Recent Security News
-
SolarWinds: SEC ‘lacks the competence’ to regulate cybersecurity
November 9, 2023 at 12:12PM SolarWinds has strongly defended itself against the Securities and Exchange Commission’s (SEC) lawsuit over the 2020 SUNBURST cyberattack. The company called the SEC’s claims “fundamentally flawed” and stated that it had appropriate cybersecurity controls in place before the attack. SolarWinds accused the SEC of overreaching and lacking the authority to…
-
Imperial Kitten APT Claws at Israeli Industry With Multiyear Spy Effort
November 9, 2023 at 11:57AM A state-sponsored advanced persistent threat group named “Imperial Kitten” has been conducting watering-hole attacks against Israeli transportation, logistics, and technology sectors. The group, believed to have links to Iran’s Islamic Revolutionary Guard Corps, infiltrates legitimate websites to redirect visitors to attacker-controlled locations and phishing sites. The compromised data is then…
-
Medical Company Fined $450,000 by New York AG Over Data Breach
November 9, 2023 at 11:49AM US Radiology Specialists, a major private radiology group, has been fined $450,000 by the attorney general of New York over a data breach caused by a ransomware attack. The breach compromised the personal and health information of nearly 200,000 patients, including 92,000 New Yorkers. The attackers gained access to the…
-
Tidal Cyber Raises $5 Million for Threat-Informed Defense Platform
November 9, 2023 at 11:49AM Tidal Cyber, a startup founded by MITRE veterans, has raised $5 million in seed funding to develop its threat-informed defense platform. The Washington, DC-based firm offers tooling aligned with the MITRE ATT&CK framework to help organizations automate detection and response while customizing their security programs. Tidal Cyber’s platform includes features…
-
Google ads push malicious CPU-Z app from fake Windows news site
November 9, 2023 at 11:22AM Google Ads has been exploited by a threat actor to distribute a trojanized version of the CPU-Z tool, delivering the Redline info-stealing malware. The campaign uses a cloned copy of the legitimate site WindowsReport to host a malicious advertisement. Clicking on the ad leads to a redirect process that tricks…