UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls

October 4, 2024 at 08:57AM Sellafield nuclear waste processing facility in the UK has been fined £332,500 for cybersecurity failures over four years, leaving IT systems vulnerable to attacks. Despite no exploitation, the risks included ransomware and data loss. The Office for Nuclear Regulation identified significant shortfalls but confirmed no evidence of breaches. Sellafield has … Read more

China’s ‘Salt Typhoon’ Cooks Up Cyberattacks on US ISPs

September 25, 2024 at 04:49PM A recently discovered advanced persistent threat (APT) named “Salt Typhoon” has targeted US Internet service provider networks, potentially for stealing information and launching disruptive attacks. This indicates China’s focus on geopolitical interests, with concerns raised about surveilling high-value targets and a military component in the campaign. The ongoing targeting of … Read more

Thousands of orgs at risk of knowledge base data leaks via ServiceNow misconfigurations

September 19, 2024 at 10:06AM Security researchers have found that thousands of companies may be exposing internal knowledge base (KB) articles due to misconfigurations in ServiceNow widgets. The issue arises from “private” pages within “public” KBs, leading to potential data exposure. Researchers estimate that 30-45% of ServiceNow instances are impacted, with implications for data security … Read more

Security Validation Firm Picus Security Raises $45 Million

September 19, 2024 at 08:36AM Security validation company Picus Security closed a $45 million growth investment round, reaching a total of $80 million raised. The company, with offices in Turkey and the United States, offers adversarial exposure validation solutions through an open platform, helping security teams evaluate and optimize their security posture. The funding will … Read more

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors

September 16, 2024 at 09:45AM The RansomHub ransomware group leaked 487 GB of data stolen from Kawasaki Motors Europe. The company disclosed the cyberattack and isolated servers as a precaution. They have restored over 90% functionality and resumed normal operations. RansomHub threatened to release data unless a ransom was paid, but KME refused. The US … Read more

Microsoft 365 anti-phishing feature can be bypassed with CSS

August 7, 2024 at 11:35AM Researchers discovered a method to hide the ‘First Contact Safety Tip’ in Microsoft 365, potentially increasing the risk of users opening malicious emails. Despite reporting the flaw to Microsoft, the tech giant decided not to address it at this time. The technique involves manipulating HTML and CSS to hide the … Read more

Fake CrowdStrike updates target companies with malware, data wipers

July 21, 2024 at 03:34PM Cybercriminals are using CrowdStrike’s glitchy update to target companies with data wipers and remote access tools. CrowdStrike is actively assisting affected customers, urging them to verify official communications. Phishing emails exploiting the situation have been observed by researchers and government agencies. Malicious actors are distributing malware disguised as CrowdStrike updates, … Read more

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

July 18, 2024 at 06:27AM Unknown threat actors are suspected of conducting a cyber espionage campaign using open-source tools to target government and private sector organizations across at least ten countries. The group has been observed exploiting known security flaws to gain initial access and deploying various open-source remote access capabilities and exploits. The attacks … Read more

U.S. Bans Kaspersky Software, Citing National Security Risks

June 21, 2024 at 01:18AM The U.S. Department of Commerce’s Bureau of Industry and Security imposed a ban on Kaspersky Lab’s U.S. subsidiary and affiliates from offering security software due to national security risks posed by its ties to the Russian government. Kaspersky will be barred from selling to U.S. consumers and businesses starting July … Read more

CISOs and Their Companies Struggle to Comply With SEC Disclosure Rules

May 17, 2024 at 10:03AM CISO Steve Cobb noticed public companies seeking more control over third-party incident response in light of the SEC’s cybersecurity risk management ruling, which affects how companies handle incidents. 68% of cybersecurity teams doubt their ability to comply with the SEC’s four-day disclosure rule. Larger public firms are better equipped than … Read more