Cybersecurity
Category Added in a WPeMatico Campaign
Almost 5,200 organizations were hit by ransomware attacks in 2023, Rapid7 said in a Friday blog post, pulling research from public disclosures and incident data from its managed detection and response team. “In reality, we believe that number was actually higher because it doesn’t account for the many attacks that likely went unreported,” Christiaan Beek, […]
Water for People, a nonprofit that aims to improve access to clean water for people whose health is threatened by a lack of it for drinking and sanitation, is the latest organization to have been hit by ransomware criminals. The ransomware-as-a-service gang Medusa listed Water for People on its darknet site Thursday night, threatening to […]
APIs, a technology that underpins today’s most used sites and apps, are being leveraged by businesses more than ever—ultimately opening the door to more online threats than seen before, according to Cloudflare. APIs power the digital world—our phones, smartwatches, banking systems and shopping sites all rely on APIs to communicate. They can help ecommerce sites […]
China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical infrastructure, is exploiting a couple of vulnerabilities from 2019 in routers, to break into target devices and take control of them. Targeting […]
German technology manufacturer Bosch fixed a vulnerability affecting a popular line of smart thermostats in October, the company disclosed this week. Researchers from Bitdefender discovered an issue with Bosch BCC100 thermostats last August which lets an attacker on the same network replace the device firmware with a rogue version. Bogdan Botezatu, director of threat research […]
Organizations constantly work to ensure optimal threat detection and prevention across their systems. One question gets asked repeatedly: “Can we detect the threats we’re supposed to be able to detect?” Red team assessment, penetration testing, and even purple team assessments (in their current form) are all designed to answer these questions. Unfortunately, as attacks get […]
An April ransomware attack on a company that builds ships for the U.S. Navy exposed the information of nearly 17,000 people, according to documents filed with regulators in Maine this week. The regulatory filing comes nearly nine months after several local news outlets in Wisconsin reported that Fincantieri Marine Group — the U.S. arm of […]
The Ministry of Foreign Affairs for the Kingdom of Saudi Arabia has allegedly fallen victim to a massive data breach. The Saudi Foreign Affairs data breach purportedly exposed the personal information of more than 1.4 million employees affiliated with the ministry. In order to verify the claim of a data breach in Saudi Foreign Affairs, […]
This post is also available in: 日本語 (Japanese) Executive Summary During our research discovering threats in legitimate network traffic, activity generated by a certain type of Android Package Kit (APK) files kept hitting our radar. This activity led us to conduct an in-depth investigation on the associated APK files. Our research revealed a family of […]