Recent Security News
-
Modernize Federal Cybersecurity Strategy with FedRAMP
January 18, 2024 at 12:14PM Government modernization of cybersecurity strategies, including FedRAMP adoption and value-driven digital ecosystem development, is crucial to combat evolving cyber threats. Challenges like outdated technology, budget constraints, and disjointed security operations hinder progress. Yet, strategic investments in endpoint detection and response solutions and FedRAMP-authorized products can enhance security operations and empower…
-
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
January 18, 2024 at 12:09PM A novel campaign is targeting vulnerable Docker services by deploying XMRig cryptocurrency miner and 9Hits Viewer software to generate revenue. The campaign uses various strategies to drive traffic to websites, breaching servers to deploy malicious containers via Docker API. The impact includes resource exhaustion and potential for a serious breach.…
-
Ransomware attacks hospitalizing security pros, as one admits suicidal feelings
January 18, 2024 at 12:05PM Ransomware attacks have been linked to psychological and physical illnesses among cybersecurity workers. The Royal United Services Institute’s research uncovered stories of stress-related heart attacks, hospitalizations, and even suicidal thoughts, shedding light on the toll of dealing with these attacks. The report emphasizes the widespread and lasting psychological and social…
-
With Attacks on the Upswing, Cyber-Insurance Premiums Poised to Rise Too
January 18, 2024 at 12:04PM The cyber-insurance market is expected to see rising claim volumes due to increasing threat activities, potentially leading to higher premiums in the next 12 to 24 months. Despite recent declines in average prices, industry experts anticipate a shift towards increased costs as the threat landscape evolves. While costs temporarily eased…
-
Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks
January 18, 2024 at 11:12AM The Rapid SCADA open source industrial automation platform has seven unpatched vulnerabilities, including critical and high severity ones, allowing hackers to access sensitive industrial systems, execute arbitrary code, and compromise administrator passwords. The developers have not responded to notifications or requests for comment, leaving organizations vulnerable to potential attacks. Based…