March 28, 2024 at 09:38AM New cyber incident reporting rules for critical infrastructure closer to implementation after President Biden signed CIRCIA into law in March 2022. Organizations must report substantial cyber incidents within 72 hours, including ransom payments within 24 hours. The rule faces pushback from industry due to added compliance strain on resources, according … Read more
March 25, 2024 at 03:00PM Leen Security secures $2.8 million pre-seed funding from 11.2 Capital, Inner Loop Capital, and Preface Ventures. The company aims to streamline cybersecurity by developing a unified data API to address the chaos caused by the use of numerous security tools and vendors. Leen aspires to be the central hub for … Read more
March 25, 2024 at 11:35AM The Communication Workers Union (CWU) is dealing with a cyberattack, originally mistaken for just an IT outage. Member data may have been targeted, prompting involvement of cybersecurity experts. The union is working to assess the extent of the attack, inform members, and restore its IT systems. The Information Commissioner’s Office … Read more
March 22, 2024 at 08:33AM A China-linked threat group utilized security flaws in Connectwise ScreenConnect and F5 BIG-IP to distribute custom malware for creating backdoors on compromised Linux hosts. The group, tracked as UNC5174, has targeted various organizations, including research institutions and government entities in the U.S. and U.K. They have also been observed trying … Read more
March 21, 2024 at 03:07PM Ready-made access IABs have become essential to the ransomware ecosystem. Learn how to prevent them from exploiting your assets and halt their ability to profit. Based on the meeting notes, the main takeaway is the recognition of the ready-made access IABs as a significant component of the ransomware ecosystem. The … Read more
March 21, 2024 at 10:05AM An arms race is emerging in technology between those targeting adversaries and those aiming to prevent attacks. It appears that there is a growing arms race between parties utilizing technology to target adversaries and those leveraging it to prevent attacks from being successful. This suggests a trend towards increasing technological … Read more
March 20, 2024 at 10:36AM A low-level threat actor is using common malware and genuine software to attack Russian businesses. It appears that a relatively simple threat actor is focusing on Russian companies, using commonly available malware as well as legitimate software. Full Article
March 19, 2024 at 06:04PM U.S. National Security Advisor Jake Sullivan and EPA Administrator Michael Regan sent a joint letter to governors warning about cyberattacks targeting the country’s water infrastructure. They seek governors’ support in safeguarding water systems against cyber threats and proposed a Water Sector Cybersecurity Task Force. Recent attacks by Iranian and Chinese … Read more
March 19, 2024 at 05:45PM The potential purchase would have enhanced Airbus’ ability to combat increasing cyber threats within the aviation and aerospace sector. After reviewing the meeting notes, it is clear that the purchase would have provided Airbus with enhanced capabilities to tackle the escalating cyber threats within the aviation and aerospace industry. Full … Read more
March 19, 2024 at 05:15PM The U.S. Department of Defense Cyber Crime Center has processed its 50,000th vulnerability report from 5,635 researchers since 2016. DC3 launched its Vulnerability Disclosure Program following ‘Hack-the-Pentagon’ to engage ethical hackers continuously. VDP’s success includes discovering and mitigating 400 significant security flaws in a special 12-month program with Defense Counterintelligence … Read more