Recent Security News
-
Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks
March 7, 2024 at 09:21AM Evasive Panda, a China-based threat actor, conducted cyber attacks targeting Tibetan users through watering hole and supply chain techniques, using malicious downloaders to deploy a backdoor and a new Windows implant. The attacks aimed to infiltrate specific countries and territories, taking advantage of events like the Kagyu Monlam Festival. The…
-
FBI: U.S. lost record $12.5 billion to online crime in 2023
March 7, 2024 at 07:56AM The FBI’s 2023 Internet Crime Report reveals a 22% increase in reported losses, totaling $12.5 billion, with 880,000 complaints submitted. People over 60 were the most vulnerable, and trends since 2019 show rising complaints and losses. Notably, BEC, investment fraud, and ransomware caused significant financial losses, totaling billions. IC3’s Recovery…
-
Belgian ale legend Duvel’s brewery borked as ransomware halts production
March 7, 2024 at 07:52AM Belgian beer brewer Duvel’s facility was hit by a ransomware attack, halting production. Its IT team is working on resolving the issue, with no clear timeline for recovery. The company assures no supply issues and is well-stocked. Ransomware attacks are common in the manufacturing sector, with potential financial and operational…
-
Cyber Insights 2024: A Dire Year for CISOs?
March 7, 2024 at 07:51AM SecurityWeek’s Cyber Insights 2024 addresses cybersecurity issues impacting CISOs, anticipating a rise in criminal liability. Growing threats and stress exacerbate burnout risks. SEC’s stringent rules and potential liability curveball will test CISO roles, leading to potential exodus. Challenges lie in defining ‘material’ cybersecurity incidents, personal liability, and CISO’s combined roles.…
-
Critical TeamCity flaw now widely exploited to create admin accounts
March 7, 2024 at 07:34AM Hackers are exploiting a critical authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises. Hundreds of unpatched instances are being compromised, posing a risk of supply-chain attacks. Vulnerable hosts are mainly in Germany, the United States, and Russia. Rapid7 urges immediate update to fix the severe issue. (Word count: 50) Key takeaways…