Author: Andy Stern
-
Black Duck Expands Leadership Team
by
in SecurityNewsApplication security experts Black Duck have announced the appointment of Ishpreet Singh as chief information officer (CIO) and Bruce Jenkins as chief information security officer (CISO). These latest executive appointments follow last month’s announcement of Sean Forkan being named as chief revenue officer (CRO). Jason Schmitt, CEO of Black Duck, said: “As we are at an…
-
Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US
by
in SecurityNewsA second individual accused of being involved in NetWalker ransomware attacks, a Romanian national, has received a 20-year prison sentence. The post Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/another-netwalker-ransomware-affiliate-gets-20-year-prison-sentence-in-us/
-
OPSWAT Acquires Fend to Extend Cybersecurity Reach Into OT Platforms
by
in SecurityNewsOPSWAT this week revealed it has acquired Fend, Inc. to further extend the reach of its cybersecurity portfolio into the realm of operational technology (OT). First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/opswat-acquires-fend-to-extend-cybersecurity-reach-into-ot-platforms/
-
Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme
by
in SecurityNewsThe Play ransomware group claims to have stolen sensitive data from donut and coffee retail chain Krispy Kreme. The post Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ransomware-group-claims-theft-of-personal-financial-data-from-krispy-kreme/
-
Top 10 ASEAN stories of 2024
by
in SecurityNewsSoutheast Asia’s 2024 tech landscape saw major companies embracing AI, shifts in open source and the emergence of local large language models to address the needs of a diverse region First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617089/Top-10-ASEAN-stories-of-2024
-
Top 10 data and ethics stories of 2024
by
in SecurityNewsHere are Computer Weekly’s top 10 data and ethics stories of 2024 First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617246/Top-10-data-and-ethics-stories-of-2024
-
heise meets “¦ Strafverteidiger spart mit KI bis zu 60 Minuten täglich
by
in SecurityNews
Tags: aiRechtsanwalt Florian Schoenrock gibt zu, KI im Arbeitsalltag einzusetzen. Für die Auswertung umfangreicher TKÜ-Daten sei sie inzwischen ein Muss. First seen on heise.de Jump to article: www.heise.de/news/heise-meets-Strafverteidiger-spart-mit-KI-bis-zu-60-Minuten-taeglich-10217608.html
-
LockBit Admins Tease a New Ransomware Version
by
in SecurityNewsThe LockBitSupp persona said LockBit 4.0 will be launched in February 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lockbit-admins-tease-a-new/
-
Discord Databank wohl geleakt Konten gesperrt (Dez. 2024)
by
in SecurityNewsAktuell stellen deutsche Discord-Nutzer wohl fest, dass ihre Konten beim Dienst Discord gesperrt wurden. Ein Passwort-Reset hilft, wieder auf den Dienst zuzugreifen. Wenn meine Informationen stimmen, könnte dies mit einem Leck bei diesem Dienst zusammen hängen. Discord ist ein Onlinedienst für … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/20/discord-databank-wohl-geleakt-konten-gesperrt/
-
Threat Actors Selling Nunu Stealer On Hacker Forums
A new malware variant calledNunu Stealeris making headlines after being advertised on underground hacker forums and Telegram channels. Priced at $100 per month, this malicious tool is gaining attention for its extensive capabilities and potential to wreak havoc on individuals and organizations alike. According to a post shared by a ThreatMon on X, the malware…
-
BeyondTrust SaaS instances breached in cyberattack
by
in SecurityNewsBeyondTrust, a privileged access management vendor, patched two vulnerabilities this week after attackers compromised SaaS instances for a ‘limited number’ of customers. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617426/BeyondTrust-SaaS-instances-breached-in-cyber-attack
-
Ascension: Health data of 5.6 million stolen in ransomware attack
by
in SecurityNewsAscension, one of the largest private U.S. healthcare systems, is notifying over 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ascension-health-data-of-56-million-stolen-in-ransomware-attack/
-
20 Jahre Haft: Ransomware-Hacker muss Luxusresort auf Bali abgeben
by
in SecurityNewsMit der Netwalker-Ransomware hat der Mann fast 1.600 Bitcoin eingenommen. Von dem Geld wollte er unter anderem ein Luxusresort auf Bali bauen. First seen on golem.de Jump to article: www.golem.de/news/verurteilt-ransomware-hacker-erhaelt-millionenstrafe-und-20-jahre-haft-2412-191902.html
-
Raspberry-Robin Vielschichtige Verschlüsselung
by
in SecurityNewsDas Zscaler-ThreatLabz-Team entschlüsselte vor kurzem die umfangreichen Verschleierungstechniken von Raspberry-Robin (auch bekannt als Roshtyak). Die Malware befindet sich seit 2021 im Umlauf und verbreitet sich hauptsächlich über infizierte USB-Geräte, so dass nach wie vor eine Gefahr zur Infektion von Windows-Systemen davon ausgeht. Hauptaufgabe von Raspberry-Robin ist das Nachladen und Ausführen der Payload auf einem kompromittierten…
-
Congress weighs Trump’s approach to antitrust enforcement
by
in SecurityNews
Tags: unclassifiedUnder the incoming Trump administration, antitrust enforcement might shift to one agency in a move some believe will streamline cases and improve efficiency. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366617405/Congress-weighs-Trumps-approach-to-antitrust-enforcement
