Ransomware Group Takes Credit for LoanDepot, Prudential Financial Attacks

February 19, 2024 at 08:03AM The BlackCat and Alphv ransomware group has claimed responsibility for cyberattacks on financial firms LoanDepot and Prudential Financial. Despite the data breach impacting millions of people, Prudential stated no evidence of customer data theft. The US government offered rewards for information on the group and its affiliates. The ransomware group … Read more

CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks

February 16, 2024 at 06:57AM The US security agency CISA has added CVE-2020-3259, a vulnerability affecting Cisco ASA and FTD products, to its Known Exploited Vulnerabilities catalog. It allows remote attackers to access sensitive information. CISA urges organizations to address it promptly after evidence suggesting exploitation by the Akira ransomware group emerged. Cisco is advised … Read more

CISA HBOM Framework Doesn’t Go Far Enough

February 15, 2024 at 04:12PM CISA’s hardware bill of materials (HBOM) framework aims to address semiconductor chip security but is deemed insufficient. While it supports supply chain management and risk assessment, it lacks life cycle tracking and fails to address vulnerabilities like Downfall. Despite early shortcomings, CISA’s initiative is a step towards bolstering chip security … Read more

Cyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Experts Warn

February 15, 2024 at 01:33PM Cybersecurity experts warn of increasing cyberattacks on hospitals, leaving them vulnerable to data and network breaches. The use of online technology has expanded the digital attack surface, making hospitals a prime target for ransomware attacks. The US government is urged to take more significant action to address the escalating cyber … Read more

Over 13,000 Ivanti gateways vulnerable to actively exploited bugs

February 15, 2024 at 10:33AM Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple high to critical security issues. The flaws include authentication bypass, server-side-request forgery, arbitrary command execution, and command injection problems. Despite available security updates, a large number of endpoints are still exposed to these vulnerabilities, increasing the risk … Read more

Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor

February 15, 2024 at 10:18AM Russian threat actor Turla has been using a new backdoor, TinyTurla-NG, in a campaign targeting Polish non-governmental organizations. The backdoor is similar to TinyTurla, used in previous intrusions. Turla, linked to the FSB, has also targeted the defense sector in Ukraine and Eastern Europe with a .NET-based backdoor called DeliveryCheck. … Read more

BumbleBee Malware Buzzes Back on the Scene After 4-Month Hiatus

February 14, 2024 at 11:59AM The Bumblebee loader, known for delivering various malware, has reappeared in the US targeting organizations after a four-month hiatus. The recent campaign uses email with OneDrive URLs to initiate attacks, signaling a surge in cybercriminal activity. Interestingly, the attackers have employed VBA macro-enabled documents, a tactic rarely used since Microsoft’s … Read more

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyberattacks

February 14, 2024 at 09:46AM Nation-state actors from Russia, North Korea, Iran, and China are leveraging artificial intelligence and large language models (LLMs) to enhance their cyber attacks. Microsoft and OpenAI published a report detailing disruptions to state-affiliated actors’ malicious cyber activities. The report also highlights the use of AI technologies across various phases of … Read more

Cybersecurity Tactics FinServ Institutions Can Bank On in 2024

February 14, 2024 at 07:15AM Summary: The financial services sector faces escalating cybersecurity challenges as cybercriminals employ advanced tactics, AI, and deep fake technology. Recent trends reveal a surge in cyberattacks, data breaches, and state-sponsored threats. Community banks are particularly vulnerable and must address cloud security, ransomware, vendor risk, regulatory compliance, and talent shortages. Proactive … Read more

SAP Patches Critical Vulnerability Exposing User, Business Data

February 14, 2024 at 05:21AM SAP released 13 new and updated security notes addressing critical and high-severity vulnerabilities in its February 2024 Security Patch Day. The critical issue, CVE-2024-22131, allows unauthorized access and potential system unavailability. Customers are advised to apply patches promptly due to the risk of exploitation by threat actors targeting SAP products. … Read more