102Articles
9Categories
2024-05-06Date
🚨 CISA KEV 1[−]
6 May KEVOrganizations Patch CISA KEV List Bugs 3.5 Times Faster Than Others, Researchers FindThe median time to patch bugs listed in the CISA's Known Exploited Vulnerabilities (KEV) catalog is 174 days, compared to 621 days for non-KEV vulnerabilities, according to an analysis by Bitsight.THERECORD.MEDIA
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
6 MayLinksys Router Flaw Let Attackers Perform Command Injection, PoC ReleasedLinksys routers were discovered with two vulnerabilities: CVE-2024-33788 and CVE-2024-33789. These vulnerabilities were associated with Command Injection on Linksys routers. The severity of these vulnerabilities is yet to be categorized. However, a proof-of-concept has been publi…GBHACKERS.COM
6 MayTinyproxy Flaw Let Attackers Execute Remote CodeA security flaw has been identified in Tinyproxy, a lightweight HTTP/HTTPS proxy daemon widely used in small network environments. The vulnerability, cataloged under CVE-2023-49606, allows remote attackers to execute arbitrary code on the host machine. This flaw poses a critical …GBHACKERS.COM
6 MayGermany blames Russian hackers for months-long cyber espionageRussia was involved in a months-long cyber espionage campaign against Germany last year, which involved targeting politicians and the defense sector, German officials said, adding they have evidence the attacks were conducted by Russia-backed threat actor, Fancy Bear. Also tracke…CSOONLINE.COM
6 MayCritical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code ExecutionMore than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool. The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum o…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
6 MayAI governance and cybersecurity certifications: Are they worth it?The International Association of Privacy Professionals (IAPP), SANS Institute, and other organizations are releasing new AI certifications in the areas of governance and cybersecurity or adding new AI modules to existing programs. These may help professionals find employment, but…CSOONLINE.COM
6 MayXiaomi Android Devices Hit by Multiple Flaws Across Apps and System ComponentsMultiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbit…THEHACKERNEWS.COM
6 MayLaw Enforcement Seized LockBit Group’s Website AgainLaw enforcement authorities seized the Lockbit group's Tor website again and they plan to reveal the identities of the LockBitSupps and other gang members on May 7, 2024.SECURITYAFFAIRS.COM
6 MayWhy Your VPN May Not Be As Secure As It ClaimsVirtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network coul…KREBSONSECURITY.COM
6 MayCity of Wichita shuts down IT network after ransomware attackThe City of Wichita, Kansas, disclosed it was forced to shut down portions of its network after suffering a weekend ransomware attack. [...]BLEEPINGCOMPUTER.COM
6 MayLockbit's seized site comes alive to tease new police announcementsThe NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday. [...]BLEEPINGCOMPUTER.COM
6 MaySearch + RAG: The 1-2 punch transforming the modern SOC with AI-driven security analyticsThe cybersecurity industry is facing a workforce gap. In fact, the gap between the number of skilled cybersecurity workers needed vs the amount available has grown 12.6% year over year worldwide. This is at a time when the number of threats security teams face continue to escalat…CSOONLINE.COM
6 MayOperation Cronos Again Threatens to Reveal LockBitSuppInternational Police Operation Revives Seized LockBit Dark Web Leak Site Police behind an international law enforcement operation targeting LockBit resurrected the leak site they seized earlier this year from the ransomware-as-a-service group and posted a countdown clock suggesti…DATABREACHTODAY.CO.UK
6 MayRussian GRU Hackers Compromised German, Czech TargetsThe German and Czech governments have publicly disclosed that Russian military intelligence hackers, known as APT28, have been involved in an espionage campaign targeting political parties and critical infrastructure in both countries.BANKINFOSECURITY.COM
6 MayDial A CISO Game: 175 Leadership Lessons from CISO STORIES Weekly Podcast! - Todd Fitz... - RSA24 #1Each week, the author of the best-selling CISO COMPASS book and host of the popular CISO STORIES podcast dives into leadership issues on a relevant security topic with experienced guest CISOs and industry leaders. These consumable 25-30 minute podcasts are great on a drive to wor…YOUTUBE.COM
6 MayThe Enterprise Browser: The First Win-Win-Win For CISOs, CIOs and End Users - Mike Fey - RSA24 #1How companies are benefiting from the enterprise browser. It's not just security when talking about the enterprise browser. It's the marriage between security AND productivity. In this interview, Mike will provide real live case studies on how different enterprises are benefittin…YOUTUBE.COM
6 MayHacking AI Bias with Human Techniques - Keith Hoodlet - ASW #284We already have bug bounties for web apps so it was only a matter of time before we would have bounties for AI-related bugs. Keith Hoodlet shares his experience winning first place in the DOD's inaugural AI bias bounty program. He explains how his education in psychology helped f…YOUTUBE.COM
6 MayAI & Hype & Security (Oh My!) - Caleb Sima - ASW #284A lot of AI security has nothing to do with AI -- things like data privacy, access controls, and identity are concerns for any new software and in many cases AI concerns look more like old-school API concerns. But...there are still important aspects to AI safety and security, fro…YOUTUBE.COM
6 MayThe Role Identity Plays in Nearly Every Attack—Including Ransomware - Hed Kovetz - RSA24 #1The common misperception that identity infrastructure and IAMs like Active Directory, Okta, or Ping can adequately secure the entire identity infrastructure is to blame for the continued barrage of cyber and ransomware attacks. Yes, each of these vendors has security controls bak…YOUTUBE.COM
6 MayHardware cybersecurity leader, Flexxon, introduces Server Defender at RSAC 2024 - Came... - RSA24 #1The danger of post-breach disruption and downtime is extremely real. And while we should work to prevent these breaches in the first place, we must also be practical and pre-empt any potential incidents. Organisations armed with the most extensive software-based cybersecurity pro…YOUTUBE.COM
6 MayRisk Reduction - the missing link in Third Party Cyber Risk Management - Alexandre Sieira - RSA24 #1Vendors, sales channels, partners and other kinds of third parties are essential to most businesses. Ensuring that the information security risks of those other companies don't impact your own is the remit of Third Party Cyber Risk Management (TPCRM) teams. It is increasingly evi…YOUTUBE.COM
6 MayEnterprise Technology Management: No Asset Management SilosOomnitza co-founder and CEO Arthur Lozinski discusses enterprise technology management - a solution that brings software, hardware and infrastructure asset management together in a single database and uses automation to set and enforce policies for the enterprise as a whole.DATABREACHTODAY.CO.UK
6 MayGoogle launches Google Threat Intelligence at RSA ConferenceGoogle unveiled Google Threat Intelligence, a new Google Cloud Security offering, at the RSA Conference on Monday. The service aims to provide organizations with enhanced visibility into the global threat landscape, enabling them to better protect digital assets and respond to em…CSOONLINE.COM
6 MayAutomated Pentesting in the Cloud - Jay Mar-Tang - RSA24 #1Despite building up impressive security stacks in the Cloud, organizations are still struggling to keep their environments safe. Pentera recently introduced it's latest product, Pentera Cloud as the first tool to provide automated pentesting capabilities for cloud environments. T…YOUTUBE.COM
6 MayCTEM: Understanding the essentials and why it matters - Zaira Pirzada - RSA24 #1In reaction to the increasing potential of threat actors unaffected by the current state of cybersecurity measures and vulnerability management tools yielding “rarely actioned reports and long lists of generic remediations” as the attack surface continues to expand, Gartner has s…YOUTUBE.COM
6 MayUnpacking XDR: Coverage, Stitching, Aggregation – and the GenAI Wildcard - Oliver Tava... - RSA24 #1The challenge of evaluating threat alerts in aggregate – what a collection and sequence of threat signals tell us about an attacker’s sophistication and motives – has bedeviled SOC teams since the dawn of the Iron Age. Vectra AI CTO Oliver Tavakoli will discuss how the design pri…YOUTUBE.COM
6 MayToil! What is it good for? - Akira Brand - RSA24 #1- What is Toil - Cost of toil - We'll gladly show you how we reduced it and how you can too, but... you have to come to the talk to find out! Segment Resources: https://sre.google/sre-book/eliminating-toil Cherniss (1980) introduced burnout as a process in which engaged employees…YOUTUBE.COM
📋 SECURITY BULLETINS 1[−]
