π§ New report shows ongoing gender pay gap in cybersecurity π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
The gender gap in cybersecurity isnt a new issue. The lack of women in cybersecurity and IT has been making headlines for years even decades. While progress has been made, there is still significant work to do, especially regarding salary. The recent ISC2 Cybersecurity Workforce Study highlighted numerous cybersecurity issues regarding women in the The post New report shows ongoing gender pay gap in cybersecurity appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
New report shows ongoing gender pay gap in cybersecurity
The cybersecurity gender gap has gone on for decades. A recent study explores those ongoing effects, as well as how to work on closing the gap.
ποΈ U.S. Seizes 32 Pro-Russian Propaganda Domains in Major Disinformation Crackdown ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ on Wednesday announced the seizure of 32 internet domains used by a proRussian propaganda operation called Doppelganger as part of a sweeping set of actions. Accusing the Russian governmentdirected foreign malign influence campaign of violating U.S. money laundering and criminal trademark laws, the agency called out companies Social Design Agency SDA,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π PyPI Revival Hijack Puts Thousands of Applications at Risk π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Revival Hijack Python Package Index supply chain attack threatens 22,000 packages through malicious downloads.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PyPI Revival Hijack Puts Thousands of Applications at Risk
Revival Hijack Python Package Index supply chain attack threatens 22,000 packages through malicious downloads
π Security Budgets Come Under Pressure as βHypergrowthβ Ends π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Despite rising threats researchers find a third of firms see flat or falling security budgets and hiring slows.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Security Budgets Come Under Pressure as βHypergrowthβ Ends
Despite rising threats researchers find a third of firms see flat or falling security budgets and hiring slows
π UK Signs Council of Europe AI Convention π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The first legally binding international treaty on AI was adopted by all 46 Council of Europe member states in May 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Signs Council of Europe AI Convention
The first legally binding international treaty on AI was adopted by all 46 Council of Europe member states in May 2024
π Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cisco has urged customers to apply software updates to fix the critical vulnerabilities, which could allow attackers to collect sensitive data or administer services.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility
Cisco has urged customers to apply software updates to fix the critical vulnerabilities, which could allow attackers to collect sensitive data or administer services
π¦
The Rise of Head Mare: A Geopolitical and Cybersecurity Analysis π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key takeaways The Head Mare hacktivist group targets Russian and Belarusian organizations, linking their cyberattacks to geopolitical tensions with Ukraine. Head Mare's attacks on Russia and Belarus are strategic, aiming to influence political and economic stability in these countries and support its own objectives. The group uses sophisticated phishing and ransomware attacks, exploiting vulnerabilities like CVE202338831 in WinRAR and ransomware strains like LockBit and Babuk. Head Mares cyber operations align with the RussoUkrainian conflict, applying pressure on Russia and Belarus to distract from Ukraine's military actions. The group employs advanced techniques for persistence and evasion, disguising malware and using sophisticated tools to control compromised syste...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Head Mare: A Geopolitical & Cybersecurity Analysis
Explore how the Head Mare hacktivist group targets Russian and Belarusian organizations amid geopolitical tensions, using advanced cyberattacks.
π1
π¦Ώ Australia Proposes Mandatory Guardrails for AI π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
New mandatory guardrails will apply to AI models in highrisk settings, with businesses encouraged to adopt new safety standards starting now.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Australia Proposes Mandatory Guardrails for AI
Australia proposes 10 mandatory guardrails for AI. Learn when these guardrails come into force and what businesses should do now to prepare.
ποΈ Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. "Sighting this group's Tactics, Techniques, and Procedures in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them," Kaspersky.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution. The list of shortcomings is below CVE202440711 CVSS score 9.8 A vulnerability in Veeam Backup Replication that allows unauthenticated remote code execution. CVE202442024 CVSS score 9.1.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ What is the Shared Fate Model? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
New threats, an overburdened workforce, and regulatory pressures mean cloud service providers need a more resilient model than the shared responsibility framework. That's where "shared fate" comes in.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
What Is the Shared Fate Model?
New threats and regulatory pressures mean cloud service providers need a more resilient model than the shared responsibility framework.
π΅οΈββοΈ Malvertising Campaign Builds a Phish for Lowe's Employees π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Retail employees are being duped into divulging their credentials by typosquatting malvertisements.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Malvertising Campaign Phishes Lowe's Employees
Retail employees are being duped into divulging their credentials by typosquatting malvertisements.
π΅οΈββοΈ Chinese 'Tropic Trooper' APT Targets Mideast Governments π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
In the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically to entities that publish human rights studies.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Chinese 'Tropic Trooper' APT Targets Mideast Governments
In the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically to entities that publish human rights studies.
π΅οΈββοΈ China's 'Earth Lusca' Propagates Multiplatform Backdoor π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware, KTLVdoor, has already been found on more than 50 commandandcontrol servers and enables full control of any environment it compromises.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
China's 'Earth Lusca' Propagates Multiplatform Backdoor
The malware, KTLVdoor, has already been found on more than 50 command-and-control servers and enables full control of any environment it compromises.
π΅οΈββοΈ Biden Admin Files Charges Against Election Meddlers From Russia π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Working with the Treasury and Justice departments, the president has sanctioned antidemocratic Russian adversaries.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Biden Files Charges Against Russian Election Meddlers
Working with the Treasury and Justice departments, the president has sanctioned anti-democratic Russian adversaries.
π¦Ώ IBM Executive on Future Cybersecurity: Passkeys, Deepfakes & Quantum Computing π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
IBM's Chris Hockings predicts a safer internet with advances in passkey tech, digital identity, deepfake defenses, and postquantum cryptography.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
IBM Executive on Future Cybersecurity: Passkeys, Deepfakes & Quantum Computing
IBM's Chris Hockings predicts a safer internet with advances in passkey tech, digital identity, deepfake defenses, and post-quantum cryptography.
ποΈ The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The 2024 State of the vCISO Report continues Cynomis tradition of examining the growing popularity of virtual Chief Information Security Officer vCISO services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected in the future. However,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Critical Security Flaw Found in LiteSpeed Cache Plugin for WordPress ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered yet another critical security flaw in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated users to take control of arbitrary accounts. The vulnerability, tracked as CVE202444000 CVSS score 7.5, impacts versions before and including 6.4.1. It has been addressed in version 6.5.0.1. "The plugin suffers from an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Apache OFBiz Update Fixes High-Severity Flaw Leading to Remote Code Execution ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new security flaw has been addressed in the Apache OFBiz opensource enterprise resource planning ERP system that, if successfully exploited, could lead to unauthenticated remote code execution on Linux and Windows. The highseverity vulnerability, tracked as CVE202445195 CVSS score 7.5, affects all versions of the software before 18.12.16. "An attacker with no valid.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal Activity ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Telegram CEO Pavel Durov has broken his silence nearly two weeks after his arrest in France, stating the charges are misguided. "If a country is unhappy with an internet service, the established practice is to start a legal action against the service itself," Durov said in a 600word statement on his Telegram account. "Using laws from the presmartphone era to charge a CEO with crimes committed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π ESET Research Podcast: HotPage π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
ESET researchers discuss HotPage, a recently discovered adware armed with a highestprivilege, yet vulnerable, Microsoftsigned driver.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
ESET Research Podcast: HotPage
ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver