-
"Study: Interactive Security Prompts Help Promote More Secure Behavior Online"Fear appeals, or persuasive security messages, alert users of security vulnerabilities and motivate behavior change. They can appear in the form of online password prompts, such as password strength meters and password improvement suggestions, which…
-
"NSA, CISA, and MS-ISAC Release Guidance for Securing Remote Monitoring and Management Software"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the "Protecting Against Malicious Use…
-
"Memory-Safe Programming Languages Are on the Rise. Here's How Developers Should Respond"According to a study by Consumer Reports, developers in the private and public sectors should commit to using memory-safe languages for new products and tools. They are also urged to identify the most critical libraries and packages to move to memory-…
-
"German Government, Airports, Banks Hit With Killnet DDoS Attacks"After Berlin agreed to send its advanced Leopard 2 tanks to Ukraine, Russia-backed threat group Killnet retaliated with DDoS attacks aimed at Germany's government, banking, and airport sites. Germany's BSI federal agency, which oversees information…
-
"NIST Risk Management Framework Aims to Improve Trustworthiness of Artificial Intelligence"The US National Institute of Standards and Technology (NIST) has released its Artificial Intelligence Risk Management Framework (AI RMF 1.0). This guidance document aims to help organizations designing, developing, deploying, or using AI systems, manage…
-
"Mitigations Developed for Potential Lateral Movement on Azure AD Kerberos"
Researchers discovered that threat actors could exploit a new Microsoft cloud authentication protocol to steal or fake cloud tickets as well as conduct lateral movement in cloud-based Azure AD Kerberos. According to researchers at Silverfort, the new…
-
"Cybercriminals Use Microsoft OneNote Attachments to Spread Malware"Cybercriminals are using OneNote attachments in phishing emails to infect victims with remote access malware, allowing them to steal passwords and cryptocurrency wallets. Since attackers have been spreading malware via infected Word and Excel attachments…
-
"A Network of Knockoff Apparel Stores Exposed 330,000 Customer Credit Cards"
A database storing hundreds of thousands of unencrypted credit card numbers and cardholder information was found exposed on the Internet. The database had around 330,000 credit card numbers, cardholder names, and complete billing addresses when it was…
-
"Recent Rise in SEO Poisoning Attacks Compromise Brand Reputations"In recent weeks, SentinelOne has observed an increase in malicious search engine advertisements. SentinelOne researchers note that attackers using Search Engine Optimization (SEO) poisoning are typically more successful when they SEO poison the results…
-
"Ransomware Groups Rebrand and Claim More Victims"
According to a new report from the GuidePoint Research and Intelligence Team (GRIT), ransomware activity increased from Q3 2022 to Q4 2022, with rebranded ransomware gangs significantly increasing the number of publicly claimed victims. No quarter of…
-
"Ticketmaster Claims Bot Attack Disrupted Taylor Swift Tour Sales"Ticketmaster has recently claimed they were hit by a cyberattack in November 2022 that led to extensive issues with ticket sales for Taylor Swift's US tour. The company noted that they were hit with three times the amount of bot traffic than they…
-
"Dutch Hacker Steals Data From Virtually Entire Population of Austria"A Dutch hacker allegedly stole data on 9 million Austrian citizens via a misconfigured cloud database, thus leading to their recent arrest. The attack was first detected in May 2020 and involved the Fees Info Service (GIS), which is responsible for…
News