6 MayThe Challenges in Keeping Medical Device Software UpdatedUpdating software as new vulnerabilities are discovered persistently remains a top medical device cybersecurity challenge, said David Brumley, a cybersecurity professor at Carnegie Mellon University and CEO of security firm ForAllSecure. Solving this requires a major mindset shif…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 9[−]
6 MayCisa Warned 1,750 Organizations of Ransomware Vulnerabilities Last Year. Only Half Took Action.The Cybersecurity and Infrastructure Security Agency sent out alerts to critical infrastructure sectors, with only 852 organizations responding by patching, implementing controls, or taking devices offline.CYBERSECURITYDIVE.COM
6 MayMicrosoft is a national security threat, says ex-White House cyber policy directorsubmitted by ylai to cybersecurity 4 points | 0 comments https://www.theregister.com/2024/04/21/microsoft_national_security_risk/THEREGISTER.COM
🔥 INCIDENT REPORTING 15[−]
6 MayRussia-Linked APT28 and Crooks are Still Using the Moobot BotnetTrend Micro researchers revealed that the botnet, primarily operating through compromised Ubiquiti EdgeRouters, is used for various malicious activities such as credential harvesting, proxying network traffic, and hosting phishing landing pages.SECURITYAFFAIRS.COM
6 MayCyber Security Today, May 6, 2024 - Ransomware gang claims responsibility for attacking Italian healthcare service, Russian gang blamed for attacks in Europe, and moreThis episode reports on vulnerable routers, an attack on a Canadian digital library service and moreCYBERSECURITYTODAY.LIBSYN.COM
6 MayCity of Wichita Shuts Down Network Following Ransomware AttackThe City of Wichita, Kansas, has shut down its network after falling victim to a file-encrypting ransomware attack. The post City of Wichita Shuts Down Network Following Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayIt Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBsCybercriminals are vipers. They’re like snakes in the grass, hiding behind their keyboards, waiting to strike. And if you're a small- and medium-sized business (SMB), your organization is the ideal lair for these serpents to slither into.  With cybercriminals becoming m…THEHACKERNEWS.COM
6 MayRussian GRU Hackers Compromised German, Czech Targetssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bankinfosecurity.in/russian-gru-hackers-compromised-german-czech-targets-a-25007BANKINFOSECURITY.IN
6 MayFinland Warns of Android Malware Attacks Breaching Bank AccountsFinland's Transport and Communications Agency (Traficom) highlighted multiple cases of SMS messages written in Finnish that instruct recipients to call a number. The scammer answers the call instructs victims to install a McAfee app for protection.BLEEPINGCOMPUTER.COM
6 MayChina-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network DevicesThe recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, t…THEHACKERNEWS.COM
6 MayAPT42 Hackers Posing As Event Organizers To Hijack Victim NetworkAPT42, a group linked to the Iranian government, is using social engineering tactics such as impersonating journalists and event organizers to trick NGOs, media, academia, legal firms, and activists into providing credentials to access their cloud environments. They exfiltrate da…GBHACKERS.COM
6 MayNew Atomic Stealer Malware Copies Passwords & Wallets from Infected MacsSeveral new variants of Atomic macOS Stealer, or AMOS have been observed that are intended to exfiltrate sensitive data from affected Macs.  AMOS is transmitted by Trojan horses, which frequently pose as allegedly pirated or “cracked” versions of apps. It is inte…GBHACKERS.COM
6 MayPolice resurrect Lockbit’s site and troll the ransomware gangAn international coalition of police agencies have resurrected the dark web site of the notorious LockBit ransomware gang, which they had seized earlier this year, teasing new revelations about the group. On Sunday, what was once LockBit’s official darknet site reappeared online …TECHCRUNCH.COM
6 MaySay Easy, Do Hard - Train How You Fight, Part 2 - BSW #349Inspired by my co-host Jason Albuquerque, we dig into the hard part of our Say Easy, Do Hard segment. In part 2, we discuss how to train for a cyber instance. We'll cover the elements of a training program that will prepare you for responding to a cyber incident, including: - Dev…YOUTUBE.COM
6 MaySay Easy, Do Hard - Train How You Fight, Part 1 - BSW #349Inspired by my co-host Jason Albuquerque, this quarter's Say Easy, Do Hard segment is Train How You Fight. In part 1, we discuss the importance of training for a cyber incident. However, lots of organizations do not take it seriously, causing mistakes during an actual cyber incid…YOUTUBE.COM
