Cybersecurity
Category Added in a WPeMatico Campaign
Recent research from Menlo Labs has uncovered a sophisticated phishing campaign aimed at executives employed across industries, such as banking, insurance, property management, real estate, and manufacturing. The U.S.-based organizations have been the primary targets. Diving into details The phishing campaign began in July and abused an open redirection vulnerability on the job search platform […]
Oct 04, 2023THNSupply Chain / Malware A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what’s an instance of a […]
A county in Wisconsin is responding to a ransomware attack that targeted its public health department and forced officials to take some systems offline. Officials in Rock County, Wisconsin told Recorded Future News that they experienced a cyberattack on September 29 that affected several of their computer systems. The attack targeted the Rock County Public […]
The European Parliament agreed on Tuesday to strengthen protections for journalists from government surveillance as part of the proposed European Media Freedoms Act. As originally proposed last September, the law would have prohibited surveilling journalists and their families — and banned the use of spyware to target their devices — except in the cases of […]
Oct 04, 2023THNCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]
Indiana Attorney General Todd Rokita is suing a northwest Indiana medical office over a ransomware event that put personal and protected health information at risk. The lawsuit alleges the provider was aware of security concerns before the data breach. The lawsuit filed last week against CarePointe — an ear, nose, throat, sinus and hearing provider […]
Listen to the article 3 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: Almost two-thirds of executives at publicly traded companies will strengthen their cybersecurity programs following the new Securities and Exchange Commission rule that requires companies to report material incidents within four business days, according to a […]
Attack. Remediate. Repeat? Speak to any organization infiltrated by ransomware—the most dangerous malware in the world—and they’ll be blunt: They’d do anything to avoid getting hit twice. But ransomware attacks have been ramping up in 2023 and reinfections are occurring all over the globe, forcing lean IT teams to prepare. Why are businesses getting hit […]
Many organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work indefinitely and expose an organization’s employees, customers or partners […]