"The 10th Edition of the Dallas Cybersecurity Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."
"The Inaugural Baltimore Cybersecurity Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."
"It’s back! Cyber Florida is pleased to announce the return of our popular annual conference, now called the Sunshine Cyber Conference! Save the date for 27-28 March 2024 at the newly renovated Tampa Convention Center! Designed to be educational and affordable, Sunshine Cyber Conference offers valuable content for cybersecurity/IT practitioners, CISOs and CIOs, non-technical managers and c-suite leaders, and educaters, researchers, and students."
"Cybersecurity is evolving into cyber risk management. It is, therefore, crucial that CISOs, the C-suite, the board, and the markets are able to shift up and communicate with each other in a common language. Companies today face an almost total dependence on technology, economic pressures to cut spending, and new cybersecurity-focused regulations. The need for executive decision-makers to evolve how they approach the issue of cyber risk has never been more acute.
"In today's dynamic world, ZERO Trust & Generative AI stands at the forefront of technological innovation, and it is essential to recognize the significance of these transformative technologies. ZERO Trust, with its paradigm shift in security protocols, ensures that trust is never assumed and always verified. On the other hand, Generative AI empowers us to create and innovate in ways previously unimaginable. Together, they represent a powerful force that aligns with the evolving needs of businesses and individuals in an increasingly digital world."
An ad fraud campaign uses thousands of hijacked legitimate domains and subdomains to send millions of spam emails, generating revenue for the threat actors. The "SubdoMailing" campaign distributes malicious ads to get fraudulent clicks for "Ad network" clients. The campaign, active since September 2022, involves hijacking no longer registered or abandoned domains and subdomains belonging to legitimate brands to send spam from attacker-controlled infrastructure. This article continues to discuss findings regarding the massive ad fraud campaign.
Microsoft warns that Russian hackers who launched several high-profile attacks on the US government are now exploiting information stolen from the company's systems in November. According to Microsoft's Security Team, there is evidence that a cyber espionage group tied to Russia's Foreign Intelligence Service (SVR) has been using information pulled from the company's corporate email environment. The hackers are using the information from the incident to gain or attempt to gain unauthorized access to some of the company's source code repositories and internal systems.
The National Cyber Security Centre (NCSC) of Switzerland has recently released a report on its analysis of a data breach following a ransomware attack on Xplain, disclosing that the incident impacted thousands of sensitive Federal government files. Xplain is a Swiss technology and software solutions provider for various government departments, administrative units, and even the country's military force. The Play ransomware gang breached the company on May 23, 2023. During the investigation, the NSCS confirmed that 65,000 government documents were leaked during the breach.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a JetBrains vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, noting evidence of active exploitation. The JetBrains flaw is a critical authentication bypass problem in the TeamCity On-Premises software that enables unauthenticated attackers to completely take over target servers. It is tracked as CVE-2024-27198 and has a severity score of 9.8.
Researchers discovered that hackers can steal a Tesla Model 3 by conducting a Man-in-The-Middle (MiTM) phishing attack on car owners' Tesla accounts. The researchers carried out the attack using the 4.30.6 version of the Tesla App, which serves as the car's key, and version 11.1 2024.2.7 of the underlying Tesla software. Through the attack, the researchers were able to get a new "phone key" to unlock the Tesla vehicle. The study reveals that connecting the car to a new phone lacks adequate authentication security.