July 26, 2024 at 07:06AM The article discusses the evolution of cybersecurity, tracing it back to the emergence of computer viruses like Creeper on ARPANET. It highlights the development of defensive measures like antivirus software and the current need to understand and develop offensive AI to combat sophisticated threats. It also promotes an upcoming workshop … Read more
July 26, 2024 at 02:30AM Cybersecurity researchers have identified an ongoing campaign known as SeleniumGreed, targeting internet-exposed Selenium Grid services for illicit cryptocurrency mining. With the potential for remote command execution, Cloud security Wiz urges proper protection measures, as misconfigured instances pose significant security risks. The threat actor’s identity remains unknown, emphasizing the need for … Read more
July 26, 2024 at 02:30AM CrowdStrike has detected an attempt by an unknown threat actor to distribute harmful installers to German customers after the Falcon Sensor update failure. The phishing campaign involves an impersonation website, fraudulent JavaScript, and malicious software disguised as a CrowdStrike Crash Reporter. This situation occurs as CrowdStrike works to recover from … Read more
July 25, 2024 at 10:06AM Cybersecurity risks extend to operational technology (OT), often overlooked by IT and cybersecurity professionals. Lack of attention on OT attacks, such as those on critical infrastructure, highlights the need for better security measures. Proposed solutions include risk management, visibility, documentation, and secure remote access. Challenges persist due to limited tools, … Read more
July 25, 2024 at 07:09AM SecurityWeek Network provides cybersecurity news, webcasts, and virtual events. Their offerings cover a wide range of topics including malware, cyberwarfare, data breaches, ransomware, and security operations. They also focus on areas such as risk management, privacy compliance, and CISO strategy, with specific emphasis on industrial cybersecurity and related financial activities. … Read more
July 25, 2024 at 05:16AM Nvidia announced patches for vulnerabilities impacting AI and networking products. The security bulletins cover high-severity flaws affecting Jetson products, leading to denial of service, code execution, and privilege escalation. Vulnerabilities in Mellanox OS switch OS and successors were also addressed. Nvidia has disclosed over 60 vulnerabilities in its products this … Read more
July 24, 2024 at 05:58PM The global supply chain network has increased organizations’ interconnectedness, posing a higher risk of data breaches and security incidents involving third-party vendors. Research shows 98% of organizations have experienced third-party cybersecurity breaches in the past two years. Investments in third-party risk management programs are rising, with a focus on using … Read more
July 23, 2024 at 12:16PM NDR, or Network Detection and Response, is compared to “pest control” to emphasize its importance in identifying cyber intruders and closing security gaps. It provides a complete view of the network environment, allowing security teams to trace intruder paths and respond effectively. NDR, along with EDR and ASM, forms a … Read more
July 22, 2024 at 01:26PM The Los Angeles County Superior Court, the largest in America, closed all 36 courthouses due to an “unprecedented” ransomware attack, which bricked every electronic platform containing court data. Court employees and infosec experts are working to restore court servers and databases, aiming to reopen on Tuesday, following the need to … Read more
July 22, 2024 at 10:39AM The largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to address a ransomware attack that affected its entire network. The closure is expected to be just one day, with network restoration efforts ongoing. The attack is being … Read more