Recent Security News
-
Cyber Insurance Needs to Evolve to Ensure Greater Benefit
February 20, 2024 at 10:07AM The cyber insurance industry faces scrutiny due to skyrocketing premiums and complex policy terms. Underwriting processes are under fire as insurers struggle to keep up with rapidly evolving environments and threats. Modernizing data gathering and potential federal assistance programs are proposed to address the challenges faced by the cyber insurance…
-
Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers
February 20, 2024 at 10:03AM Over 28,000 internet-accessible Microsoft Exchange servers are affected by a zero-day vulnerability, with an additional 68,000 instances considered possibly vulnerable. The flaw, tracked as CVE-2024-21410, allows for privilege escalation and pass-the-hash attacks. Organizations are urged to apply available mitigations and patches as the exploit is actively targeted. From the meeting…
-
Critical infrastructure software maker confirms ransomware attack
February 20, 2024 at 09:41AM German software developer, PSI Software SE, confirmed a ransomware attack on its internal infrastructure. The company, with over 2,000 employees, specializes in software solutions for energy suppliers and operational management. Its systems were disconnected post-attack to prevent data loss. Experts from the Federal Office for Information Security are assisting in…
-
Cyber Insights 2024: Supply ChainĀ
February 20, 2024 at 09:03AM Cyber Insights 2024, an annual series by SecurityWeek, addresses evolving cybersecurity challenges. This year focuses on supply chain cybersecurity threats. It emphasizes the growing complexity and vulnerability of supply chains, driven by criminal and nation-state attackers. Government initiatives such as CISA’s SBOM aim to enhance transparency and security in the…
-
Volt Typhoon Seen Exfiltrating Sensitive OT Data
February 20, 2024 at 09:03AM The industrial cybersecurity firm Dragos has identified Volt Typhoon, a hacker group linked to the Chinese government, as a serious threat to organizations using industrial control systems (ICS) or operational technology (OT). The group’s cyberespionage activities and potential for disruption in critical infrastructure are highlighted in Dragos’ 2023 ICS/OT Cybersecurity…