π§ DORA and your quantum-safe cryptography migration π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Quantum computing is a new paradigm with the potential to tackle problems that classical computers cannot solve today. Unfortunately, this also introduces threats to the digital economy and particularly the financial sector. The Digital Operational Resilience Act DORA is a regulatory framework that introduces uniform requirements across the European Union EU to achieve a high The post DORA and your quantumsafe cryptography migration appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
DORA and your quantum-safe cryptography migration
Quantum computing represents a unique threat to the financial sector. Soon EU businesses must look to the Digital Operational Resilience Act for guidance.
βοΈ Who is Alleged Medibank Hacker Aleksandr Ermakov? βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33yearold Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia's most destructive ransomware groups, but little more is shared about the accused. Here's a closer look at the activities of Mr. Ermakov's alleged hacker handles.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Who is Alleged Medibank Hacker Aleksandr Ermakov?
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandrβ¦
π΅οΈββοΈ Series of Cyberattacks Hit Ukrainian Critical Infrastructure Organizations π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
It's unclear if the attacks which hit oil and gas, postal service, transport safety, and railway organizations in the nation were related.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Series of Cyberattacks Hit Ukrainian Critical Infrastructure Organizations
It's unclear if the attacks β which hit oil and gas, postal service, transport safety, and railway organizations in the nation β were related.
π΅οΈββοΈ Microsoft Shares New Guidance in Wake of 'Midnight Blizzard' Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Threat actors created and abused OAuth apps to access Microsoft's corporate email environment and remain there for weeks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft Shares New Guidance in the Wake of 'Midnight Blizzard' Cyberattack
Threat actors created and abused OAuth apps to access Microsoft's corporate email environment and remain there for weeks.
π΅οΈββοΈ Newly ID'ed Chinese APT Hides Backdoor in Software Updates π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The threat actor went more than half a decade before being discovered thanks to a remarkable backdoor delivered in invisible adversaryinthemiddle attacks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Newly ID'ed Chinese APT Hides Backdoor in Software Updates
The threat actor has gone more than half a decade before being spotted β thanks to a remarkable backdoor delivered in invisible adversary-in-the-middle attacks.
π΅οΈββοΈ Black Kite Unveils Monthly Ransomware Dashboards π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Black Kite Unveils Monthly Ransomware Dashboards
π΅οΈββοΈ Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Wyden Releases Documents Confirming the NSA Buys Americans' Internet Browsing Records
π΅οΈββοΈ NRC Issues Recommendations for Better Network, Software Security π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Network Resilience Coalition pushes adoption of standards like SSDF, OpenEoX and CISA's Secure By Design and Default framework.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
NRC Issues Recommendations for Better Network, Software Security
The Network Resilience Coalition pushes adoption of standards like SSDF, OpenEoX and CISA's Secure By Design and Default framework.
ποΈ AllaKore RAT Malware Targeting Mexican Firms with Financial Fraud Tricks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Mexican financial institutions are under the radar of a new spearphishing campaign that delivers a modified version of an opensource remote access trojan called AllaKore RAT. The BlackBerry Research and Intelligence Team attributed the activity to an unknown Latin Americanbased financially motivated threat actor. The campaign has been active since at least 2021. "Lures use Mexican Social.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Midnight Blizzard claims another big tech scalp with HPE hack just days after Microsoft breach - and more victims could be coming π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Microsoft has warned Midnight Blizzard may have hacked a raft of other organizations in addition to itself and HPE, and has begun warning potential victims.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Midnight Blizzard claims another big tech scalp with HPE hack just days after Microsoft breach - and more victims could be coming
Microsoft has warned Midnight Blizzard may have hacked a raft of other organizations in addition to itself and HPE, and has begun warning potential victims
π§ PixPirate: The Brazilian financial malware you canβt see π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Malicious software always aims to stay hidden, making itself invisible so the victims cant detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan RAT malware that heavily utilizes antiresearch techniques. This malwares infection vector is based on two malicious apps a The post PixPirate The Brazilian financial malware you cant see appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Ibm
PixPirate: The Brazilian financial malware you can't see, part one | IBM
Malicious software always aims to stay hidden so victims cannot detect it. PixPirate malware has taken that strategy to a new extreme.
