Cybersecurity
Category Added in a WPeMatico Campaign
The U.S. National Security Council (NSC) is urging the governments of all countries participating in the International Counter Ransomware Initiative (CRI) to issue a joint statement announcing they will not pay ransoms to cybercriminals, according to three sources with knowledge of the plans. CRI’s 47 members will convene in Washington for its annual summit on […]
Fraud Management & Cybercrime , Governance & Risk Management , Healthcare HHS: Group Seems to Favor Targeting Small & Midsized Entities that Lack MFA on VPNs Marianne Kolbasuk McGee (HealthInfoSec) • September 13, 2023 Akira’s data leak site Federal authorities are warning the health sector about threats posed by Akira, a ransomware-as-a-service group […]
The phone of a prominent Russian journalist and critic of the Kremlin was infected with Pegasus spyware, according to new research. The notorious spying software developed by the Israeli company NSO Group was reportedly installed on the iPhone of Galina Timchenko, owner of the Russian independent media outlet Meduza, while she was in Berlin for […]
A recent malvertising campaign has been found focusing on corporate users who are downloading the widely used web conferencing application, Webex. In this campaign, malicious actors have purchased an advertisement that mimics Cisco’s branding, and it appears as the top result when conducting a Google search. Diving into details The ad appears completely legitimate at […]
Since June of this year, the CA/Browser Forum (CABF) — a public key infrastructure (PKI) industry group — made hardware key generation mandatory for even regular code signing certificates. This is an additional effort to address private key protection by making it more difficult to steal private keys and certificates from computers since they cannot […]
Dive Brief: Top cybersecurity officials from the Biden administration pledged additional support to the open source software community and private sector security executives during the Secure Open Source Software Summit in Washington D.C. Tuesday. The Cybersecurity and Infrastructure Security Agency released a roadmap for open source software security, which is designed to establish the agency’s role […]
German business software maker SAP on Tuesday announced the release of 13 new and five updated security notes as part of its September 2023 Security Patch Day. Five of the SAP security notes released this month are rated ‘hot news’, the company’s highest rating. Three of them, however, are updates for previously released security notes. […]
AuthMind, a Maryland-based startup that aims to help businesses protect themselves from identity-related cyberattacks, today announced that it has raised an $8.5 million seed round led by Ballistic Ventures, with strategic participation from IBM Ventures. The company was co-founded by CEO Shlomi Yanai and CTO Ankur Panchbudhe. Both previously founded (and sold) a number of […]
A new malvertising campaign is targeting corporate users who are downloading the popular web conferencing software Webex. Threat actors have bought an advert that impersonates Cisco’s brand and is displayed first when performing a Google search. We are releasing this blog to warn users about this threat as the malicious ad has been online for almost […]