-
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
by
in SecurityNewsThe FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/webcams-vulnerable-hiatusrat-fbi/
-
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024.The attacks, which culminated in the deployment of a new modular backdoor…
-
Russia fires its biggest cyberweapon against Ukraine
by
in SecurityNews
Tags: access, attack, breach, cisa, communications, country, cyber, cyberattack, defense, email, governance, government, group, incident response, infrastructure, intelligence, microsoft, mitigation, mobile, risk, russia, service, strategy, threat, ukraine, vulnerability, warfareUkraine has faced one of the most severe cyberattacks in recent history, targeting its state registries and temporarily disrupting access to critical government records.Ukrainian Deputy Prime Minister Olga Stefanishyna attributed the attack to Russian operatives, describing it as an attempt to destabilize the country’s vital digital infrastructure amid the ongoing war.”It’s already clear that the…
-
CISA Urges Encrypted Messaging After Salt Typhoon Hack
by
in SecurityNewsThe US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-e2e-messaging-salt-typhoon/
-
Verurteilt: Ransomware-Hacker erhält Millionenstrafe und 20 Jahre Haft
by
in SecurityNewsMit der Netwalker-Ransomware soll der Mann fast 1.600 Bitcoin eingenommen haben. Auch die Coronapandemie hat er wohl gezielt ausgenutzt. First seen on golem.de Jump to article: www.golem.de/news/verurteilt-ransomware-hacker-erhaelt-millionenstrafe-und-20-jahre-haft-2412-191902.html
-
U.S. CISA adds BeyondTrust software flaw to its Known Exploited Vulnerabilities catalog
by
in SecurityNews
Tags: access, cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, software, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection flaw, tracked as CVE-2024-12356 (CVSS score of 9.8) to…
-
CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability
by
in SecurityNewsCISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week. The post CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cisa-urges-immediate-patching-of-exploited-beyondtrust-vulnerability/
-
Massive live sports piracy ring with 812 million yearly visits taken offline
by
in SecurityNews
Tags: unclassifiedThe Alliance for Creativity and Entertainment (ACE) has taken down one of the world’s largest live sports streaming piracy rings, with over 821 million visits last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/massive-live-sports-piracy-ring-with-812-million-yearly-visits-taken-offline/
-
Bessere Organisation, bessere Datenwiederherstellung – Auch Backups müssen gesichert werden
by
in SecurityNews
Tags: backupFirst seen on security-insider.de Jump to article: www.security-insider.de/kommunikationsschwaeche-und-it-sicherheitsluecken-a-7fe9ae98956e0cb7c56bb5956c0561cb/
-
Siemens UMC Vulnerability Allows Arbitrary Remote Code Execution
by
in SecurityNewsA critical vulnerability has been identified in Siemens’ User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code. The flaw, designated CVE-2024-49775, is a heap-based buffer overflow vulnerability. Siemens has issued Security Advisory SSA-928984 and urges customers to implement recommended fixes or mitigations to minimize the risks. Details of the Vulnerability The…
-
Check Point im ersten Gartner-Magic-Quadrant für ESecurity-Plattformen führend
by
in SecurityNewsCheck Point Software Technologies gab bekannt, dass das Unternehmen als Leader im Gartner- Magic-Quadrant für E-Mail-Sicherheitsplattformen (ESP) 2024 anerkannt wurde. Check Point bietet leistungsfähige E-Mail-Sicherheit durch , die E-Mail- und Kollaborationsanwendungen vor fortschrittlichen Bedrohungen schützt und sich nahtlos in die integriert, um einen einheitlichen Schutz zu gewährleisten. Als einziger […] First seen on netzpalaver.de Jump…
-
ExChef: Schönbohm gewinnt Klage wegen Böhmermann-Sendung
by
in SecurityNews
Tags: bsiEx-BSI-Chef Schönbohm verklagte den ZDF-Moderator Böhmermann wegen angeblicher Falschaussagen. Das Gericht gab ihm weitgehend recht. First seen on golem.de Jump to article: www.golem.de/news/ex-bsi-chef-schoenbohm-gewinnt-klage-gegen-boehmermann-2412-191885.html
-
Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems
by
in SecurityNewsRockwell’s PowerMonitor is affected by critical vulnerabilities that can enable remote access to industrial systems for disruption or further attacks. The post Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/rockwell-powermonitor-vulnerabilities-allow-remote-hacking-of-industrial-systems/
-
Another NetWalker affiliate sentenced to 20 years in prison
by
in SecurityNewsA 30-year old Romanian man was sentenced to 20 years in prison for leveraging the Netwalker ransomware to extort money from victims, the US Department of Justice announced on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/20/another-netwalker-affiliate-sentenced-to-20-years-in-prison/
-
Der Feind in meinem Netz – Schutz vor Sicherheitsrisiken jenseits von Windows
by
in SecurityNews
Tags: windowsFirst seen on security-insider.de Jump to article: www.security-insider.de/netzwerksicherheitsluecken-nicht-nur-windows-risiken-a-3542c2b38d69e000769683aeba86380d/