π’ Data privacy will be a critical enterprise focus in 2024 - and generative AI has torn up the rulebook π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Ahead of Data Privacy Day, industry experts told ITPro that firm must prioritize security, staff awareness, and the responsible use of emerging technologies to prevent major data protection blunders.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Data privacy will be a critical enterprise focus in 2024 - and generative AI has torn up the rulebook
Ahead of Data Privacy Day, industry experts told ITPro that firms must prioritize security, staff awareness, and the responsible use of emerging technologies to prevent major data protection blunders
β€2
ποΈ Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have identified malicious packages on the opensource Python Package Index PyPI repository that deliver an information stealing malware called WhiteSnake Stealer on Windows systems. The malwarelaced packages are named nigpal, figflix, telerer, seGMM, fbdebug, sGMM, myGens, NewGends, and TestLibs111. They have been uploaded by a threat actor named "WS." "These.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π2
ποΈ NSA Admits Secretly Buying Your Internet Browsing Data without Warrants ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. National Security Agency NSA has admitted to buying internet browsing records from data brokers to identify the websites and apps Americans use that would otherwise require a court order, U.S. Senator Ron Wyden said last week. "The U.S. government should not be funding and legitimizing a shady industry whose flagrant violations of Americans' privacy are not just unethical, but illegal.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π CI/CD at Risk as Exploits Released For Critical Jenkins Bug π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Customers are urged to patch now after exploits are released for critical vulnerability in Jenkins.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CI/CD at Risk as Exploits Released For Critical Jenkins Bug
Customers are urged to patch now after exploits are released for critical vulnerability in Jenkins
π Dark Web Drugs Vendor Forfeits $150m After Guilty Plea π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Drug trafficker Banmeet Singh made 150m in cryptocurrency from dark web sales.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Dark Web Drugs Vendor Forfeits $150m After Guilty Plea
Drug trafficker Banmeet Singh made $150m in cryptocurrency from dark web sales
π» Russia hacks Microsoft: Itβs worse than you think π»
π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
Another day, another hack of Microsoft technology. Hohum, you might think, this has happened before and will happen again as surely as the sun rises in the morning and sets at night.This time is different. Because this time the targets werent Microsoft customers, but rather the top echelons of Microsoft itself. And the hacker group, called Midnight Blizzard, or sometimes Cozy Bear, the Dukes, or A.P.T. 29, is sponsored by Russias Foreign Intelligence Service and has been since at least 2008.To read this article in full, please click here.π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
Computerworld
Russia hacks Microsoft: Itβs worse than you think
This time, hackers attacked corporate execs, not customers. That might finally push the US government to focus on long-ignored security concerns.
β€1π1
π’ Lush cyber attack claimed by Akira ransomware gang π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The group says it has accessed and will release data including passports, tax information, and client data.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Lush cyber attack claimed by Akira ransomware gang
The group says it has accessed and will release data including passports, tax information, and client data
ποΈ 493 Companies Share Their SaaS Security Battles β Get Insights in this Webinar ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In today's digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service SaaS applications. Did you know that an alarming 97 of companies face serious risks from unsecured SaaS applications?Moreover, about 20 of these organizations are struggling with internal data threats. These statistics aren't just numbers they're a wakeup call. We're.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In nearly every segment of our lives, AI artificial intelligence now makes a significant impact It can deliver better healthcare diagnoses and treatments detect and reduce the risk of financial fraud improve inventory management and serve up the right recommendation for a streaming movie on Friday night. However, one can also make a strong case that some of AIs most significant impacts.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have detected in the wild yet another variant of the Phobos ransomware family known as Faust. Fortinet FortiGuard Labs, which detailed the latest iteration of the ransomware, said it's being propagated by means of an infection that delivers a Microsoft Excel document .XLAM containing a VBA script. "The attackers utilized the Gitea service to store several files.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity