The Joint Ransomware Task Force aims to enhance collaboration to identify ransomware groups and drive a comprehensive government and societal response to protect critical infrastructure and businesses.
Feb 27, 2024NewsroomCloud Security / Threat Intelligence Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to […]
Fake wallet apps for China’s digital currency are circulating, leading to warnings from the Ministry of Industry and Information Technology about potential scams and data theft.
Feb 27, 2024NewsroomSupply Chain Attack / Data Security Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. “It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository […]
A new report by the Office of the National Cyber Director (ONCD) highlighted that up to 70% of security vulnerabilities are due to memory safety issues in certain programming languages.
Security teams are hiding an embarrassing secret from the outside world: despite their position at the vanguard of technology, security risks and threats, their actual war plans are managed on spreadsheets. This is a far cry from the dark rooms, multi-screens, and falling code most people imagine, and it’s also a universe away from what […]
Feb 27, 2024NewsroomWebsite Security / Cryptojacking A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and […]
Healthcare , HIPAA/HITECH , Industry Specific Breaches and Complaints Continue to Soar as Regulatory Duties Increase Marianne Kolbasuk McGee (HealthInfoSec) • February 23, 2024 Image: Getty As the volume of major health data breaches rises, the federal agency charged with investigating those incidents told Congress this week that it lacks the needed funding […]
Feb 26, 2024The Hacker NewsSteganography / Malware Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of […]