November 23, 2023 at 10:48AM Private 5G networks are at risk due to a vulnerability in the GPRS Tunneling Protocol User Plane (GTP-U). The lack of encryption and authentication mechanisms in this critical link allows attackers to breach private 5G networks through packet reflection. To mitigate this risk, organizations should implement robust security protocols, firewalls, … Read more
November 21, 2023 at 10:56AM VirusTotal, a cybersecurity intelligence website, has integrated IP address and URL scans from Criminal IP, a Cyber Threat Intelligence search engine. VirusTotal aggregates data from antivirus engines, website scanners, and user contributions to enhance internet safety. Criminal IP specializes in aggregating threat data related to IP and domain addresses and … Read more
November 21, 2023 at 10:21AM Stealth mode security startup Lasso Security has raised $6 million in seed funding, led by Entrée Capital and with participation from Samsung Next. The Tel Aviv-based company is developing technology to address cyber threats faced by generative AI and large language models, aiming to protect businesses that use these technologies. … Read more
November 21, 2023 at 10:04AM Organizations need to be proactive in defending against evolving cyber threats. The traditional approach of protecting the on-premises data center is no longer effective as more data is moved to the cloud. To maximize the value of cybersecurity investments, organizations should define objectives, conduct risk assessments, align cybersecurity goals with … Read more
November 21, 2023 at 09:00AM The ransomware strain Play is now available as a service for other threat actors, according to cybersecurity company Adlumin. Affiliates who purchase the ransomware follow step-by-step instructions from playbooks delivered with it, resulting in attacks with minimal variations. Play, also known as Balloonfly and PlayCrypt, has previously targeted networks through … Read more
November 20, 2023 at 05:19PM Lasso Security, a cybersecurity company specializing in Large Language Models (LLMs), has raised $6 million in a seed funding round led by Entrée Capital and Samsung Next. Lasso aims to address the cybersecurity challenges posed by LLMs and provide comprehensive protection for businesses leveraging Generative AI. The funds will be … Read more
November 20, 2023 at 06:03AM GridEx VII, the largest grid security exercise in North America, saw participation from over 250 organizations and focused on testing crisis response and recovery plans for cyber and physical threats to the electrical grid. A report with lessons learned is expected in Q1 2024. Previous objectives included coordination between the … Read more
November 20, 2023 at 06:03AM Thousands of K-12 public schools in the United States are vulnerable to ransomware attacks due to lax cybersecurity measures. In response, the Biden administration has been offering free cybersecurity services to school districts and urging more to take advantage of these programs. Ransomware attackers, often based in Russia, target schools … Read more
November 17, 2023 at 03:56PM The cybercrime group known as Scattered Spider has been able to successfully attack US organizations without being disrupted or arrested, despite federal law enforcement being aware of their identities for over six months. The FBI and CISA have released an advisory to help organizations defend against Scattered Spider, but it … Read more
November 16, 2023 at 11:45AM Passwords are still relevant in the workplace, despite the security risks they pose. A survey by Delinea found that 53% of respondents acknowledged the slow transition towards passwordless technology. The majority of organizations are still years away from eliminating passwords entirely. Weak password hygiene continues to expose enterprise systems to … Read more