Catastrophic Ransomware cyber threat looming on UK
The United Kingdom government is teetering on the brink of a potential catastrophic ransomware attack, according to the Joint Committee on the National Security Strategy…
Month: December 2023
Cloud Engineer Sentenced for Deleting Ex-employer’s Code Logs
San Francisco resident Miklos Daniel Brody, 38, took revenge on his former employer, a bank, by hacking valuable computer code and damaging the bank’s cloud system. And…
SAFE Materiality Assessment Module identifies top cyber risk scenarios
Safe Security announced its new SAFE Materiality Assessment Module, enabling security and risk leaders to achieve SEC compliance by estimating and tracking materiality of cyber…
Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities
Dec 13, 2023NewsroomMobile Communication / Firmware security Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in…
No UK AI legislation until timing is right, says Donelan
Digital secretary Michelle Donelan says UK government will not legislate on artificial intelligence (AI) until the timing is right, and is focused in the meantime…
OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks
OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks Pierluigi Paganini December 13, 2023 Microsoft warns that threat actors are using OAuth applications…
New Sophisticated Phishing Attacks on the Rise
Phishing, a persistent cyberthreat, has evolved with the times. Once a symbol of convenience, QR codes are now being weaponized by attackers through Quishing. This…
Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns
Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard…
Recruiters Beware! Hackers Deliver Malware Posing Job Applicant
Threat actors have been targeting recruiters disguised as job applicants to deliver their malware. Though this method is not unique, the technique and attack vectors…
Sophos Firewall Code Injection Flaw: Let Attackers Execute Code
A critical security flaw has been discovered in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely. The vulnerability enables…
Drata unveils Third-Party Risk Management offering to help security teams identify risks
Drata announced its Third-Party Risk Management (TPRM) offering, empowering customers to identify, evaluate, and monitor third-party risks in one centralized and integrated platform. Third-party risk…
How ransomware gangs use the tech media against their victims
Cyber criminals traditionally and understandably shied away from publicity, but over the past few years, ransomware gangs have inverted this longstanding trope and are now…