Cybersecurity
Category Added in a WPeMatico Campaign
The latest World Economic Forum Global Risks Report 2024 highlighted the rising tide of cyber threats and places misinformation and disinformation as the most severe risk globally. It also warned of low-cost crime havens and issues surrounding concentrated AI power in few hands. Misinformation and Undermining Truth Misinformation and disinformation have emerged as the most […]
The breach occurred when a threat actor impersonated Framework’s CEO and tricked an accountant into sharing a spreadsheet containing customer data, including names, email addresses, and outstanding balances.
Jan 12, 2024NewsroomCryptocurrency / Malware Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. “This attack is particularly intriguing due to the attacker’s use of packers and rootkits to conceal the malware,” Aqua security researchers Nitzan Yaakov and Assaf Morag said in […]
Jan 11, 2024NewsroomVulnerability / Cyber Attack Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software […]
Governance & Risk Management , IT Risk Management Cyber Regulation Requires EU Agencies to Assess Risks and Report Incidents Akshaya Asokan (asokan_akshaya) • January 10, 2024 The European Union adopted a regulation intended to strengthen institutional cybersecurity. (Image: Shutterstock) The European Union adopted a regulation on mandatory cyber hygiene intended to beef up […]
The first vulnerability enables an attacker to reset the API key and access sensitive log information, while the second vulnerability allows for arbitrary script injection into affected web pages.
A team of computer scientists led by the University of Massachusetts Amherst recently announced a new method for automatically generating whole proofs that can be used to prevent software bugs and verify that the underlying code is correct. This new method, called Baldur, leverages the artificial intelligence power of LLMs, and, when combined with the […]
Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. In its 2023 Adversary Infrastructure Report, published on January 9, 2024, Recorded Future analyzed the effect of three malware takedown operations that took place in 2023 or before: The Emotet […]
The NCSC-FI has warned of increased Akira ransomware attacks in December. These attacks targeted companies in Finland and involved wiping backups, making it difficult for victims to recover their data without paying a ransom.