June 24, 2024 at 10:03AM The recent settlement between the US Securities and Exchange Commission (SEC) and Intercontinental Exchange Inc. (ICE) emphasizes cybersecurity and corporate accountability issues. The severe cyberattack on ICE’s subsidiary exposed sensitive information and highlighted inadequate cybersecurity measures. The SEC’s proactive investigation and the $10 million settlement underscore the need for robust … Read more
May 31, 2024 at 11:15AM A month-long phishing campaign by the Russia-aligned threat actor group FlyingYeti used a WinRAR vulnerability to deliver the Cookbox malware to Ukrainian citizens. The attack aimed to exploit financial distress following the lifting of a government moratorium on evictions and utility disconnections. Cloudforce One recommended security measures to mitigate potential … Read more
May 28, 2024 at 11:02AM Over 90 malicious mobile apps, including the Anatsa banking Trojan, have been downloaded over 5.5M times from the Google Play store. These apps act as decoys and spread various malware. The Anatsa Trojan uses evasive tactics to steal sensitive banking credentials, primarily targeting Android users in Europe but expanding globally. … Read more
May 16, 2024 at 09:38AM Microsoft Threat Intelligence revealed that a financially motivated threat actor, Storm-1811, is conducting a vishing campaign using Quick Assist for remote access, posing as trusted contacts. The attacker delivers Black Basta ransomware and additional malware through various means, emphasizing the need for vigilance and user education to combat social engineering … Read more
March 13, 2024 at 10:45AM The White House has released a $7.3 trillion budget proposal for fiscal year 2025, emphasizing increased cybersecurity spending. This includes specific allocations such as $13 billion across civilian departments, $3 billion for the cybersecurity agency CISA, and additional funding for the Justice Department and healthcare sector. The budget also addresses … Read more
January 18, 2024 at 12:14PM Government modernization of cybersecurity strategies, including FedRAMP adoption and value-driven digital ecosystem development, is crucial to combat evolving cyber threats. Challenges like outdated technology, budget constraints, and disjointed security operations hinder progress. Yet, strategic investments in endpoint detection and response solutions and FedRAMP-authorized products can enhance security operations and empower … Read more