6 MayPrevent cyberattacks by securing code from the start with Qwiet AI - Chris Hatter - RSA24 #1Qwiet AI provides real time detection of security vulnerabilities in code along with the best AI generated fixes to aid developers in finding and fixing their code with the addition of AI AutoFix. This segment is sponsored by Qwiet AI. Visit https://securityweekly.com/qwietrsac t…YOUTUBE.COM
6 MayISMG Editors: Opening Day Overview of RSA Conference 2024Ransomware, AI Technology and the Art of the Possible Are Hot Topics This Year ISMG editors are live at RSA Conference 2024 in San Francisco with an overview of opening-day speakers and hot topics including the dismal ransomware landscape, the unbridled growth of AI, security pro…DATABREACHTODAY.CO.UK
6 MayMicrosoft Overhauls Security Practices After Major BreachesCompany Plans to Link Executive Compensation to Achieving Security Milestones The executive vice president for Microsoft Security has announced an overhaul of the company's security practices following a series of high-profile cyberattacks that allowed foreign state-sponsored hac…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 30[−]
6 MayISC Stormcast For Monday, May 6th, 2024 https://isc.sans.edu/podcastdetail/8968, (Mon, May 6th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
6 MayThe Best Secure Email Providers in 2024submitted by 0x0 to security 1 points | 1 comments https://blog.thenewoil.org/the-best-secure-email-provider-in-2024?pk_campaign=rss-feedTHENEWOIL.ORG
6 MayPermira to Acquire Majority Stake in BioCatch at $1.3 Billion ValuationPermira has agreed to acquire a majority of BioCatch shares, primarily from Bain Capital Tech Opportunities and Maverick Ventures. The post Permira to Acquire Majority Stake in BioCatch at $1.3 Billion Valuation appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayEurope’s Most Wanted Teenage Hacker ArrestedJulius “Zeekill” Kivimäki, once Europe’s most wanted teenage hacker, has been arrested. Kivimäki, known for his involvement with the notorious Lizard Squad, was apprehended after a series of cybercrimes that shocked the continent…GBHACKERS.COM
6 MayHackers Use Custom Backdoor & Powershell Scripts to Attack Windows MachinesThe Damselfly Advanced Persistent Threat (APT) group, also known as APT42, has been actively utilizing custom backdoor variants, NiceCurl and TameCat, to infiltrate Windows machines. These backdoors are primarily delivered through spear-phishing campaigns, marking a significant e…GBHACKERS.COM
6 MayNew Lawsuit Attempting to Make Adversarial Interoperability LegalLots of complicated details here: too many for me to summarize well. It involves an obscure Section 230 provision—and an even more obscure typo. Read this .SCHNEIER.COM
6 MayUS Cyber Command Appoints Morgan Adamski as Executive DirectorUnited States Cyber Command (USCYBERCOM) has named Ms. Morgan M. Adamski as Executive Director effective June 2024. The post US Cyber Command Appoints Morgan Adamski as Executive Director appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayCybersecurity M&A Roundup: 33 Deals Announced in April 2024Thirty-three cybersecurity-related merger and acquisition (M&A) deals were announced in April 2024. The post Cybersecurity M&A Roundup: 33 Deals Announced in April 2024 appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayGermany blames Fancy Bear for 2023 hacking campaignsubmitted by kid to cybersecurity 1 points | 1 comments https://www.theregister.com/2024/05/06/infosec_in_brief/THEREGISTER.COM
6 MayAmnesty International Cites Indonesia as a Spyware Hubsubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/cybersecurity-operations/amnesty-international-cites-indonesia-as-spyware-hubDARKREADING.COM
6 MayMicrosoft: Announcing Zero Trust DNS Private Previewsubmitted by kid to cybersecurity 1 points | 1 comments https://techcommunity.microsoft.com/t5/networking-blog/announcing-zero-trust-dns-private-preview/ba-p/4110366TECHCOMMUNITY.MICROSOFT.COM
6 MayMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
