November 27, 2024 at 11:54PM T-Mobile reported recent attempts by hackers to infiltrate its systems, though no sensitive data was accessed. The attacks originated from a connected wireline provider’s network and were thwarted by T-Mobile’s security measures. The incident is notable following cyber threats from a China-linked group targeting U.S. telecoms. ### Meeting Takeaways – … Read more
November 26, 2024 at 10:24AM The 2024 MITRE ATT&CK Evaluation results will provide cybersecurity leaders with critical insights into vendor performance against simulated real-world threats. A Cynet-hosted webinar will summarize key findings and offer practical guidance on leveraging the evaluations. The upcoming assessments will feature nuanced scenarios, including ransomware and North Korean tactics. ### Meeting … Read more
November 25, 2024 at 01:29PM Russian APT group Fancy Bear employed a novel “Nearest Neighbor” cyber-espionage technique during the Russia-Ukraine war, infiltrating a US organization by compromising nearby Wi-Fi networks. This remote attack underscores the security risks of proximity and emphasizes the need for stronger defenses against Wi-Fi vulnerabilities and enhanced monitoring practices. ### Meeting … Read more
November 25, 2024 at 07:33AM Phishing and malware evasion techniques have evolved significantly, becoming more sophisticated over the years. Hackers employ various strategies, including anti-research techniques and complex redirection methods, to bypass security measures. Ongoing adaptation between attackers and defenders highlights the importance of phishing training, credential monitoring, and advanced threat detection solutions. ### Meeting … Read more
November 21, 2024 at 11:20AM Palo Alto Networks reported a drop in internet-exposed firewalls, yet around 2,000 devices remain compromised due to critical vulnerabilities CVE-2024-0012 and CVE-2024-9474. Patches were released in mid-November following confirmed exploitation, with attacks primarily affecting devices in the U.S. and India. Key security recommendations include limiting access to trusted IPs. **Meeting … Read more
November 21, 2024 at 08:37AM Censys reports over 145,000 internet-exposed industrial control systems (ICS) across 175 countries, with 38% in North America. The U.S. has 48,000 such systems. Many are vulnerable human-machine interfaces, particularly in water and agriculture sectors. Additionally, a Kaspersky survey reveals 90% of UK industrial firms faced cyberattacks, highlighting significant security concerns. … Read more
November 20, 2024 at 04:30PM A recent Dark Reading survey reveals that 91% of cybersecurity professionals believe AI and machine learning have enhanced their security operations. Key benefits include improved threat detection, reduced false positives, and increased efficiency. These tools are positively impacting enterprise security, streamlining processes, and improving response times for security teams. ### … Read more
November 20, 2024 at 03:58PM Finastra confirmed a cybersecurity incident involving compromised credentials on November 7, 2024, with a threat actor selling stolen data. An investigation shows no evidence of broader breaches beyond their Secure File Transfer Platform. The impact assessment is ongoing, and affected clients will be contacted directly. Finastra previously faced a ransomware … Read more
November 20, 2024 at 07:59AM DeepTempo launched Tempo, a deep learning Snowflake Native App, enhancing security productivity and threat detection. Tempo optimizes existing security data lakes, detects anomalies, and provides context for triage. Organizations can save significantly on SIEM costs, with false positive rates below one percent, enabling efficient incident response and log management. ### … Read more
November 17, 2024 at 11:37AM Threat actors are increasingly using Scalable Vector Graphics (SVG) files for phishing and malware distribution due to their ability to evade detection. Unlike traditional image formats, SVGs use code to create images and can embed JavaScript, allowing attackers to hide malicious content. Users should treat unexpected SVG attachments as suspicious. … Read more