May 8, 2024 at 09:05AM Microsoft is making organizational changes and holding senior leadership directly accountable for cybersecurity, with plans to bolster security across its products and services. The EVP of security announced measures to instill accountability, elevate security governance, and implement specific security goals under the Secure Future Initiative. These efforts aim to enhance … Read more
May 7, 2024 at 07:09AM The US Department of State announced its international cyberspace strategy to promote a secure, inclusive, and equitable digital world. It emphasizes digital solidarity and cooperation among rights-respecting users of digital technologies. The strategy outlines guiding principles and areas of action, focusing on diplomacy, international engagement, and countering cyber threats. It … Read more
May 6, 2024 at 05:18PM The DNS Abuse Institute has transformed into the NetBeacon Institute, focusing on combating online technical abuse. It offers free innovative solutions, education, and collaboration opportunities to domain industry stakeholders. The flagship programs, NetBeacon MAP and NetBeacon Reporter, have been expanded to better measure and report on DNS Abuse. The Institute … Read more
May 6, 2024 at 09:15AM Iran’s state-sponsored cyberespionage group APT42, also known as Calanque and UNC788, has been using new backdoors to target NGOs, government, and intergovernmental organizations. The group, operating since at least 2015 and believed to be linked to the Islamic Revolutionary Guard Corps, uses social engineering to target academia, activists, media organizations, … Read more
May 6, 2024 at 05:04AM Wichita, Kansas shut down its computer network after a ransomware attack encrypted data on certain systems. The impacted services were turned off as a containment measure. The city is conducting a thorough review to assess the situation, with first responders and law enforcement notified. Wichita has engaged with specialists to … Read more
May 6, 2024 at 04:39AM Cybersecurity researchers have discovered a new information stealer, Cuckoo by Kandji, targeting Apple macOS systems. It is capable of running on both Intel- and Arm-based Macs and establishes persistence by utilizing a LaunchAgent. The malware gathers extensive information from the system and tricks users into entering their passwords. It also … Read more
May 4, 2024 at 07:57AM Cyberwarriors training for Paris Games rely on friendly hackers to test defenses. Unlike athletes, they seek to avoid attention, aiming for a flawless event. Amid concerns about potential cyberattacks from various actors, preparations for cybersecurity are deemed crucial, with particular attention paid to previous incidents and ongoing threats, especially from … Read more
May 3, 2024 at 05:09PM The 2024 Paris Olympics face cybersecurity challenges despite improved protection compared to previous events. Outpost24 identified security gaps including open ports, SSL misconfigurations, and domain squatting, giving attackers opportunities. France’s ANSSI agency is preparing for cyber threats, but diverse, sophisticated attacks are expected, influenced by geopolitics. Securing the rapidly changing … Read more
May 3, 2024 at 01:21AM HPE Aruba Networking has released critical security updates for ArubaOS to address 10 security flaws, including four rated as severe threats. These vulnerabilities allow remote code execution and affect various software versions, impacting devices managed by Aruba Central. Security researcher Chancen discovered seven of the issues. Users are urged to … Read more
May 2, 2024 at 03:44PM CISA and the FBI warn software companies about path traversal vulnerabilities in recent alert due to security risks like file manipulation, data access, and system takedown. They urge implementing preventive measures, and they recall previous exploits in essential sectors. Similarly, the agencies previously addressed SQL injection vulnerabilities and emphasized the … Read more