6 MayIranian Cyberspies Hit Targets With New BackdoorsIranian state-sponsored group APT42 is targeting NGOs, government, and intergovernmental organizations with two new backdoors. The post Iranian Cyberspies Hit Targets With New Backdoors appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayCyberNut Emerges From Stealth With K-12 Security Awareness Training SolutionCyberNut has emerged from stealth mode with a K-12-focused security awareness training solution and $800k in pre-seed funding. The post CyberNut Emerges From Stealth With K-12 Security Awareness Training Solution appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayAnetac Emerges From Stealth Mode With $16 Million in FundingIdentity management startup Anetac has emerged from stealth mode with a $16 million investment led by Liberty Global. The post Anetac Emerges From Stealth Mode With $16 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayIndonesia Emerging As A Hub For Highly Invasive SpywareIn today’s digital age, civil society is facing a serious threat in the form of invasive malware and surveillance technology that has the potential to cause irreparable harm. These malicious tools can infiltrate systems and compromise sensitive information, posing a grave r…GBHACKERS.COM
6 MayBeware of Phishing Attacks Targeting AmericanExpress Card UsersCybercriminals target American Express cardholders through deceptive emails that mimic official communications from the financial services giant. The scam attempts to trick users into divulging sensitive personal and financial information. How the Scam Works According to a recent…GBHACKERS.COM
6 MayLevelBlue Leverages AI For Threat Intel Following AT&T SplitAI Investments and Global Expansion Set to Propel Growth After Separating From AT&T As Level Blue separates from AT&T, it focuses on harnessing artificial intelligence for advanced threat intelligence, targeting significant growth in international markets, and evaluating …DATABREACHTODAY.CO.UK
6 MayBest SIEM Tools List For SOC Team – 2024The Best SIEM tools for you will depend on your specific requirements, budget, and organizational needs. There are several popular and highly regarded SIEM (Security Information and Event Management) tools available in the market What is SIEM? A security information and event man…GBHACKERS.COM
6 MaySynopsys Sells Software Integrity Business in $2.1 Billion DealSynopsys is selling its Software Integrity Group to private equity firms Clearlake Capital and Francisco Partners in a $2.1 billion deal. The post Synopsys Sells Software Integrity Business in $2.1 Billion Deal appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayNiceCurl and TameCat Custom Backdoors Leveraged by Damselfly APTThe Damselfly Advanced Persistent Threat (APT) group, also known as APT42, has been actively using custom backdoor variants, NiceCurl and TameCat, to infiltrate Windows machines.BROADCOM.COM
6 MayGoogle Debuts New Security Products, Hyping AI and Mandiant ExpertiseGoogle rolls out new threat-intel and security operations products and looks to the magic of AI to tap into the booming cybersecurity market. The post Google Debuts New Security Products, Hyping AI and Mandiant Expertise appeared first on SecurityWeek .SECURITYWEEK.COM
6 MayIntroducing The New KnowBe4.comI'm excited to unveil our newly redesigned website at knowbe4.com ! The team has worked hard to create a sleek, modern design with improved navigation and new features to better serve you - our valued customers and guests.KNOWBE4.COM
6 MayShifting Third Party Risk: From Bottleneck to Business Driver - Paul Valente - RSA24 #1Explore how to transform your third party risk program from a business bottleneck to a business driver. Discover how evidence-based security documentation and AI can streamline risk assessments, completing them in days not months. This data-driven approach will reduce TPRM backlo…YOUTUBE.COM
6 MayNew capabilities to help you secure your AI transformationToday, we’re thrilled to introduce new features for securing and governing in the age of AI. We are announcing new capabilities in Microsoft Defender and Microsoft Purview that will make it easier for teams to manage, protect ,and govern AI applications at work. The post New capa…MICROSOFT.COM
6 MayRethinking Cybersecurity Investment Amid Rising ThreatsVoss of DAT Freight & Analytics on Budget Allocation for Holistic Cyber Defense Erika Voss, vice president of information security at DAT Freight & Analytics, discusses the evolving landscape of cybersecurity investment, the critical areas often overlooked by enterprises - includ…DATABREACHTODAY.CO.UK
6 MayMaximizing ROI Through Strategic Cybersecurity InvestmentsEric Sanchez of Kyowa Kirin on Balancing Cost-Efficiency and Effective Protection Eric Sanchez, CISO of Kyowa Kirin, discusses the evolving cybersecurity landscape, emphasizing ROI, revenue assurance and the critical need for proactive protection measures. He highlights the impor…DATABREACHTODAY.CO.UK
6 MayGoogle Chrome is getting native support for YouTube-like video chaptersGoogle is adding a new feature to Google Chrome that allows publishers to add video chapters to videos embedded on websites, similar to how chapters work on YouTube. [...]BLEEPINGCOMPUTER.COM
