Cybersecurity
Category Added in a WPeMatico Campaign
Dec 19, 2023NewsroomRansomware / Cybercrime The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of Investigation (FBI) enlisted the help of a confidential […]
Dec 19, 2023NewsroomRansomware / Russian Hackers Cybersecurity researchers have shed light on the inner workings of the ransomware operation led by Mikhail Pavlovich Matveev, a Russian national who was indicted by the U.S. government earlier this year for his alleged role in launching thousands of attacks across the world. Matveev, who resides in Saint Petersburg […]
The ransomware attack on Westpole is disrupting digital services for Italian public administration Pierluigi Paganini December 19, 2023 An alleged Lockbit 3.0 ransomware attack on the Italian cloud service provider Westpole disrupted multiple services of local and government organizations and municipalities. A cyber attack hit on December 8, 2023 the Italian cloud service provider Westpole, […]
The breach occurred after attackers exploited a critical vulnerability, known as Citrix Bleed, that had been actively exploited as a zero-day since August 2023. The company has asked users to reset their passwords.
A novel way to abuse a decades-old protocol used to send emails since the beginning of the Internet allows attackers to evade Domain-based Message Authentication, Reporting and Conformance (DMARC) and other email protections, putting organizations and individuals at risk for targeted phishing attacks that appear to come from legitimate sources. Using a technique called “SMTP […]
Dec 19, 2023The Hacker NewsSoftware Security / Threat intelligence Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. “Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second stage malware […]
The report provides guidance on open source software adoption, including criteria for selection, risk assessment, licensing, export control, maintenance, vulnerability response, and secure software delivery.
Dec 18, 2023NewsroomSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to gain initial access to, and move laterally within, organizations. In an alert published last week, the agency […]
Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering […]