November 21, 2023 at 04:28PM The Idaho National Laboratory (INL) has confirmed a cyberattack after hacktivist group ‘SiegedSec’ leaked stolen human resources data online. The INL is a nuclear research center with 5,700 specialists and 50 experimental nuclear reactors. The hacktivists leaked personal employee information and proof of the breach. The incident is under investigation … Read more
November 21, 2023 at 04:18PM North Korean threat actors are engaging in deceptive tactics on the internet, posing as both job recruiters and job seekers. Palo Alto Networks’ Unit 42 has identified two ongoing campaigns, “Contagious Interview” and “Wagemole”, where the threat actors lure unsuspecting applicants into installing sophisticated malware or impersonate applicants to gain … Read more
November 21, 2023 at 03:59PM The role of the chief information security officer (CISO) is becoming increasingly important as organizations modernize their workflows and migrate to the cloud. The CISO must balance innovation and security, collaborate with other leaders, and ensure security is considered at all stages of the process. A strong CISO collaborates with … Read more
November 21, 2023 at 03:09PM In this article, Mike Milner, Trend Micro VP of Cloud Technology, discusses the role of security risk management in the era of cybersecurity and how IT leaders are accelerating innovation. The article also highlights the challenges faced by organizations in managing the digital attack surface and the importance of resilience, … Read more
November 21, 2023 at 02:41PM A former executive from a healthcare network security firm pleaded guilty to intentionally compromising a Georgia hospital network for sales purposes. He gained unauthorized access to the phone system, causing it to go offline and accessed sensitive patient information. He also sent a message to printers on the network. He … Read more
November 21, 2023 at 02:35PM The Lumma malware, known as LummaC2, is advertising a new feature that claims to restore expired Google cookies. These cookies can be used to gain unauthorized access to Google accounts. The feature is available to subscribers of the high-tier “Corporate” plan, which costs $1,000/month. The legitimacy of this feature has … Read more
November 21, 2023 at 02:13PM Microsoft has launched a bug bounty program for its Microsoft Defender security platform, offering rewards between $500 and $20,000. The program initially focuses on Microsoft Defender for Endpoint APIs but is expected to expand. High-quality reports of critical severity remote code execution vulnerabilities have the highest reward. Microsoft paid $58.9 … Read more
November 21, 2023 at 01:09PM AutoZone, the leading automotive spare parts retailer in the US, has suffered a data breach as part of the Clop MOVEit file transfer attacks. Approximately 185,000 people were affected by the breach, which occurred on May 28, 2023. While the specific data compromised has not been disclosed, identity theft protection … Read more
November 21, 2023 at 01:01PM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their systems against an actively exploited vulnerability called ‘Looney Tunables.’ The vulnerability allows attackers to gain root privileges on major Linux distributions. The flaw affects popular platforms like Fedora, Ubuntu, and Debian. Administrators are advised to … Read more
November 21, 2023 at 12:08PM The University of Jeddah in Saudi Arabia has partnered with security vendor Resecurity to provide training for students in AI, cyber-threat intelligence, and digital forensics and incident response. The aim is to equip students with the necessary skills to handle complex situations in data science and address challenges in cybersecurity. … Read more