6 MayHow Apiiro is defining ASPM with its breadth of integrations & depth of context - Idan... - RSA24 #1Application security posture management has quickly become a hot commodity in the world of AppSec, but questions remain around what is defined by ASPM. Vendors have cropped up from different corners of the AppSec space to help security teams make their programs more effective, im…YOUTUBE.COM
6 MayTwo Steps Forward for SaaS Adoption, One Step Back for Security - Adrian Sanabria - RSA24 #1Businesses have moved mountains of data and computing into the cloud. Cloud security has received a lot of attention over the past ten years. Somehow, SaaS security gets overlooked, even though the industry spends six times more on SaaS than on the cloud. This session will explor…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
6 MayNew 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm MacsCybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of runnin…THEHACKERNEWS.COM
6 MayHijackLoader Evolves with New Evasion TechniquesHijackLoader is a modular malware loader that is used to deliver second-stage payloads including Amadey, Lumma Stealer, Racoon Stealer v2, and Remcos RAT. HijackLoader decrypts and parses a PNG image to load the next stage.ZSCALER.COM
📡 INFOSEC NEWS 16[−]
6 MayCrypto Recovery Scams – And How They Add Insult to InjuryCrypto recovery scams involve fraudsters who offer to help victims recover stolen cryptocurrency in exchange for an upfront fee, but instead, they disappear after payment.WELIVESECURITY.COM
6 MayEuropean Raids Shut Down Call Centers Used to ‘Shock and Cheat’ VictimsThe criminal network was responsible for defrauding thousands of victims through fake police calls, investment fraud, or romance scams, Europol said. Scam callers posed as victims’ close relatives, bank employees, customer service, or police.THERECORD.MEDIA
6 MayMicrosoft, Google Widen Passkey Support for Its UsersPasskeys are gaining widespread adoption as an alternative to traditional passwords for digital authentication. Major tech companies like Microsoft, Google, and Bitwarden have recently expanded support for passkeys.HELPNETSECURITY.COM
6 MayLayerX Raises $26 Million for its Browser Security PlatformThe Israeli startup founded in 2022 by Or Eshed and David Weisbrot has raised $26 million in Series A funding. This round, led by Glilot+ and with participation from Dell Technologies Capital, brings LayerX's total investment to $34 million.CALCALISTECH.COM
6 MayRansom Recovery Costs Reach $2.73 MillionRansom recovery costs have surged, with the average payment reaching $2 million, a 500% increase from the previous year. Excluding ransoms, the average cost of recovery has risen to $2.73 million, up by almost $1 million, according to Sophos.HELPNETSECURITY.COM
6 MayGoogerteller lets you hear how tracking sounds | Kaspersky official blogA small program called Googerteller emits a sound every time your browser accesses Google and the most common advertising trackers.KASPERSKY.COM
6 MayRSA Conference 2024: What To ExpectPACKETSTORMSECURITY.COM
6 MayGet ahead in cybersecurity with $145 off a training course bundleCybersecurity is everyone's concern, and for IT workers, a key skill on their resume. This five-course exam prep bundle helps you get more advanced credentials for $49.99, $145 off the $195 MSRP. [...]BLEEPINGCOMPUTER.COM
6 MayDownload the Zero Trust network access (ZTNA) buyer’s guideThe Zero Trust network access (ZTNA) approach replaces the perimeter defense model with a “least privilege” framework where users authenticate to access specific data and applications. Access Control, Enterprise Buyer’s Guides, Network Security, Zero TrustUS.RESOURCES.CSOONLINE.COM
6 MayMicrosoft tests using MT/s for memory speed in Windows 11 Task ManagerMicrosoft is testing showing memory speeds as MT/s (mega-transfers per second) rather than MHz (megahertz) in the Windows 11 Task Manager. [...]BLEEPINGCOMPUTER.COM
6 MayBelgium’s Aikido Lands $17M Series A for its Security Platform Aimed at DevelopersAikido, a startup based in Ghent, Belgium, has secured a $17 million Series A funding to develop its innovative security platform tailored for developers. The round was led by Singular, with participation from Notion Capital and Connect Ventures.SG.NEWS.YAHOO.COM
6 MayThe hacker’s toolkit: 4 gadgets that could spell security troubleTheir innocuous looks and endearing names mask their true power. These gadgets are designed to help identify and prevent security woes, but what if they fall into the wrong hands?WELIVESECURITY.COM