π Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor
The Iranian APT group has shifted away from using legitimate remote monitoring tools to compromise its victims
π Hacktivists Claim Leak Over 1 Terabyte of Disney Data π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Disney unreleased projects and internal data are part of a data leak claimed by hacktivist group NullBulge.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hacktivists Claim Leak Over 1 Terabyte of Disney Data
Disney unreleased projects and internal data are part of a data leak claimed by hacktivist group βNullBulgeβ
π Hacktivist Groups Target Romania Amid Geopolitical Tensions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hacktivist Groups Target Romania Amid Geopolitical Tensions
CyberDragon and Cyber Army of Russia, among others, have claimed responsibility for the attacks
π Half of SMEs Unprepared for Cyber-Threats π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyberthreats.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Half of SMEs Unprepared for Cyber-Threats
JumpCloud found that half of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats
π1
π Digital Operational Resilience Testing (part of DORA) β What to Expect? π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
A crucial infrastructure company overseeing gas storage and distribution faces a serious cybersecurity threat. So, they involve a penetration test team to assess the companys security posture. They uncovered a critical remote code execution RCE vulnerability in the companys main website connected to their Active Directory system. This vulnerability can provide attackers with unauthorized access The post Digital Operational Resilience Testing part of DORA What to Expect? appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Digital Operational Resilience Testing (part of DORA) - What to Expect?
A crucial infrastructure company overseeing gas storage and distribution faces a serious cybersecurity threat. So, they involve a penetration test team to assess the companyβs security posture. They uncovered a critical remote code execution (RCE) vulnerabilityβ¦
π¦
New Malware Campaign Abusing RDPWrapper and Tailscale to Target Cryptocurrency Users π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research and Intelligence Labs CRIL has uncovered a multistage cyberattack campaign with a Zip file containing a malicious shortcut .lnk file. When the shortcut is executed, it downloads a PowerShell script, initiating a chain of events that ultimately allows the Threat Actor TA to gain Remote Desktop Protocol RDP access to the victim's system. The infection involves various components, including PowerShell scripts, batch files, Gobased binaries, and a vulnerable driver. Notably, the TA appears to be planning a Windows BYOVD Bring Your Own Vulnerable Driver attack, using a driver known as Terminator Spyboy. A key aspect of this campaign is using RDPWrapper to facilitate RDP connections and Tailscale to connect to the TA's private network,...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
New Malware Targets Crypto Users Via RDPWrapper, Tailscale
Cyble reveals a cyberattack targeting crypto users using RDPWrapper, Tailscale, and malicious files to gain RDP access. Stay informed.
π΅οΈββοΈ Iranian Cyber Threat Group Drops New Backdoor, 'BugSleep' π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The group which has targeted Israel, Saudi Arabia, and other nations often uses spear phishing and legitimate remote management tools but is developing a brandnew homegrown toolset.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Iranian Cyber-Threat Group Drops New Backdoor, 'BugSleep'
The group β which has targeted Israel, Saudi Arabia, and other nations β often uses spear-phishing and legitimate remote management tools but is developing a brand-new homegrown tool set.
ποΈ Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cisco has released patches to address a maximumseverity security flaw impacting Smart Software Manager OnPrem Cisco SSM OnPrem that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE202420419, carries a CVSS score of 10.0. "This vulnerability is due to improper.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta Halts AI Use in Brazil Following Data Protection Authority's Ban ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta has suspended the use of generative artificial intelligence GenAI in Brazil after the country's data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the tools while it is in talks with Brazil's National Data Protection Authority ANPD to address the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π UK Government Set to Introduce New Cyber Security and Resilience Bill π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new UK Cyber Security and Resilience Bill will update the NIS Regulations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Government Set to Introduce New Cyber Security and Resilience Bill
A new UK Cyber Security and Resilience Bill will update the NIS Regulations
πͺ Protecting Trained Models in Privacy-Preserving Federated Learning πͺ
π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
This post is part of a series on privacypreserving federated learning. The series is a collaboration between NIST and the UK governments Responsible Technology Adoption Unit RTA, previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts published to date at NISTs Privacy Engineering Collaboration Space or RTAs blog . The last two posts in our series covered techniques for input privacy in privacypreserving federated learning in the context of horizontally and vertically partitioned data. To build a complete privacypreserving federated learning.π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
NIST
Protecting Trained Models in Privacy-Preserving Federated Learning
This post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK governmentβs Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn moreβ¦
π US Data Breach Victim Numbers Surge 1170% Annually π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
New figures reveal a massive 1170 increase in people impacted by data breaches in Q2 2024 versus a year ago.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Data Breach Victim Numbers Surge 1170% Annually
New figures suggest a massive 1170% increase in people impacted by data breaches in Q2 2024 versus a year ago
π’ What's really motivating the Disney hackers? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
One security expert told ITPro the Disney hackers could have ulterior motives despite framing themselves as hacktivist champions in support of content creators.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
What's really motivating the Disney hackers?
One security expert told ITPro the Disney hackers could have ulterior motives despite framing themselves as hacktivist champions in support of content creators
π1
π¦Ώ Get Advanced Ad Blocking and Superior Data Privacy Tools for Just $11 Until 7/21 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Block popups, banners and video ads while also protecting yourself from activity trackers, phishing attempts, fraudulent websites and other types of malware with AdGuard.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Get Advanced Ad Blocking and Superior Data Privacy Tools for Just $11
Block popups, banners and video ads while also protecting yourself from activity trackers, phishing attempts, fraudulent websites and other types of malware with AdGuard.
ποΈ SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloudbased platform for creating and deploying predictive artificial intelligence AI workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. "The vulnerabilities we found could have allowed attackers.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Unknown threat actors have been observed leveraging opensource tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Kingβs Speech: Cybersecurity in the spotlight as government promises new efforts to lock down insecure IT supply chains π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The new Labour government has promised fresh cybersecurity legislation aimed at minimizing supply chain risk and improving incident reporting.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Kingβs Speech: Cybersecurity in the spotlight as government promises new efforts to lock down insecure IT supply chains
The new Labour government has promised fresh cybersecurity legislation aimed at minimizing supply chain risk and improving incident reporting
π¦Ώ IPVanish vs ExpressVPN (2024): Which VPN Is Better? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Which VPN is better, IPVanish or ExpressVPN? Use our guide to compare pricing, features and more.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
IPVanish vs ExpressVPN (2024): Which VPN Is Better?
Which VPN is better, IPVanish or ExpressVPN? Use our guide to compare pricing, features and more.
β€1
π’ How IT leaders can respond to the evolution of ransomware π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
With a proper strategy for response, communication, and recovery, leaders can respond for the evolution of ransomware and ensure staff are prepared for the worst.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
How IT leaders can respond to the evolution of ransomware
With a proper strategy for response, communication, and recovery, leaders can respond for the evolution of ransomware and ensure staff are prepared for the worst
ποΈ AppSec Webinar: How to Turn Developers into Security Champions ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Let's face it AppSec and developers often feel like they're on opposing teams. You're battling endless vulnerabilities while they just want to ship code. Sound familiar? It's a common challenge, but there is a solution. Ever wish they proactively cared about security? The answer lies in a proven, but often overlooked, strategy Security Champion Programs a way to turn developers from.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Automated Threats Pose Increasing Risk to the Travel Industry ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
As the travel industry rebounds postpandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21 of all bot attack requests last year. Thats according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots accounted for 44.5 of the industrys web traffic in 2023a significant jump from 37.4 in 2022. .π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity