ποΈ Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that's believed to have been active since 2018. The intrusion singled out highlevel organizations in South China Sea countries, particularly military and government targets, Bitdefender said in a report shared with The Hacker News. "The investigation revealed a troubling.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π UserPro Plugin Vulnerability Allows Account Takeover π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The plugin is used by over 20,000 sites and enables users to create customizable community websites.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UserPro Plugin Vulnerability Allows Account Takeover
The plugin is used by over 20,000 sites and enables users to create customizable community websites
π Report Reveals 341% Rise in Advanced Phishing Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
This data comes from SlashNexts midyear State of Phishing 2024 report.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Report Reveals 341% Rise in Advanced Phishing Attacks
This data comes from SlashNextβs mid-year State of Phishing 2024 report
π΅οΈββοΈ Trends at the 2024 RSA Startup Competition π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI, and accomplishing novel security solutions with new models.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Trends at the 2024 RSA Startup Competition
Startups at Innovation Sandbox 2024 brought clarity to artificial intelligence, protecting data from AI, and accomplishing novel security solutions with new models.
π΅οΈββοΈ US Pumps $50M Into Better Healthcare Cyber Resilience π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Upgrade, an ARPAH program, will focus on automating cybersecurity for healthcare institutions so that providers can focus on patient care.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
US Pumps $50M Into Better Healthcare Cyber Resilience
Upgrade, an ARPA-H program, will focus on automating cybersecurity for healthcare institutions so that providers can focus on patient care.
π΅οΈββοΈ GitHub Authentication Bypass Opens Enterprise Server to Attackers π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The maxseverity bug affects versions using the SAML single signon mechanism.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
GitHub Authentication Bypass Opens Enterprise Server to Attackers
The max-severity bug affects versions using the SAML single sign-on mechanism.
π¦Ώ Microsoft Build 2024: Copilot AI Will Gain βPersonal Assistantβ and Custom Agent Capabilities π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Other announcements included a Snapdragon Dev Kit for Windows, GitHub Copilot Extensions and the general availability of Azure AI Studio.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Microsoft Build 2024: Copilot AI Gains βPersonal Assistantβ Capabilities
Other announcements included a Snapdragon Dev Kit for Windows, GitHub Copilot Extensions and the general availability of Azure AI Studio.
ποΈ The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft on Wednesday outlined its plans to deprecate Visual Basic Script VBScript in the second half of 2024 in favor of more advanced alternatives such as JavaScript and PowerShell. "Technology has advanced over the years, giving rise to more powerful and versatile scripting languages such as JavaScript and PowerShell," Microsoft Program Manager Naveen Shankar said. "These languages.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π What happens when AI goes rogue (and how to stop it) π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
As AI gets closer to the ability to cause physical harm and impact the real world, its complicated is no longer a satisfying response.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
What happens when AI goes rogue (and how to stop it)
As AI gets closer to the ability to cause physical harm and impact the real world, βitβs complicatedβ is no longer a satisfying response to questions about AI-powere attacks.
π’ Healthcare cyber attacks have surged in 2024 β this new program aims to improve security π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
With healthcare cyber attacks intensifying over the last year, a new initiative looks to introduce autonomous patching for organizations and reduce cyber risk.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Healthcare cyber attacks have surged in 2024 β this new program aims to improve security
With healthcare cyber attacks intensifying over the last year, a new initiative looks to introduce autonomous patching for organizations and reduce cyber risk
π¦
Ransomware Menace Amplifies for Vulnerable Industrial Control Systems: Heightened Threats to Critical Infrastructure π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Ransomhub Targets SCADA of Spanish Bio Energy Plant The protection of Industrial Control Systems ICS has emerged as a significant concern across all sectors. The security challenges surrounding ICS environments and the essential measures needed to protect vital operations in every industry are undeniable. Since 2022, numerous cyberattacks exploiting loopholes in ICS environments have led to severe repercussions, impacting not just organizations but also critical national infrastructure. These incidents have disrupted public services and governance, underscoring the urgent need for robust security measures to safeguard against such threats. In a recent disclosure by a recently emerged ransomware group, Ransomhub, claimed an attack on the Spanish Abattoir, Matadero de Gijn. Consid...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Ransomware Menace Amplifies For Vulnerable Industrial Control Systems: Heightened Threats To Critical Infrastructure - Cyble
CRIL analyzes the recent ransomware attack by Ransomhub on Industrial Control Systems and growing risks to critical infrastructure from ransomware groups.
π PSNI Faces Β£750,000 Data Breach Fine After Spreadsheet Leak π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Police Service of Northern Ireland has been fined 750K following a serious data breach last year.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PSNI Faces Β£750,000 Data Breach Fine After Spreadsheet Leak
The Police Service of Northern Ireland has been fined Β£750K following a serious data breach last year
π GitHub Fixes Maximum Severity Flaw in Enterprise Server π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A newly patched GitHub Enterprise Server bug has a CVSS score of 10.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
GitHub Fixes Maximum Severity Flaw in Enterprise Server
A newly patched GitHub Enterprise Server bug has a CVSS score of 10
π1
ποΈ Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager EPM that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities from CVE202429822 through CVE202429827 CVSS scores 9.6 relate to SQL injection flaws that allow an unauthenticated attacker within the same network to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ China APT Stole Geopolitical Secrets From Middle East, Africa & Asia π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
One of China's biggest espionage operations owes its success to longstanding Microsoft Exchange bugs, open source tools, and old malware.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
China APT Stole Geopolitical Secrets From Middle East, Africa & Asia
One of China's biggest espionage operations owes its success to longstanding Microsoft Exchange bugs, open source tools, and old malware.
ποΈ Are Your SaaS Backups as Secure as Your Production Data? ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Conversations about data security tend to diverge into three main threads How can we protect the data we store on our onpremises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could we get it back? All are valid and necessary conversations for technology organizations of all shapes.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat APT group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022. "An analysis of this threat actors activity reveals longterm espionage operations against at least seven governmental entities," Palo Alto Networks.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π National Records of Scotland Data Breached in NHS Cyber-Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
National Records of Scotland said sensitive personal data it holds was part of information stolen and published online by ransomware attackers from NHS Dumfries and Galloway.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
National Records of Scotland Data Breached in NHS Cyber-Attack
National Records of Scotland said sensitive personal data was part of information published online following a ransomware attack on NHS Dumfries and Galloway
π’ Firms have paid out more than $4.8 billion in GDPR fines since 2018 π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Tech giants headquartered in Ireland attract the biggest GDPR fines.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Firms have paid out more than $4.8 billion in GDPR fines since 2018
Tech giants headquartered in Ireland attract the biggest GDPR fines
π΅οΈββοΈ Persistent Burnout Is Still a Crisis in Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Burnout has been an oftreported problem among security professionals for years. Are there any new ideas for supporting mental health in the industry?.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Persistent Burnout Is Still a Crisis in Cybersecurity
Burnout has been an oft-reported problem among security professionals for years. Are there any new ideas for supporting mental health in the industry?
π NVD Leaves Exploited Vulnerabilities Unchecked π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Over half of CISAs known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NISTs National Vulnerability Database.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NVD Leaves Exploited Vulnerabilities Unchecked
Over half of CISAβs known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NISTβs National Vulnerability Database
β€1