π’ This is why you need backups: A cyber attack on an Indonesian data center caused havoc for public services β and its forcing a national rethink on data security π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The disastrous data center breach has prompted a national audit to bolster cyber resilience.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
This is why you need backups: A cyber attack on an Indonesian data center caused havoc for public services β and its forcing aβ¦
The disastrous data center breach has prompted a national audit to bolster cyber resilience
π΅οΈββοΈ Don't Forget to Report a Breach: A Cautionary Tale π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Responding to an incident quickly is important, but it shouldn't come at the expense of reporting it to the appropriate regulatory bodies.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Don't Forget to Report a Breach: A Cautionary Tale
Responding to an incident quickly is important, but it shouldn't come at the expense of reporting it to the appropriate regulatory bodies.
π§ Vulnerability management empowered by AI π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Vulnerability management involves an ongoing cycle of identifying, prioritizing and mitigating vulnerabilities within software applications, networks and computer systems. This proactive strategy is essential for safeguarding an organizations digital assets and maintaining its security and integrity. To make the process simpler and easier, we need to involve artificial intelligence AI. Lets examine how AI is The post Vulnerability management empowered by AI appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Vulnerability management empowered by AI
By analyzing data and previous security breaches, AI can predict cyberattacks and stay ahead of emerging threats - improving vulnerability management.
ποΈ 8220 Gang Exploits Oracle WebLogic Server Flaws for Cryptocurrency Mining ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Security researchers have shed more light on the cryptocurrency mining operation conducted by the 8220 Gang by exploiting known security flaws in the Oracle WebLogic Server. "The threat actor employs fileless execution techniques, using DLL reflective and process injection, allowing the malware code to run solely in memory and avoid diskbased detection mechanisms," Trend Micro researchers Ahmed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The modern kill chain is eluding enterprises because they arent protecting the infrastructure of modern business SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike havent revised their security programs or adopted security tooling built for SaaS. Security teams keep jamming onprem.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Cyber Workforce Grows 15% at Large Organizations as Security is Prioritized π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cyber Workforce Grows 15% at Large Organizations as Security is Prioritized
From an average of one cybersecurity expert for 1285 employees in 2023, large organizations now have one for every 1086 employees, according to Wavestone
β€1
π’ CISOs plan to start downsizing security teams because of AI β but experts warn itβs a βshortsighted and dangerous" path to take π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
CISOs around the world are planning on reducing headcounts as they continue to adopt AI tools, but experts warn this could be a shortsighted strategy.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
CISOs plan to start downsizing security teams because of AI β but experts warn itβs a βshortsighted and dangerous" path to take
CISOs around the world are planning on reducing headcounts as they continue to adopt AI tools, but experts warn this could be a shortsighted strategy
π΅οΈββοΈ Critical GitLab Bug Threatens Software Development Pipelines π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The company is urging users running vulnerable versions to patch CVE20245655 immediately, to avoid CICD malfeasance.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Critical GitLab Bug Threatens Software Development Pipelines
The company is urging users running vulnerable versions to patch CVE-2024-5655 immediately, to avoid CI/CD malfeasance.
π΅οΈββοΈ CISO Corner: The NYSE & the SEC; Ransomware Negotiation Tips π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CISO Corner: The NYSE & the SEC; Ransomware Negotiation Tips
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
π΅οΈββοΈ CISA's Flags Memory-Unsafe Code in Major Open Source Projects π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Despite more than 50 of all open source code being written in memoryunsafe languages like C, we are unlikely to see a massive overhaul to code bases anytime soon.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
CISA Flags Memory-Unsafe Code in Major Open Source Projects
Despite more than 50% of all open source code being written in memory-unsafe languages like C++, we are unlikely to see a massive overhaul to codebases anytime soon.
π΅οΈββοΈ Hundreds of Thousands Impacted in Children's Hospital Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Though the Chicagoarea hospital did not pay a ransom, a host of sensitive medical information is now at risk.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Hundreds of Thousands Impacted in Children's Hospital Cyberattack
Though the hospital did not pay a ransom, a host of sensitive medical information is now at risk.
π΅οΈββοΈ LockBit Attack Targets Evolve Bank, Not Federal Reserve π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The ransomware group claimed it had breached the Federal Reserve, but the target now appears to have been an Arkansasbased bank, Evolve.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
LockBit Attack Targets Evolve Bank, Not Federal Reserve
The ransomware group claimed it had breached the Federal Reserve, but the target now appears to have been an Arkansas-based bank, Evolve.
π΅οΈββοΈ Unfounded Fears: AI Extinction-Level Threats & the AI Arms Race π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
There is an extreme lack of evidence of AIrelated danger, and proposing or implementing limits on technological advancement isn't the answer.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Unfounded Fears: AI Extinction-Level Threats & the AI Arms Race
There is an extreme lack of evidence of AI-related danger, and proposing or implementing limits on technological advancement isn't the answer.
π΅οΈββοΈ 1Touch.io Integrates AI Into Mainframe Security π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Just because mainframes are old doesn't mean they're not in use. Mainframe Security Posture Management brings continuous monitoring and vigilance to the platform.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
1Touch.io Integrates AI Into Mainframe Security
Just because mainframes are old doesn't mean they're not in use. Mainframe Security Posture Management brings continuous monitoring and vigilance to the platform.
ποΈ Kimsuky Using TRANSLATEXT Chrome Extension to Steal Sensitive Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korealinked threat actor known as Kimsuky has been linked to the use of a new malicious Google Chrome extension that's designed to steal sensitive information as part of an ongoing intelligence collection effort. Zscaler ThreatLabz, which observed the activity in early March 2024, has codenamed the extension TRANSLATEXT, highlighting its ability to gather email addresses, usernames,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment CICD pipelines as any user. The weaknesses, which affect GitLab Community Edition CE and Enterprise Edition EE, have been addressed in versions 17.1.1, 17.0.3, and 16.11.5. The most severe of the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π TeamViewer Cyber-Attack Attributed to Russian APT Midnight Blizzard π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Remote software provider TeamViewer has revealed it has been hit by a cyberattack that it attributes to Russian state actor Midnight Blizzard.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
TeamViewer Cyber-Attack Attributed to Russian APT Midnight Blizzard
Remote software provider TeamViewer has revealed it has been hit by a cyber-attack that it attributes to Russian state actor Midnight Blizzard
π΅οΈββοΈ TeamViewer Credits Network Segmentation for Rebuffing APT29 Attack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Despite warnings from HealthISAC and the NCC Group, the remote access software maker says defenseindepth kept customers' data safe from Midnight Blizzard.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Network Segmentation Saved TeamViewer From APT29 Attack
Despite warnings from Health-ISAC and the NCC Group, the remote access software maker says defense-in-depth kept customers' data safe from Midnight Blizzard.
π Key trends shaping the threat landscape in H1 2024 β Week in security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Learn about the categories of threats that 'topped the charts' and the kinds of techniques that bad actors leveraged most commonly in the first half of this year.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Key trends shaping the threat landscape in H1 2024 β Week in security with Tony Anscombe
Learn about the categories of threats that 'topped the charts' and the kinds of techniques that bad actors leveraged most commonly in the first half of this year
π1
ποΈ Google to Block Entrust Certificates in Chrome Starting November 2024 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1π1
ποΈ Juniper Networks Releases Critical Security Update for Routers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Juniper Networks has released outofband security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE20242973, carries a CVSS score of 10.0, indicating maximum severity. An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity