The Black Basta ransomware group and its affiliates compromised hundreds of organizations worldwide between April 2022 and May 2024, according to a new report from several US government agencies. The Joint Cybersecurity Advisory (CSA) was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human Services (HHS), and Multi-State Information
A ransomware attack on US private healthcare giant Ascension has led to ambulances being diverted and patient appointments being postponed. Ascension confirmed the attack on May 9 after detecting unusual activity on select technology network systems on May 8. The healthcare provider, which operates 140 hospitals across the US, said that several hospitals are currently
A recent incident involving an MS-SQL (Microsoft SQL) honeypot has shed light on the sophisticated tactics employed by cyber-attackers relying on Mallox ransomware (also known as Fargo, TargetCompany, Mawahelper, etc.). The honeypot, set up by the Sekoia research team, was targeted by an intrusion set utilizing brute-force techniques to deploy the Mallox ransomware via PureCrypter,
Critical vulnerabilities have been found within Cinterion cellular modems. Disclosed during a Kaspersky presentation at OffensiveCon in Berlin on May 11, these flaws could allow remote attackers to execute arbitrary code, posing a significant threat to the integrity of millions of industrial devices reliant on these modems. The identified vulnerabilities, including CVE-2023-47610, highlight severe security weaknesses within
In this day and age, technology and business are inextricably linked. Digital transformation has ushered in unparalleled opportunities for organizations that act with agility in response to the blistering pace of change and look for ways to harness the potential of technology to advance their business. However, the growing reliance on digital systems, coupled with
With Starmus Earth: The Future of Our Home Planet around the corner, we sat down with David Eicher, the Astronomy Magazine editor-in-chief and one of the event’s speakers, to hear his thoughts on a diverse range of subjects – from the most pressing challenges facing our home planet to the mysteries of the universe and the
Scams Once your crypto has been stolen, it is extremely difficult to get back – be wary of fake promises to retrieve your funds and learn how to avoid becoming a victim twice over Phil Muncaster 02 May 2024 • , 4 min. read It’s a nightmare scenario for any cryptocurrency user. You fall victim
Video Organizations that fall victim to a ransomware attack are often caught between a rock and a hard place, grappling with the dilemma of whether to pay up or not 03 May 2024 The Simone Veil hospital in Cannes, France – which fell victim to a disruptive ransomware attack two weeks ago – has announced
We Live Science, Video As Starmus Earth draws near, we caught up with Dr. Garik Israelian to celebrate the fusion of science and creativity and venture where imagination flourishes and groundbreaking ideas take flight 07 May 2024 Some time ago, we briefly spoke to Dr. Garik Israelian, one of the founders of the Starmus Festival,
Digital Security Can AI effortlessly thwart all sorts of cyberattacks? Let’s cut through the hyperbole surrounding the tech and look at its actual strengths and limitations. Cameron Camp 09 May 2024 • , 3 min. read Predictably, this year’s RSA Conference is buzzing with the promise of artificial intelligence – not unlike last year, after
Video More than 40,000 security experts descended on San Francisco this week. Let’s now look back on some of the event’s highlights – including the CISA-led ‘Secure by Design’ pledge also signed by ESET. 10 May 2024 That’s a wrap on this year’s RSA Conference! More than 40,000 security professionals descended on San Francisco this
Digital Security We’re thrilled to announce that WeLiveSecurity has been named a finalist in the Corporates – Best Cybersecurity Vendor Blog category of the European Security Blogger Awards 2024 10 May 2024 • , 1 min. read We’re thrilled to announce that WeLiveSecurity has been named a finalist in the Corporates – Best Cybersecurity Vendor
“When I talk about climate change with people, I spend hardly any time on the science of climate change,” says Katharine Hayhoe, a leading climate science communicator and a speaker at Starmus Earth: The Future of Our Home Planet. The festival is almost here, and we’re delighted to publish an extensive interview with Dr. Hayhoe
May 10, 2024NewsroomBrowser Security / Vulnerability Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on
May 10, 2024The Hacker NewsArtificial Intelligence / Threat Hunting Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools are shaping the future
May 10, 2024NewsroomMalware / Cyber Espionage The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. “Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads and exfiltration of
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall Street Journal, Workable, and
May 13, 2024NewsroomSoftware Security / Malware Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golang-version of the Sliver command-and-control (C2) framework within a PNG image of the project’s logo. The package employing this steganographic trickery is requests-darwin-lite, which
The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Department of Health and Human Services
May 13, 2024NewsroomVulnerability / IoT Security Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. “These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and
May 13, 2024The Hacker NewsThreat Detection / SoC / SIEM In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time
May 13, 2024The Hacker NewsBrowser Security / Data Protection With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security
May 13, 2024Newsroom The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. “The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them,” the
A recent analysis has shed light on the extent of phishing and smishing attacks targeting the United States Postal Service (USPS), particularly during the holiday season. The study, conducted by Akamai Security researchers using anonymized global DNS query logs, revealed a startling trend. Illegitimate domains mimicking USPS websites attracted nearly equal, and sometimes higher, traffic
Apr 29, 2024NewsroomMobile Security / Hacking Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad accounts from
A state-sponsored threat actor has launched a sophisticated cyber espionage campaign that exploits two vulnerabilities in Cisco firewall platforms, according to an advisory from Cisco Talos. The campaign, dubbed ArcaneDoor, targets perimeter network devices to enable the attacker to undertake a range of actions inside an organization’s systems, including rerouting or modifying traffic and monitoring
Video Dr. Israelian talks about Starmus’s vision and mission, the importance of inspiring and engaging audiences, and a sense of community within the Starmus universe 23 Apr 2024 In this exclusive interview, we delve into the heart of the Starmus Festival with Dr. Garik Israelian, an astrophysicist and the visionary force behind the festival. Join
Apr 28, 2024NewsroomCredential Stuffing / Data Breach Identity and access management (IAM) services provider Okta has warned of a spike in the “frequency and scale” of credential stuffing attacks aimed at online services. These unprecedented attacks, observed over the last month, are said to be facilitated by “the broad availability of residential proxy services, lists
The US Federal Trade Commission (FTC) will send a total of $5.6m in refunds to customers of Ring, a home camera provider, as the result of a settlement with Ring over security and privacy failings. Ring, which was bought by tech giant Amazon in 2018, reached the settlement with the FTC in 2023 over charges
Video The investigation uncovered at least 40,000 phishing domains that were linked to LabHost and tricked victims into handing over their sensitive details 26 Apr 2024 One of the world’s largest phishing-as-a-service (Phaas) platforms known as LabHost has been disrupted in a global law enforcement operation, Europol has announced. Authorities from no fewer than 19
- « Previous Page
- 1
- …
- 15
- 16
- 17
- 18
- 19
- …
- 116
- Next Page »