March 26, 2024 at 04:28AM The blog entry provides a summary of the Agenda ransomware’s new propagation methods targeting VMWare vCenter and ESXi servers using custom PowerShell scripts embedded in its latest Rust variant. The ransomware is distributed globally and has been increasingly detected by cybersecurity organizations. The threat actors are utilizing various defense evasion … Read more
March 25, 2024 at 11:35AM The Communication Workers Union (CWU) is dealing with a cyberattack, originally mistaken for just an IT outage. Member data may have been targeted, prompting involvement of cybersecurity experts. The union is working to assess the extent of the attack, inform members, and restore its IT systems. The Information Commissioner’s Office … Read more
March 25, 2024 at 10:06AM Most organizations have more agency and flexibility to manage third-party risk than they realize, despite the issue initially appearing overwhelming. Based on the meeting notes, the key takeaway is that organizations have more agency and flexibility to address third-party risk than they realize, despite the issue seeming daunting. Full Article
March 25, 2024 at 06:18AM Michael Sulmeyer, nominated for assistant secretary of defense for cyber policy, has a background advising senior military officials on cyber matters and held positions at US Cyber Command and the National Security Council. His confirmation lies with the Senate, as the 2023 NDAA established the cyber policy role, emphasizing oversight … Read more
March 22, 2024 at 06:36PM Amazon Web Services CISO, Chris Betz, discusses generative AI as a time-saving tool with potential risks. Got it. It seems that Chris Betz discussed the dual nature of generative AI, highlighting its potential as a time-saving tool but also emphasizing its potential risks. Full Article
March 22, 2024 at 06:01PM New AcidPour variant expands its target range to include IoT devices, storage area networks, and handhelds, significantly increasing its potential impact. From the meeting notes, the key takeaway is that the new AcidPour variant has the capability to attack a much broader range of targets, including IoT devices, storage area … Read more
March 21, 2024 at 03:07PM Ready-made access IABs have become essential to the ransomware ecosystem. Learn how to prevent them from exploiting your assets and halt their ability to profit. Based on the meeting notes, the main takeaway is the recognition of the ready-made access IABs as a significant component of the ransomware ecosystem. The … Read more
March 21, 2024 at 01:33PM A bug in an AWS workflow management service led to cookie tossing, revealing a broader issue affecting major cloud services. Based on the meeting notes, it seems that a bug has affected users of an AWS workflow management service, potentially exposing them to cookie tossing. However, this incident has also … Read more
March 21, 2024 at 12:00PM Dymium, a California startup, secures $7 million in funding from Two Bear Capital and angel investors. The company offers enterprise data protection products, including a platform that integrates with existing IAM infrastructure and a SecureChat AI portal. Its solutions ensure real-time, transparent data governance and PII protection, with deployment options … Read more
March 21, 2024 at 11:12AM The US House of Representatives passed bipartisan bill H.R. 7520, prohibiting data brokers from selling Americans’ personal information to foreign adversary countries or entities. The bill empowers the Federal Trade Commission to enforce the legislation and covers various sensitive information types. The legislation aims to safeguard national security and individual … Read more