November 15, 2023 at 04:05PM The European Union’s NIS2 Directive aims to enhance the security and resilience of network and information systems in the EU. Organizations operating within the EU must comply with the directive, which includes training and awareness, cybersecurity risk management measures, reporting obligations, and the use of EU certification schemes. Noncompliance can … Read more
November 15, 2023 at 10:48AM The U.S. government has taken down the IPStorm botnet proxy network, as the developer behind it, Sergei Makinin, pleaded guilty. The botnet infected Windows, Mac, Linux, and Android devices globally. Makinin could face up to 30 years in prison and has made at least $550,000 from the scheme. The botnet … Read more
November 14, 2023 at 03:31PM Chinese state-sponsored actors have become adept at exploiting zero-day vulnerabilities to conduct espionage, posing a significant and persistent threat to global organizations. Recent reports indicate that these actors are increasingly targeting public-facing devices, including firewalls, hypervisors, and email security tools. The success of these attacks is facilitated by threat sharing … Read more
November 14, 2023 at 10:56AM The Royal ransomware gang is potentially preparing for a rebrand or spinoff, as their ransom demands have already exceeded $275 million. The group has targeted over 350 victims worldwide, demanding between $1 million and $12 million in ransom. They primarily gain access through phishing emails and employ partial encryption and … Read more
November 13, 2023 at 12:29PM CISA has warned federal agencies to secure Juniper devices on their networks by Friday due to four vulnerabilities that are being actively exploited. Juniper has acknowledged successful exploitation of these vulnerabilities and has urged customers to upgrade immediately. Over 10,000 Juniper devices with vulnerable interfaces have been exposed online. CISA … Read more
November 13, 2023 at 05:22AM Data diodes, also known as unidirectional gateways, are gaining attention as a solution for enhancing cybersecurity. Unlike firewalls, data diodes only allow data to flow in one direction, preventing attackers from accessing secure networks. While they have been around since the 1980s, advancements in software have made data diodes compatible … Read more
November 13, 2023 at 01:06AM Chinese hacking groups have been found targeting 24 Cambodian government organizations in a long-term espionage campaign. The cyber activity is believed to align with China’s geopolitical goals and involves leveraging strong relations with Cambodia to expand naval operations in the region. The groups have been using fake cloud backup and … Read more
November 10, 2023 at 07:51AM Russian hackers Sandworm targeted a Ukrainian electrical substation, causing a brief power outage in October 2022. The attack involved using OT-level living-off-the-land techniques and a variant of CaddyWiper malware. The exact initial vector remains unclear, but the incident highlights Sandworm’s ongoing efforts to disrupt Ukraine’s power grid. Asset owners globally … Read more
November 9, 2023 at 01:09AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity vulnerability in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities catalog. Tracked as CVE-2023-29552, the flaw could be exploited for denial-of-service attacks with a high amplification factor. Federal agencies are required to apply necessary mitigations by … Read more
November 8, 2023 at 02:57PM Windows 11 is making security improvements by updating the Windows Defender Firewall rules for SMB shares. The changes include omitting inbound NetBIOS ports and allowing connections with SMB servers over custom network ports. Administrators can still configure and modify the firewall rules as needed. These updates aim to strengthen Windows … Read more