The average tenure of a Chief Information Security Officer said to sit between 18 to 24 months. This is barely enough time to get feet under the table, never mind a meaningful seat at the table. Two questions arise: why is there such volatile churn in this space; and how does it affect enterprise cybersecurity? […]
Canadian Flair Airlines left user data leaking for months Pierluigi Paganini September 26, 2023 Researchers discovered that Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months Canadian Flair Airlines left credentials to sensitive databases and email addresses open for at least seven months, the Cybernews research team […]
In anticipation of the upcoming 2024 election, major US voting equipment manufacturers have announced an initiative to collaborate with cybersecurity experts to undergo extensive stress testing of their election systems. The move aims to bolster election security and combat the rampant spread of misinformation among American voters. Hosted by the Information Technology-Information Sharing Analysis Center […]
Sep 27, 2023THNVulnerability / Endpoint Security A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. “This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression,” a group of academics from the University of Texas at […]
Nearly all modern graphics processing units (GPUs) are vulnerable to a new type of side-channel attack that could be leveraged to obtain sensitive information, according to a team of researchers from various universities in the United States. The new attack method, named GPU.zip, was discovered and detailed by representatives of the University of Texas at […]
DarkBeam leaks billions of email and password combinations Pierluigi Paganini September 27, 2023 DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches. The leaked logins present cybercriminals with almost limitless attack capabilities. DarkBeam, a digital risk protection firm, left an Elasticsearch and Kibana interface unprotected, exposing records […]
Data security is in the headlines often, and it’s almost never for a positive reason. Major breaches, new ways to hack into an organization’s supposedly secure data, and other threats make the news because well, it’s scary — and expensive. Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but […]
The group’s malware includes trojans named DangerAds and AtlasAgent, with AtlasAgent being a custom C++ trojan that can execute various commands and evade detection by security tools.
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime Russian Hackers Target Energy, Law Enforcement Sectors Mihir Bagwe (MihirBagwe) • September 26, 2023 The 30th Prince Konstanty Ostrogski Mechanized Brigade training in February 2022 (Image: Ministry of Defense of Ukraine) Ukrainian cyber defenders are girding for an onslaught of cyberattacks against energy and […]