"The 6th Annual Rocky Mountain Technology Summit will be held on Tuesday, May 21st 2024 at the Crowne Plaza Denver Airport Convention Center (15500 E 40th Avenue, Denver, CO 80239) from 8am-4pm. This B2B event is targeted for the Technology and Security community. Attendees consist of IT/IS Executives and Direct reports across all verticals within the state of Colorado interested in Networking, Researching/Learning, Career Advancement, and Purchasing.
"IEEE International Symposium on Hardware Oriented Security and Trust (HOST) is the premier symposium that facilitates the rapid growth of hardware-based security research and development. Since 2008, HOST has served as the globally recognized event for researchers and practitioners to advance knowledge and technologies related to hardware security and assurance."
According to AG Security Research, vulnerabilities impacting Microsoft's PlayReady content access and protection technology enable rogue subscribers to illegally download movies from popular streaming services. Adam Gowdiak, founder and CEO of AG Security Research, conducted the study over several months. PlayReady is a media file copy-prevention technology that includes encryption, output prevention, and Digital Rights Management (DRM).
North Korean hackers have been exploiting eScan antivirus' updating mechanism to install backdoors on large corporate networks and deliver cryptocurrency miners via "GuptiMiner" malware. GuptiMiner is described as "a highly sophisticated threat" capable of making Domain Name System (DNS) requests to the attacker's DNS servers, extracting payloads from images, signing payloads, and performing Dynamic Link Library (DLL) sideloading.
Synlab Italia has recently suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline. Part of the Synlab group that is present in 30 countries worldwide, the Synlab Italia network operates 380 labs and medical centers across Italy. The company announced that it had suffered a security breach in the early hours of April 18, which forced it to shut down all computers to limit the damaging activity. No specific recovery timeline was provided.
The recently disclosed Palo Alto Networks firewall vulnerability tracked as CVE-2024-3400, which has been exploited in attacks for at least one month, has recently been found to impact one of Siemens’ industrial products. In a recent advisory, Siemens revealed that its Ruggedcom APE1808 devices configured with a Palo Alto Networks virtual next-generation firewall (NGFW) could be affected by CVE-2024-3400.
According to Ukraine's Community Emergency Response Team (CERT-UA), Russia's APT44, also known as "Sandworm," launched an attack on Ukrainian critical infrastructure in March. The group targeted 20 sites in an attempt to strengthen the impact of missile strikes on the country. The attack impacted energy, heating, and water facilities in 10 regions of the country.
According to Mandiant's 15th annual M-Trends 2024 report, global median dwell time, or the average amount of time attackers remain undetected on a target's network after gaining unauthorized access, has reached the lowest point in over a decade. The shorter median dwell time is one of several findings suggesting that organizations have significantly improved their defensive capabilities for detecting malicious activity. Shorter dwell times were found to be driven by a higher proportion of ransomware incidents in 2023, indicating that ransomware is more detectable.
The LockBit ransomware gang has recently leaked 1Gb of data allegedly stolen from the District of Columbia’s Department of Insurance, Securities and Banking (DISB). LockBit claims to be in possession of 800 GB of data pertaining to DISB, the US Securities and Exchange Commission (SEC), Delaware banking institutions, and other financial entities and threatens to release it unless DISB pays a ransom.