cybersecurity

Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks

by

October 16, 2023 at 10:46AM The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint Cybersecurity Advisory (CSA) about the active exploitation of CVE-2023-22515, a vulnerability in Atlassian Confluence Data Center and Server. This vulnerability allows cyber threat actors to gain … Read more

Academics Devise Cyber Intrusion Detection System for Unmanned Robots

by

October 16, 2023 at 10:36AM Australian researchers have developed an AI-driven cyber intrusion detection system to assist unmanned military robots in identifying man-in-the-middle (MitM) cyberattacks. The system, which uses deep learning convolutional neural networks (CNNs), aims to reduce vulnerabilities in the robot operating system (ROS) used by civilian and military robots. The algorithm achieved 99% … Read more

How Data Changes the Cyber-Insurance Market Outlook

by

October 16, 2023 at 10:08AM The global cyber insurance market is growing rapidly, expected to reach $84.62 billion by 2030. However, many companies are uncertain about how much coverage they need, and insurers struggle to assess individual risk. This has led to significant losses in the cyber insurance market. Rates have spiked due to increased … Read more

Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign

by

October 16, 2023 at 10:03AM Russian hacking groups have been exploiting a security vulnerability in the WinRAR archiving utility to launch a phishing campaign. The attack involves malicious archive files that exploit the vulnerability, allowing the attacker to gain remote access to compromised systems. The campaign also steals data from Google Chrome and Microsoft Edge … Read more

The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video)

by

October 16, 2023 at 08:25AM The text discusses the importance of SaaS security and highlights key findings from the SaaS Security Survey Report. It emphasizes the need for automated configuration and monitoring tools, as well as the critical role of identity and access governance. The risks associated with third-party connected apps are also examined. The … Read more

Equifax Fined $13.5 Million Over 2017 Data Breach

by

October 16, 2023 at 08:24AM The UK Financial Conduct Authority (FCA) has fined Equifax Ltd, the UK arm of Equifax Inc, more than £11 million over the 2017 data breach. The cyberattack impacted approximately 147 million people, including 13.8 million UK consumers. The FCA found that Equifax Ltd failed to properly manage and monitor the … Read more

EPA Withdraws Water Sector Cybersecurity Rules Due to Lawsuits

by

October 16, 2023 at 06:24AM The US Environmental Protection Agency (EPA) has withdrawn cybersecurity rules for public water systems due to lawsuits filed by states and non-profit water associations. The attorney generals of Missouri, Arkansas, and Iowa challenged the requirements, arguing they would burden small towns financially. The American Water Works Association (AWWA) and the … Read more

Beware: Lumma Stealer Distributed via Discord CDN

by

October 16, 2023 at 04:37AM Discord’s content delivery network (CDN) is being exploited by threat actors to distribute the Lumma Stealer malware, which steals user credentials. The malware is spread through direct messages, offering victims Discord Nitro boost in exchange for assistance and prompting them to download a file. Lumma Stealer can steal cryptocurrency wallets … Read more

AI algorithm detects MitM attacks on unmanned military vehicles

by

October 15, 2023 at 01:53PM Researchers at the University of South Australia and Charles Sturt University have developed an algorithm using machine learning to detect man-in-the-middle (MitM) attacks on unmanned military robots. The algorithm, tested on a replica of the GVR-BOT used by the U.S. Army, achieved a 99% success rate in preventing attacks. The … Read more

The Week in Ransomware – October 13th 2023 – Increasing Attacks

by

October 13, 2023 at 06:31PM Ransomware attacks on enterprises are causing disruption and data breaches. Recent attacks include Air Canada being targeted by BianLian, and state courts in Northwest Florida being attacked by ALPHV. Simpson Manufacturing experienced a cybersecurity incident, and a threat actor leaked the source code for the Hello Kitty ransomware. Ransomware trends … Read more