for files that are valid for encryption using the Application Programming Interfaces (APIs) of Windows' 'Everything' file search tool. The malware, discovered in June 2022…
-
"Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices"Researchers discovered a PlugX sample that uses methods to infect attached removable USB media devices in order to spread the malware to other systems. According to Palo Alto Networks Unit 42 researchers, this PlugX variation is wormable and infects USB…
-
"Study: Interactive Security Prompts Help Promote More Secure Behavior Online"Fear appeals, or persuasive security messages, alert users of security vulnerabilities and motivate behavior change. They can appear in the form of online password prompts, such as password strength meters and password improvement suggestions, which…
-
"NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the "Protecting Against Malicious Use…
-
"Memory-Safe Programming Languages Are on the Rise. Here's How Developers Should Respond"According to a study by Consumer Reports, developers in the private and public sectors should commit to using memory-safe languages for new products and tools. They are also urged to identify the most critical libraries and packages to move to memory-…
-
"German Government, Airports, Banks Hit With Killnet DDoS Attacks"After Berlin agreed to send its advanced Leopard 2 tanks to Ukraine, Russia-backed threat group Killnet retaliated with DDoS attacks aimed at Germany's government, banking, and airport sites. Germany's BSI federal agency, which oversees information…
-
"NIST Risk Management Framework Aims to Improve Trustworthiness of Artificial Intelligence"The US National Institute of Standards and Technology (NIST) has released its Artificial Intelligence Risk Management Framework (AI RMF 1.0). This guidance document aims to help organizations designing, developing, deploying, or using AI systems, manage…