Recent Security News
-
It’s Near-Unanimous: AI, ML Make the SOC Better
November 20, 2024 at 04:30PM A recent Dark Reading survey reveals that 91% of cybersecurity professionals believe AI and machine learning have enhanced their security operations. Key benefits include improved threat detection, reduced false positives, and increased efficiency. These tools are positively impacting enterprise security, streamlining processes, and improving response times for security teams. ###…
-
Fintech giant Finastra investigates data breach after SFTP hack
November 20, 2024 at 03:58PM Finastra confirmed a cybersecurity incident involving compromised credentials on November 7, 2024, with a threat actor selling stolen data. An investigation shows no evidence of broader breaches beyond their Secure File Transfer Platform. The impact assessment is ongoing, and affected clients will be contacted directly. Finastra previously faced a ransomware…
-
MITRE shares 2024’s top 25 most dangerous software weaknesses
November 20, 2024 at 03:43PM MITRE released its annual list of the top 25 common software weaknesses, highlighting vulnerabilities behind 31,000 disclosures from June 2023 to June 2024. These flaws can be exploited by attackers to gain control over systems or steal data. Organizations are encouraged to prioritize addressing these vulnerabilities in their security strategies.…
-
Ford investigates alleged breach following customer data leak
November 20, 2024 at 03:43PM Ford is investigating claims of a data breach involving 44,000 customer records leaked by hackers on a forum. Initially serious, the investigation revealed it involved a third-party supplier and public dealer addresses. Ford confirmed there was no breach of its systems, and the matter is reportedly resolved. **Meeting Notes Takeaways:**…
-
China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data
November 20, 2024 at 03:38PM A new threat actor, Liminal Panda, has been spying on mobile phones in Asia and Africa for over four years, targeting telecommunications networks to gather sensitive data for potential use by the Chinese state. The group’s tactics involve network-based attacks and exploiting telecommunications infrastructure for economic and political espionage. ###…