Cybersecurity
Category Added in a WPeMatico Campaign
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Geo Focus: Asia Nation-State Attacks on Defense Manufacturers Rising Since November 2022 Jayant Chakravarti (@JayJay_Tech) • October 4, 2023 A Daewoo shipyard in the city of Geoje in South Korea (Image: Shutterstock) South Korean national intelligence has sounded alarms about North Korean hackers […]
Governance & Risk Management , Legislation & Litigation , Patch Management Experts Warn Vulnerability Disclosure to Government Agencies Increases Hacking Risk Akshaya Asokan (asokan_akshaya) • October 4, 2023 Image: Shutterstock More than four dozen cybersecurity mavens say a proposed European Union mandate for software publishers to inform the trading bloc’s cybersecurity agency of […]
AWS said most-privileged users, and eventually more account types, will be required to use multifactor authentication beginning in mid-2024. The move makes the cloud giant the first of the three major hyperscalers to commit to MFA baseline controls by default. “AWS is further strengthening the default security posture of our customers’ environments by requiring the […]
Oct 04, 2023NewsroomCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]
The International Committee of the Red Cross (ICRC) has published a new set of rules urging hacktivists to abide by international humanitarian law in times of conflict. Writing in the European Journal of International Law (EJIL), the ICRC warned that cyber-attacks carried out by civilians during wartime are increasingly causing disruption to non-military targets such as […]
In the vast landscape of the open-source ecosystem, shadows occasionally move. While this realm thrives on collaboration and knowledge sharing, it’s also a playground for predators, from novice hackers to well-coordinated nation-state actors. Over recent months, one such threat has been emerging, growing, and refining its arsenal. Our team at Checkmarx’s Supply Chain Security has […]
THE HAGUE, Netherlands — The CyberPeace Institute announced Wednesday it will set up a portal with a coalition of cyber response teams to help non-governmental organizations, or NGOs, in the Netherlands protect themselves from cyberattacks. The CyberPeace Institute is a Geneva-based nonprofit that monitors cyberattacks and their effect on society. As part of that mission, […]
Oct 05, 2023NewsroomRansomware / Malware Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted […]
Oct 05, 2023NewsroomNetwork Security / Software Patch Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that […]