February 21, 2024 at 06:45AM German control systems provider PSI Software announced that its systems remain down after a ransomware attack in February. The company disconnected its systems from the internet to prevent data exfiltration and is still working to restore its IT infrastructure. PSI’s security team is investigating the incident, and no evidence suggests … Read more
February 20, 2024 at 09:41AM German software developer, PSI Software SE, confirmed a ransomware attack on its internal infrastructure. The company, with over 2,000 employees, specializes in software solutions for energy suppliers and operational management. Its systems were disconnected post-attack to prevent data loss. Experts from the Federal Office for Information Security are assisting in … Read more
February 20, 2024 at 06:27AM ConnectWise released software updates to fix critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could enable remote code execution and impact confidential data or critical systems. Users of affected versions are urged to update to version 23.9.8 to mitigate the risk of exploitation. Key Takeaways … Read more
February 19, 2024 at 10:22AM Submit your clever cybersecurity-related caption for the chance to win a $25 Amazon gift card. Email [email protected] with the subject line “Dark Reading February Toon” or share your ideas on Twitter, Facebook, or LinkedIn. Last month’s winner, Michael L. Mustin, shared the winning caption “Your computer hasn’t been patched yet, … Read more
February 16, 2024 at 10:08AM The hack of genetic testing company 23andMe exposed 6.9 million people’s genetic data due to faulty security measures. The breach underlines the necessity for mandatory two-factor authentication (2FA) in SaaS applications to bolster security and protect against potential misuse and targeting. Implementing 2FA is crucial for safeguarding genetic and personal … Read more
February 16, 2024 at 02:03AM The U.S. government disrupted a botnet using SOHO routers linked to APT28 for cyber-espionage against U.S. and foreign targets. The botnet, dubbed MooBot, allowed threat actors to harvest credentials and conceal their location. The operation, known as Dying Ember, involved deleting stolen data and modifying firewall rules to block access. … Read more
February 15, 2024 at 02:19PM CISA and MS-ISAC conducted an incident response assessment revealing a threat actor gaining unauthorized access to a state government organization’s network environment. Moreover, the attacker compromised network administrator credentials through the account of a former employee, successfully accessing the organization’s internal and Azure environments. A Cybersecurity Advisory containing mitigation strategies … Read more
February 15, 2024 at 10:33AM Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple high to critical security issues. The flaws include authentication bypass, server-side-request forgery, arbitrary command execution, and command injection problems. Despite available security updates, a large number of endpoints are still exposed to these vulnerabilities, increasing the risk … Read more
February 14, 2024 at 04:05PM Chinese government’s Volt Typhoon spy team has compromised a US city’s emergency services network and is targeting American telecom providers alongside ongoing reconnaissance of electric companies. Dragos CEO Robert Lee expressed concern over the strategic nature of the targets. The espionage extends to African electric providers, and the spies have … Read more
February 12, 2024 at 03:30PM I’d be happy to help with that, but it seems like you haven’t provided the text for the summary. Could you please share the text you’d like me to summarize? I would be happy to help generate clear takeaways from the meeting notes. Please go ahead and provide me with … Read more