December 29, 2023 at 07:04AM The UAE faces relentless cyberattacks due to its aggressive push for a digitized economy. To counter this, it has strengthened its digital borders, forming cybersecurity partnerships with the US, Morocco, and Chad. With a focus on AI, the UAE is also addressing the need for skilled professionals and the potential … Read more
December 20, 2023 at 03:40PM BlackCat/ALPHV ransomware leaders claim they’ve restarted operations on their primary blog despite DOJ’s control. In response to law enforcement actions, they’ve lifted ban on cyberattacks against critical infrastructure. However, experts doubt their quick comeback ability. FBI seized server and data, but BlackCat set up a new site. Cybersecurity insiders warn … Read more
December 20, 2023 at 11:22AM Cybercriminals can exploit weak passwords to wreak havoc on businesses, as evidenced by the prevalence of password-based cyber attacks. Notable breaches in 2023 included 23andMe, Norton, and Freecycle, exposing millions of users’ data. Recovering from such compromises requires effective incident response, including password resets and information disclosure. Businesses should prioritize … Read more
December 19, 2023 at 07:51AM A joint report by the Justice Department and Department of Homeland Security confirms cyberattacks during the 2022 US mid-term election, including activities linked to Russia and China. Despite these efforts, there is no evidence of significant impact on election integrity or security. A separate report by the ODNI examines foreign … Read more
December 18, 2023 at 01:24AM The U.S. CISA stresses eliminating default passwords on internet-exposed systems due to severe risks exploited by Iranian threat actors. Mitigation measures include utilizing unique setup passwords or enabling multi-factor authentication. CISA advises strong passwords, network segregation, and encryption to enhance security. Additionally, recommendations for hardening software supply chains have been … Read more
December 14, 2023 at 06:24AM Russian cyberespionage group APT29 exploited a recent TeamCity vulnerability, impacting on-premises instances, to conduct large-scale cyberattacks since September 2023. US, UK, and Polish government agencies confirm APT29’s exploitation, linking the group to the Russian Foreign Intelligence Service. The exploitation enabled the group to access networks, deploy backdoors, and exfiltrate sensitive … Read more
December 11, 2023 at 09:34AM Spanish police have arrested a leader of the ‘Kelvin Security’ hacking group responsible for 300 cyberattacks in 90 countries since 2020. The group targeted government institutions and critical infrastructure, with notable breaches including Vodafone Italia and U.S. firm Frost & Sullivan. The arrest aims to uncover co-conspirators and data buyers. … Read more
December 11, 2023 at 06:06AM The upcoming webinar “Think Like a Hacker, Defend Like a Pro” unveils the alarming trend of social engineering in cyberattacks. Led by a 20-year veteran in information security, Tim Chase, the session promises expert insights into its evolution, tactics, and effective defense strategies. Don’t miss this valuable opportunity to empower … Read more
December 8, 2023 at 10:18AM Russian threat actor APT28 is exploiting a no-interaction Outlook vulnerability in attacks across 14 countries. This was reported on SecurityWeek. Based on the meeting notes, the key takeaway is that a Russian threat actor known as APT28 has been utilizing a zero-click Outlook exploit to carry out attacks on 14 … Read more
December 5, 2023 at 07:54AM Three Chief Information Security Officers (CISOs) in healthcare, a highly targeted sector, share insights on security leadership in SecurityWeek’s latest article “CISO Conversations: Three Leading CISOs in the Modern Healthcare Sector.” Clear Takeaways from the Meeting: 1. The meeting featured a discussion facilitated by SecurityWeek. 2. The focus of the … Read more