Recent Security News
-
Federal Push for Secure-by-Design: What It Means for Developers
November 7, 2023 at 07:00AM Secure-by-design is becoming a regulatory requirement for critical infrastructure, as outlined in the March 2023 National Cybersecurity Strategy. The concept is important to the federal government, and it is expected to be enforced through an Executive Order. However, there is currently no universally agreed-upon definition or way to measure secure-by-design.…
-
Ransomware Gang Leaks Data Allegedly Stolen From Canadian Hospitals
November 7, 2023 at 07:00AM Five Canadian hospitals, including Bluewater Health and Windsor Regional Hospital, have confirmed a data breach resulting from a ransomware attack. Patient and employee data, including social insurance numbers, was stolen and leaked online. The hospitals are working to identify and notify affected individuals. The Daixin ransomware gang has claimed responsibility…
-
Offensive and Defensive AI: Let’s Chat(GPT) About It
November 7, 2023 at 05:54AM ChatGPT, a popular AI chatbot, is both a productive tool and a security risk. Attackers can exploit ChatGPT for activities like data exfiltration, spreading misinformation, and writing phishing emails. On the other hand, defenders can use it to identify vulnerabilities and enhance their security posture. It is crucial to acknowledge…
-
Cybersecurity M&A Roundup: 31 Deals Announced in October 2023
November 7, 2023 at 05:24AM October 2023 saw a total of 31 cybersecurity-related merger and acquisition (M&A) deals. Some notable acquisitions include Arctic Wolf’s acquisition of Revelstoke to enhance its security orchestration, automation, and response (SOAR) capabilities, and Okta’s acquisition of Uno to accelerate the release of its consumer password manager. Other acquisitions were made…
-
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
November 7, 2023 at 04:42AM The Pakistan-linked threat actor called SideCopy has been using a recent WinRAR security vulnerability to target Indian government entities. They are delivering remote access trojans such as AllaKore RAT, Ares RAT, and DRat. This campaign is multi-platform, targeting both Windows and Linux systems. SideCopy is suspected to be a sub-group…