Ukraine-Russia Cyber Battles Tip Over Into the Real World

October 3, 2024 at 04:47PM The ongoing kinetic war between Russia and Ukraine has spilled over into cyberspace, with hackers targeting key infrastructure, government bodies, and individual military personnel. Russian-aligned cyber actors, including advanced persistent threat (APT) groups like Gamaredon, have intensified their attacks, infiltrating secure communication channels and posing a significant threat to cybersecurity. … Read more

Kevin Mandia Joins Expel’s Board of Directors

October 1, 2024 at 05:47PM Expel, a leading managed detection and response (MDR) provider, has appointed cybersecurity expert Kevin Mandia to its board of directors. This comes as Expel experiences significant growth and strategic partnerships, achieving centaur status with over $100 million in annual recurring revenue. Mandia’s appointment reflects confidence in Expel’s leadership and commitment … Read more

JPCERT shares Windows Event Log tips to detect ransomware attacks

September 30, 2024 at 03:23PM JPCERT/CC has shared tips to detect different ransomware gang attacks based on Windows Event Logs, allowing timely detection of ongoing attacks before spreading too far into a network. Based on the meeting notes, the key takeaways are: 1. Japan’s Computer Emergency Response Center (JPCERT/CC) has provided tips on detecting various … Read more

Target Practice: Honing Critical Skills on Cyber Ranges

September 23, 2024 at 02:11PM Cyber ranges offer a solution to staying abreast of evolving cyber threats for cybersecurity professionals. Used by governments, universities, and organizations, these simulated training environments aid in practicing network and system usage. Beyond training, cyber ranges also serve as a business tool, engaging the wider cybersecurity community in competitions and … Read more

CISA Releases Cyber Defense Alignment Plan for Federal Agencies

September 19, 2024 at 11:06AM CISA released the FOCAL plan to align federal agencies against cyberthreats. It aims to standardize operational cybersecurity practices across agencies and identify collective cybersecurity goals. The plan outlines five priority areas and presents alignment goals to improve operational cybersecurity and resilience for the Federal Civilian Executive Branch (FCEB). Based on … Read more

Chinese spies spent months inside aerospace engineering firm’s network via legacy IT

September 18, 2024 at 01:08PM Chinese state-sponsored spies breached a global engineering firm’s network using default credentials on an IBM AIX server. The espionage, attributed to a People’s Republic of China team, aimed for intellectual property theft and supply-chain manipulation. Despite exposure to local and federal agencies, the intruders established persistent access before getting caught, … Read more

UnDisruptable27 Project Wants to Shore Up Critical Infrastructure Security

September 12, 2024 at 08:09AM UnDisruptable27 aims to prepare for cyberattacks on critical infrastructure in the US, focusing on water, emergency medical care, food supply chains, and power supplies. Led by the Institute for Security and Technology, the initiative is funded by Craig Newmark Philanthropies and will engage stakeholders to make infrastructure “undisruptable” by 2027. … Read more

Dark Reading Expands Its Coverage to the Asia-Pacific Region

September 11, 2024 at 09:05PM Dark Reading is launching a new Asia-Pacific section within DR Global to cater to cybersecurity professionals in the region. The expansion follows gradual reporting on Asia-Pacific news and aims to provide comprehensive cybersecurity information and trends. This initiative aligns with Dark Reading’s mission to deliver trusted news and analysis worldwide, … Read more

Cyber crooks shut down UK, US schools, thousands of kids affected

September 11, 2024 at 06:53PM Cybercriminals caused school closures in America and Britain by launching ransomware attacks, disrupting internet-based systems for students. Highline Public Schools in Washington state and Charles Darwin School in England faced closures and system shutdowns. These incidents highlight the vulnerability of educational institutions to cyber threats, emphasizing the need for robust … Read more

Secrets Exposed: Why Your CISO Should Worry About Slack

September 3, 2024 at 03:42AM Summary: Secrets, like API keys and passwords, pose a significant risk when accidentally shared in collaboration tools. Machine identities now outnumber human identities, and secrets are found not only in code but also in tools like Slack and Jira. Integrating platforms like GitGuardian for real-time monitoring and training teams on … Read more