News
-
"Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection"The backdoor implanted on Cisco devices by exploiting a couple of zero-day vulnerabilities in the IOS XE software has been modified to evade detection through previous fingerprinting techniques.
-
"The Primary Pain Points for SoC Teams"According to Tines, growing workloads, shrinking budgets, and a worsening skills shortage are the main factors holding security professionals back from pursuing high-impact work.
-
"September Was a Record Month for Ransomware Attacks in 2023"Ransomware activity reached unprecedented levels in September, following a relative pause in August that was still well above summer norms. In September, ransomware groups launched 514 attacks, according to data from NCC Group.
-
"DC Board of Elections Says Full Voter Roll Compromised in Data Breach"The District of Columbia Board of Elections (DCBOE) recently announced that its full voter roll might have been accessed in a recent data breach at a third-party services provider.
-
"'Log in With...' Feature Allows Full Online Account Takeover for Millions"Vulnerabilities in the implementation of the Open Authorization (OAuth) standard across three major online services may have exposed users to credential theft, financial fraud, and other cybercriminal activities.
-
"Generative AI Can Save Phishers Two Days of Work"According to security researchers at IBM, generative AI tools can save phishing actors 16 hours of work designing a scam email but still can’t match a human.
-
"New Assistant Professor Aims to Make AI Safe and Secure"Muaho Chen, a new assistant professor in the Department of Computer Science at the University of California, Davis, will study jailbreaking attacks and other security problems associated with Large Language Models (LLMs) such as ChatGPT.
-
"NSA - Cybersecurity Speaker Series: D3FEND"The National Security Agency (NSA)'s Cybersecurity Collaboration Center (CCC) has posted the latest installment of its Cybersecurity Speaker Series, which focuses on the D3FEND cybersecurity framework.
-
"CISA Releases New Resource to Help Small and Medium-Sized Businesses Develop Supply Chain Resilience Plans"The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new resource guide titled "Empowering Small and Medium-Sized Businesses (SMB): A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan." It aims to help
-
"The SEC's Cybersecurity Rules"The US Securities and Exchange Commission (SEC) has recently adopted rules requiring public companies to disclose cybersecurity incidents within four business days.
-
"Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar"Quasar RAT, also known as CinaRAT or Yggdrasil, is an open-source Remote Access Trojan (RAT) that has been using DLL side-loading to avoid detection and stealthily steal data from compromised Windows hosts.
-
"US Energy Firm Shares How Akira Ransomware Hacked Its Systems"The US energy services company BHI Energy has detailed how the Akira ransomware operation breached its network and stole data.