October 19, 2023 at 10:50AM Law enforcement agencies from multiple countries have seized the Tor negotiation and data leak sites belonging to the Ragnar Locker ransomware group. The seizure message displayed on the websites indicates that a coordinated international operation involving law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, and Latvia … Read more
October 19, 2023 at 10:35AM An Iranian state-aligned APT known as MuddyWater has conducted a spying campaign on an unnamed Middle Eastern government for eight months. Symantec, which tracks the group, identified daily efforts to steal sensitive government data using custom malware tools. The campaign, which went undetected, involved accessing various computers on the network … Read more
October 19, 2023 at 08:42AM Australian cybersecurity startup, CipherStash, has raised $3 million in a seed funding round led by Skip Capital. The company uses queryable encryption technology to protect data, offering tighter access controls and tracking capabilities. CipherStash’s solution integrates with various programming languages and databases. The funding will support the expansion of their … Read more
October 19, 2023 at 08:42AM The US cybersecurity agency CISA, along with the NSA, FBI, and MS-ISAC, has released a joint guide on phishing techniques. Threat actors use social engineering to trick victims into revealing their credentials or visiting malicious websites. To mitigate credential theft phishing, organizations are advised to implement strong multi-factor authentication and … Read more
October 19, 2023 at 08:15AM Organizations are realizing the importance of continuous vulnerability scanning due to the narrow time between vulnerability discovery and exploitation by hackers. One-off or periodic scans provide a point-in-time snapshot of vulnerabilities but may leave businesses exposed to new vulnerabilities. Continuous scanning allows for 24/7 monitoring and faster identification and resolution … Read more
October 19, 2023 at 07:41AM Japanese electronics manufacturer Casio experienced a data breach on its ClassPad education platform. The breach exposed customer information from 149 countries, including personal details, service usage information, and purchase information. Casio has confirmed that credit card information was not compromised. The company is cooperating with law enforcement and conducting an … Read more
October 19, 2023 at 07:06AM Healthcare solutions company Henry Schein disclosed a recent cybersecurity incident that disrupted its business operations and may have led to a data breach. The incident affected its manufacturing and distribution businesses, causing temporary disruption. The company has engaged cybersecurity experts to investigate and has notified law enforcement authorities. Details of … Read more
October 18, 2023 at 05:43PM CISOs face the challenge of deciding what details to report and omit under new SEC rules. The CISO, along with the security operations center, would prepare a memo with incident details to be reviewed by investor relations and legal for a filing to the SEC. CISOs must balance reporting as … Read more
October 18, 2023 at 05:22PM Taiwan-based network equipment vendor D-Link confirms data breach but denies hacker’s claims of severity. Investigation reveals that the stolen data is outdated and doesn’t contain personally identifiable or financial information. D-Link believes the breach occurred through a successful phishing attack on an employee and assures customers that they are unlikely … Read more
October 18, 2023 at 04:46PM Cybercriminals are targeting plastic surgery offices, stealing medical records and using them to extort doctors and patients. The trend is not limited to the US, as plastic surgeons in Brazil and the UK have also been affected. The FBI has warned about these attacks and provided security tips for patients, … Read more