Cybersecurity
Category Added in a WPeMatico Campaign
Threat actors continued to exploit technical misconfigurations through various fraud schemes, according to a new report from Visa. These include the use of malvertising and search engine optimization (SEO) techniques to cultivate compelling and effective phishing and social engineering campaigns, the utilization of emerging advanced language model (ALM) technologies, and the increased targeting of authentication […]
While inside Rollbar’s servers, attackers accessed sensitive customer information, including usernames and email addresses, account names, and project information, such as environment names and service link configuration.
Organizations are optimistic about AI, but AI adoption requires attention to privacy and security, productivity, and training, according to GitLab. “The transformational opportunity with AI goes way beyond creating code,” said David DeSanto, CPO, GitLab. “According to the GitLab Global DevSecOps Report, only 25% of developers’ time is spent on code generation, but the data […]
A cyber event last month may have affected the security of some information maintained by Butler County. County officials say they found out August 8th that an email account related to the County jail was sending unauthorized spam emails. The county secured the account and brought in a nationally recognized digital forensics team to help […]
The U.S. National Security Council (NSC) is urging the governments of all countries participating in the International Counter Ransomware Initiative (CRI) to issue a joint statement announcing they will not pay ransoms to cybercriminals, according to three sources with knowledge of the plans. CRI’s 47 members will convene in Washington for its annual summit on […]
Fraud Management & Cybercrime , Governance & Risk Management , Healthcare HHS: Group Seems to Favor Targeting Small & Midsized Entities that Lack MFA on VPNs Marianne Kolbasuk McGee (HealthInfoSec) • September 13, 2023 Akira’s data leak site Federal authorities are warning the health sector about threats posed by Akira, a ransomware-as-a-service group […]
The phone of a prominent Russian journalist and critic of the Kremlin was infected with Pegasus spyware, according to new research. The notorious spying software developed by the Israeli company NSO Group was reportedly installed on the iPhone of Galina Timchenko, owner of the Russian independent media outlet Meduza, while she was in Berlin for […]
A recent malvertising campaign has been found focusing on corporate users who are downloading the widely used web conferencing application, Webex. In this campaign, malicious actors have purchased an advertisement that mimics Cisco’s branding, and it appears as the top result when conducting a Google search. Diving into details The ad appears completely legitimate at […]
Since June of this year, the CA/Browser Forum (CABF) — a public key infrastructure (PKI) industry group — made hardware key generation mandatory for even regular code signing certificates. This is an additional effort to address private key protection by making it more difficult to steal private keys and certificates from computers since they cannot […]