DDoS Attacks May Disrupt 2024 US Election Info
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint announcement to raise awareness about the potential…
Month: August 2024
Why CISOs face greater personal liability
In this Help Net Security interview, Christos Tulumba, CISO at Veritas Technologies, discusses the key factors contributing to increased personal liability risks for CISOs. These…
Threat intelligence: A blessing and a curse?
Access to timely and accurate threat intelligence is now core to security operations for many organizations. Today, it seems that security teams are blessed with…
Weaponized Google Authenticator Via Google Ads Steals Sensitive Data
In recent days, threat actors have leveraged the popular Google Authenticator (a multi-factor authentication program) through Google ads, infecting devices with malware. In this instance,…
Airlines are flying blind on third-party risks
The aviation industry has traditionally focused on physical security threats, but recent revelations about risks on Boeing‘s supply chain have spotlighted the critical need to…
New SMS Stealer Infects Millions Of Android Users In 113 Countries
Since February 2022, a highly advanced Android malware campaign has been specifically designed to attack one-time passwords (OTPs), which are used for enterprise security breaches.…
OAuth Vulnerability Exposes 1 Million Websites To XSS Attacks
Despite robust defenses, Cross-Site Scripting (XSS) remains a persistent web vulnerability, as its exploitation has become increasingly challenging. A recent discovery highlights how integrating OAuth,…
Infosec products of the month: July 2024
Here’s a look at the most interesting products from the past month, featuring releases from: AttackIQ, AuditBoard, Black Kite, BlueVoyant, Druva, GitGuardian, Invicti Security, IT-Harvest,…
Fraud ring pushes 600+ fake web shops via Facebook ads
Image: Midjourney A malicious fraud campaign dubbed “ERIAKOS” promotes more than 600 fake web shops through Facebook advertisements to steal visitors’ personal and financial information.…
American States Move To Restrict Liability Of Healthcare Orgs
As cyberattacks on healthcare organizations surge, several state-level lawmakers are pushing back against what they see as excessive class-action lawsuits over data breaches in the…
Medusa Ransomware Group Commits OPSEC Failure
Researchers uncovered a critical operational security (OPSEC) failure by the Medusa Ransomware Group, allowing them to access the group’s cloud storage, revealing a trove of…
New Android malware wipes your device after draining bank accounts
A new Android malware that researchers call ‘BingoMod’ can wipe devices after successfully stealing money from the victims’ bank accounts using the on-device fraud technique. Promoted…