December 3, 2024 at 09:02AM Informa Tech is merging with TechTarget and Industry Dive to form Informa TechTarget, expanding its editorial presence with over 300 journalists and coverage in 30+ tech segments. Dark Reading will maintain its independent cybersecurity reporting, delivering reliable insights on developments and trends for its readers. Stay tuned for more updates. … Read more
December 3, 2024 at 08:57AM Cisco has updated its advisory regarding a decade-old vulnerability (CVE-2014-2120) in its Adaptive Security Appliance, which is being actively exploited. The flaw allows cross-site scripting attacks via the WebVPN login page. Users are urged to update their systems as it was added to the CISA’s KEV catalog for urgent remediation. … Read more
December 3, 2024 at 08:39AM Researchers warn that the GDPR’s data portability regulations, while promoting privacy, pose significant risks. Users can now easily export sensitive data, making it vulnerable to hackers. The risk extends to companies, as compromised personal accounts can lead to cyberattacks. Employees must separate personal and professional online activities to enhance security. … Read more
December 3, 2024 at 07:42AM Data of over 760,000 employees from major companies, including Bank of America and Nokia, was leaked online, linked to last year’s MOVEit hack by the Cl0p ransomware group. The information includes personal and job-related details, posing a risk for social engineering attacks, as analyzed by Atlas Privacy. **Meeting Takeaways: Data … Read more
December 3, 2024 at 07:13AM In 2024, cryptocurrency losses reached nearly $1.49 billion, primarily due to hacks, according to Immunefi. This is a reduction from last year’s $1.75 billion. November losses were over $71 million, with 24 hacking incidents reported. BNB Chain was the most targeted, accounting for 46.7% of total losses. ### Meeting Takeaways … Read more
December 3, 2024 at 06:55AM Amazon Web Services (AWS) launched a new incident response service that aids security teams in faster threat response and recovery using machine learning. It automates triage and analysis of security signals, offers preconfigured notifications, and allows collaboration with third-party vendors. The service is available in 12 AWS regions globally. ### … Read more
December 3, 2024 at 06:49AM The UK’s National Cyber Security Centre reported a significant increase in severe cyber threats, tripling to 12 incidents, with overall cases rising by 16%. Predicted vulnerabilities emphasize the urgency for enhanced cybersecurity measures, particularly against risks from state actors like China and Russia, amid a growing cybercrime ecosystem. ### Meeting … Read more
December 3, 2024 at 06:35AM ENGlobal Corporation has reported that its operations were impacted by a ransomware attack discovered on November 25. The company is investigating the incident while restricting IT system access, allowing only essential operations. Recovery efforts are ongoing, but they have not determined the financial impact or confirmed any data theft. ### … Read more
December 3, 2024 at 06:03AM Cybersecurity researchers identified vulnerabilities in Palo Alto Networks and SonicWall VPN clients, allowing potential remote code execution on Windows and macOS systems. Exploiting these flaws via a rogue VPN server could lead to malicious software installation. Users are urged to apply patches to mitigate risks. No active exploitation reported yet. … Read more
December 3, 2024 at 05:58AM Cisco updated its advisory on the CVE-2014-2120 vulnerability, highlighting ongoing exploitation attempts. This medium-severity XSS flaw affects the WebVPN login page of Cisco ASA products. Customers are urged to upgrade to a patched version. The vulnerability was added to CISA’s Known Exploited Vulnerabilities catalog, prompting immediate action. ### Meeting Takeaways … Read more