Tag Archives: it security

Google Launches New Open Source Bug Bounty to Tackle Supply Chain Attacks

Google on Monday introduced a new bug bounty program for its open source projects, offering...

31
Aug
Chinese Hackers Used ScanBox Framework in Recent Cyber Espionage Attacks

A months-long cyber espionage campaign undertaken by a Chinese nation-state group targeted several entities with...

31
Aug
Introducing our new machine learning security principles
August 30, 2022

Why the security of artificial intelligence (AI) and machine learning (ML) is important, how it’s...

Hackers Use ModernLoader to Infect Systems with Stealers and Cryptominers

As many as three disparate but related campaigns between March and Jun 2022 have been...

30
Aug
Hands-on Review: Stellar Cyber Security Operations Platform for MSSPs

As threat complexity increases and the boundaries of an organization have all but disappeared, security...

30
Aug
India’s Newest Airline Akasa Air Found Leaking Passengers’ Personal Information

Akasa Air, India’s newest commercial airline, exposed the personal data belonging to its customers that...

30
Aug
FBI Warns Investors to Take Precautions with Decentralized Financial Platforms

The U.S. Federal Bureau of Investigation (FBI) on Monday warned of cyber criminals increasingly exploiting...

30
Aug
FTC Sues Data Broker Over Selling Location Data for Hundreds of Millions of Phones

The U.S. Federal Trade Commission (FTC) on Monday said it filed a lawsuit against Kochava,...

30
Aug
The security benefits of modern collaboration in the cloud
August 29, 2022

By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better...

New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim

A new ransomware strain written in Golang dubbed “Agenda” has been spotted in the wild,...

29
Aug
Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software

A Turkish-speaking entity called Nitrokod has been attributed to an active cryptocurrency mining campaign that...

29
Aug
A CISO’s Ultimate Security Validation Checklist

If you’re heading out of the office on a well-deserved vacation, are you certain the...

29
Aug
Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users

Twilio, which earlier this month became a sophisticated phishing attack, disclosed last week that the threat...

29
Aug
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added 10 new actively exploited...

29
Aug
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to...

27
Aug
Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that...

26
Aug
Hackers Breach LastPass Developer System to Steal Source Code

Password management service LastPass confirmed a security incident that resulted in the theft of certain...

26
Aug
Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework

Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control (C2) framework in their intrusion campaigns...

26
Aug
Information Security: best practice for the construction sector
August 22, 2022

New guidance for businesses of all sizes planning to take part in Joint Ventures....

Recovering a hacked account
August 22, 2022

A step by step guide to recovering online accounts....

Threat Report 19th August 2022
August 18, 2022

The NCSC’s threat report is drawn from recent open source reporting....

NIST Publishes SP 800-108 Revision 1, Recommendation for Key Derivation Using Pseudorandom Functions
August 18, 2022

NIST is pleased to announce the release of Special Publication (SP) 800-108r1, ***Recommendation for Key...

Journey to the NIST Cybersecurity Framework (CSF) 2.0 | Workshop #1
August 17, 2022

NIST has begun the process to update the NIST Cybersecurity Framework to keep pace with...

Social Engineering Tactics Used in Interrogation 

What comes to mind when you hear the word interrogation? Perhaps, the typical movie scene...

17
Aug
NIST requests comments on IR 8214B initial public draft: Notes on Threshold EdDSA/Schnorr Signatures
August 12, 2022

NIST requests public comments on the initial public draft (ipd) of NIST IR 8214B, Notes...

IOTW: Twilio suffers data breach following phishing attack
August 11, 2022

Hackers directly targeted Twilio employees with a phishing attack to gain unauthorized access to employee...

Securing the cloud (by design *and* by default)
August 9, 2022

To reduce data breaches from cloud services, seek out providers who ensure functionality is ‘secure...

Open for Public Comment: Zero Trust Architecture Preliminary Draft Practice Guide (Vol. C-D)
August 9, 2022

The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) has...

Guide to a Secure Enterprise Network Landscape: NIST Requests Comments on Draft SP 800-215
August 5, 2022

The enterprise network landscape has undergone a significant transformation in the last decade. The drivers...

Threat Report 5th August 2022
August 4, 2022

The NCSC’s threat report is drawn from recent open source reporting....