π Stop Security Incidents in Their Tracks: Your Customizable IR Plan Template π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Introduction Having a comprehensive Incident Response Plan in place is no longer a luxury but a necessity. With the increasing frequency and severity of cyber attacks, you need to be prepared to respond quickly and effectively to minimize the impact of a breach. Thats why weve created a customizable template based on our experience and The post Stop Security Incidents in Their Tracks Your Customizable IR Plan Template appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Stop Security Incidents in Their Tracks: Your Customizable IR Plan Template - UnderDefense
Swiftly respond to security breaches with our customizable Incident Response Plan template. Minimize downtime and reputational damage with a tailored approach.
π΅οΈββοΈ Trojanized JQuery Packages Spread via 'Complex' Supply Chain Attack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typical pattern that characterizes similar, related attacks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Trojanized jQuery Packages Spread via 'Complex' Supply Chain Attack
The campaign, which distributes dozens of malicious jQuery variants across npm, GitHub, and jsDelivr, appears to be a manual effort, and lacks the typical pattern that characterizes similar, related attacks.
π Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
In a statement on Monday, Evolve confirmed the breach includes over 20,000 customers in Maine.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers
In a statement on Monday, Evolve confirmed the breach includes over 20,000 customers in Maine
π₯2β€1
π΅οΈββοΈ 5 Tips to Minimize the Costly Effects of Data Exfiltration π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here's how to limit the damage.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
5 Tips to Minimize the Risks of Data Exfiltration
The more sensitive data an organization collects, the more at risk it is to a cyberattack. Here's how to limit the damage.
π΅οΈββοΈ Cloud-Based Investigations Platform Targets Complexity in Incident Response π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Softwareasaservice company Command Zero launches with a platform for investigating cybersecurity incidents that aims to minimize the grunt work.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Investigation SaaS Targets Incident Response Complexity
Software-as-a-service company Command Zero launches with a platform for investigating cybersecurity incidents that aims to minimize the grunt work.
π΅οΈββοΈ Attackers Already Exploiting Flaws in Microsoft's July Security Update π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
In all, the company released fixes for a whopping 139 CVEs in its own products and four for nonMicrosoft products.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Attackers Already Exploiting Flaws in Microsoft's July Security Update
In all, the company released fixes for a whopping 139 CVEs in its own products and four for non-Microsoft products.
π΅οΈββοΈ Evolve Bank & Trust Reveals 7M Impacted in LockBit Breach π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Though the company reassures its users that customer funds were not accessed, the same cannot be said for customer information.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Evolve Bank & Trust Reveals 7M Impacted in LockBit Breach
Though the company reassures its users that customer funds were not accessed, the same cannot be said for customer information.
β€1
π΅οΈββοΈ Chinese Threat Group APT40 Exploits N-Day Vulns at Rapid Pace π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The statesponsored threat group is capable of exploiting fresh software vulnerabilities within hours of their initial discovery.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Chinese Threat Group APT40 Exploits N-Day Vulns at Rapid Pace
The state-sponsored threat group is capable of exploiting fresh software vulnerabilities within hours of their initial discovery.
π΅οΈββοΈ Eldorado Ransomware Cruises Onto the Scene to Target VMware ESXi π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The ransomwareasaservice platform just rolled off the assembly line, also targets Windows, and uses Golang for crossplatform capabilities.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Eldorado Ransomware Cruises Onto the Scene to Target VMware ESXi
The ransomware-as-a-service platform just rolled off the assembly line, also targets Windows, and uses Golang for cross-platform capabilities.
βοΈ Microsoft Patch Tuesday, July 2024 Edition βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Microsoft Patch Tuesday, July 2024 Edition
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.
ποΈ New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution RCE. The vulnerability, tracked as CVE20246409 CVSS score 7.0, is distinct from CVE20246387 aka RegreSSHion and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π΅οΈββοΈ Houthi-Aligned APT Targets Mideast Militaries With 'GuardZoo' Spyware π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Simple malware and simple TTPs play against a backdrop of complex geopolitical conflict in the Arab world.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Houthi-Aligned APT Targets Mideast Militaries With 'GuardZoo' Spyware
Simple malware and simple TTPs play against a backdrop of complex geopolitical conflicts in the Arab world.
π΅οΈββοΈ What's Bugging the NSA? A Vuln in Its 'SkillTree' Training Platform π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Even the NSA leaves bugs in its software. In this case, it's the kind of crosssite issue that regularly slips past developers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
What's Bugging the NSA? A Vuln in Its 'SkillTree' Training Platform
Even the NSA leaves bugs in its software. In this case, it's the kind of cross-site issue that regularly slips past developers.
π΅οΈββοΈ Google Targets Passkey Support to High-Risk Execs, Civil Society π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tech giant has rolled out passkey support for account authentication within its Advanced Protection Program to complement existing compatibility with FIDO2 hardware keys.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Google Targets Passkey Support to Execs, Civil Society
The passkey support for account authentication within Google's Advanced Protection Program complements existing compatibility with FIDO2 hardware keys.
π¦Ώ Social Engineering Awareness Policy π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Recent technological advancements have made people and things more interconnected. Unfortunately, people with malicious intent are also taking advantage of this capability. With this, the security of information systems has become more paramount for any organization. The purpose of this customizable Social Engineering Awareness Policy, written by Maria Carrisa Sanchez for TechRepublic Premium, is to ...π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Social Engineering Awareness Policy | TechRepublic
Recent technological advancements have made people and things more interconnected. Unfortunately, people with malicious intent are also taking advantage
π¦Ώ How to Run a Cybersecurity Risk Assessment in 5 Steps π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Though cybersecurity is on every executives checklist today, most struggle with growing compliance burdens, keeping the costs moderate and bringing team alignment. A cybersecurity assessment is the key to combating the rising threat environment, and its prudent to secure systems before a breach cripples your business. Read this guide, written by Avya Chaudhary for TechRepublic ...π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
How to Run a Cybersecurity Risk Assessment in 5 Steps | TechRepublic
Though cybersecurity is on every executiveβs checklist today, most struggle with growing compliance burdens, keeping the costs moderate, and bringing team
π§ Digital solidarity vs. digital sovereignty: Which side are you on? π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
The landscape of international cyber policy continues to evolve rapidly, reflecting the dynamic nature of technology and global geopolitics. Central to this evolution are two competing concepts digital solidarity and digital sovereignty. The U.S. Department of State, through its newly released International Cyberspace and Digital Policy Strategy, has articulated a clear preference for digital solidarity, The post Digital solidarity vs. digital sovereignty Which side are you on? appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Digital solidarity vs. digital sovereignty: Which side are you on?
When it comes to cyber diplomacy, finding the balance between protection and cooperation is keyβand each side offers distinct benefits and drawbacks.
ποΈ Smash-and-Grab Extortion ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Problem The 2024 Attack Intelligence Report from the staff at Rapid7 1 is a wellresearched, wellwritten report that is worthy of careful study. Some key takeaways are 53 of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zerodays. More mass compromise events arose from zeroday vulnerabilities than from nday vulnerabilities.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromiumbased Edge browser.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ True Protection or False Promise? The Ultimate ITDR Shortlisting Guide ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Its the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Adds Passkeys to Advanced Protection Program for High-Risk Users ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Wednesday announced that it's making available passkeys for highrisk users to enroll in its Advanced Protection Program APP. "Users traditionally needed a physical security key for APP now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishingresistant alternative to passwords. Based on.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity