Category: SecurityNews
-
Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks
by
in SecurityNewsRomanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks, pleading guilty to fraud charges in June. Romanian national Daniel Christian Hulea, 30, was sentenced to 20 years in prison for his role in NetWalker ransomware attacks. Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy on…
-
Top cyber attacks of 2024: Lessons from the year’s biggest breaches
by
in SecurityNewsThe cyber attacks of 2024 were memorable to say the least. This year, cybercriminals targeted critical industries and high-profile organizations, using increasingly sophisticated tactics to exploit First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/top-cyber-attacks-of-2024-lessons-from-the-years-biggest-breaches/
-
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
by
in SecurityNewsA dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024.Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department of…
-
Multi-Cloud, Immutable Solutions und Virtualisierungsmigration als Backup-Trends 2025
by
in SecurityNewsDie SEP wirft einen Blick in die Zukunft der Backup-Branche. Basierend auf umfangreichem Feedback von Partnern und Kunden benennt der deutsche Hersteller von Backup- und Disaster-Recovery-Software »Made in Germany«, die fünf wichtigsten Trends für 2025. Dazu zählen Multi-Cloud, Schutz gegen Cyberkriminalität und eine hohe Dynamik durch die Suche nach alternativen Virtualisierungslösungen wie Proxmox. Multi-Cloud-Strategien… First…
-
Tax-Themed Campaign Exploits Windows MSC Files to Deliver Stealthy Backdoor
The Securonix Threat Research team has uncovered a sophisticated phishing campaign named FLUX#CONSOLE, leveraging tax-related lures and the use of Windows MSC (Microsoft Management Console) files to deploy a stealthy... First seen on securityonline.info Jump to article: securityonline.info/tax-themed-campaign-exploits-windows-msc-files-to-deliver-stealthy-backdoor/
-
Judge rules NSO Group is liable for spyware hacks targeting 1,400 WhatsApp user devices
by
in SecurityNewsThe precedent-setting ruling from a Northern California federal judge could lead to massive damages against NSO Group, whose notorious spyware has been reportedly used by various governments worldwide.]]> First seen on therecord.media Jump to article: therecord.media/judge-rules-nso-group-liable-for-hack-of-1400-whatsapp-users
-
Google Chrome uses AI to analyze pages in new scam detection feature
by
in SecurityNewsGoogle is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-chrome-uses-ai-to-analyze-pages-in-new-scam-detection-feature/
-
Sophos discloses critical Firewall remote code execution flaw
by
in SecurityNewsSophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sophos-discloses-critical-firewall-remote-code-execution-flaw/
-
DEF CON 32 Laundering Money
by
in SecurityNews
Tags: conferenceAuthor/Presenter: Michael Orlitzky Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/def-con-32-laundering-money/
-
Datennutzung vs. Datenschutz: EAID lädt zur Diskussionsveranstaltung nach Berlin ein
by
in SecurityNews
Tags: unclassifiedFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/datennutzung-datenschutz-eaid-einladung-diskussionsveranstaltung-berlin
-
Alleged LockBit Coder Faces 41-Count Indictment in US
by
in SecurityNewsUS Seeks Extradition of Dual Russian and Israeli Citizen Rostislav Panev from Israel. A newly unsealed U.S. federal indictment against Rostislav Panev says the LockBit ransomware operation paid the Israeli national a $10,000 monthly salary for coding and consulting services. Federal prosecutors are seeking Panev’s extradition from Israel following his August arrest. First seen on…
-
Best SIEM Tools: Top Solutions for Enhanced Security
by
in SecurityNewsLooking for the best SIEM tool? Check out our list and find the security information and event management solution that fits your business needs. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/siem-tools/
-
AI-Powered Actions Cybersecurity Leaders Are Taking to Outwit Bad Actors
by
in SecurityNewsAs a cybersecurity executive, your job is clear: protect business operations, safeguard consumers and ensure the security of your employees. But in today’s rapidly evolving threat landscape, these responsibilities are more challenging than ever. The rise of AI-powered attacks demands that you take decisive, specific actions to not only improve efficiency but also enhance your……
-
Impart is now available in the AWS Marketplace – Impart Security
by
in SecurityNews
Tags: api, attack, data, detection, fraud, infrastructure, injection, kubernetes, marketplace, metric, monitoring, risk, service, strategy, threat, tool, update, wafToday, we are thrilled to announce that Impart is now available in the AWS Marketplace. More Streamlined Contracting AWS customers with existing spend commitments can apply their Impart purchase toward their AWS commitment. This availability simplifies the buying process with streamlined contractual and legal terms, enabling faster procurement. Product Benefits AWS customers can now more easily purchase…
-
SAML (Security Assertion Markup Language): A Comprehensive Guide
by
in SecurityNewsDive into the world of Security Assertion Markup Language (SAML), from its core concepts to practical implementation. Learn how this powerful standard enables secure authentication and single sign-on across different security domains. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/saml-security-assertion-markup-language-a-comprehensive-guide/
-
Microsoft coughs up yet more Windows 11 24H2 headaches
by
in SecurityNewsUsers report the sound of silence from operating system update First seen on theregister.com Jump to article: www.theregister.com/2024/12/19/windows_11_24h2_issues/
-
Sophos fixed critical vulnerabilities in its Firewall product
by
in SecurityNewsSophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access to devices, and remote code execution. Sophos has addressed three vulnerabilities, respectively tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, in its Sophos Firewall solution. The vulnerabilities impact Sophos Firewall v21.0 GA (21.0.0) and older versions, below are the description for these…
-
Editors’ Panel: Cybersecurity 2024 – Thanks for the Memories
by
in SecurityNewsLooking Back on the Ransomware Attacks, Resilience Lessons and Tech Trends. In the latest weekly update, ISMG editors discussed defining cybersecurity moments of 2024, from the CrowdStrike outage and its implications for vendor resilience to ransomware’s continued evolution, and the shifting dynamics in the tech industry affecting startups and M&A activity. First seen on govinfosecurity.com…
-
Google says new scam protection feature in Chrome uses AI
Google is planning to use “AI” in Chrome to detect scams when you browse random web pages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-says-new-scam-protection-feature-in-chrome-uses-ai/
-
US order is a reminder that cloud platforms aren’t secure out of the box
by
in SecurityNews
Tags: access, best-practice, breach, business, cisa, ciso, cloud, control, cyber, cybersecurity, defense, fedramp, google, government, guide, identity, incident, incident response, infrastructure, intelligence, international, login, mfa, microsoft, monitoring, network, risk, saas, service, software, toolThis week’s binding directive to US government departments to implement secure configurations in cloud applications, starting with Microsoft 365 (M365), is a reminder to all CISOs that cloud platforms, even from major providers, aren’t completely secure out of the box.”Cloud stuff is easy to manage, easy to deploy,” said Ed Dubrovsky, chief operating officer and…
-
Federal Cyber Operations Would Downgrade Under Shutdown
by
in SecurityNewsGovernment Shutdown Could See Thousands of Federal Cyber Workers Furloughed. A looming shutdown could sharply reduce the Cybersecurity and Infrastructure Security Agency’s operations, furloughing two-thirds of its workforce and exposing critical federal networks to heightened cyber threats, especially as malicious actors target vulnerable systems during the holiday season. First seen on govinfosecurity.com Jump to article:…
-
Siemens Warns of a Critical Vulnerability in UMC
by
in SecurityNewsHeap Overflow Flaw Threatens Industrial Control Systems Globally. Siemens issued a security advisory for a vulnerability affecting industrial control systems in its User Management Component that could enable attackers to execute arbitrary code. The heap-based buffer overflow flaw impacts products used in manufacturing and the energy sector. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/siemens-warns-critical-vulnerability-in-umc-a-27121
-
Ascension Notifying 5.6 Million Affected by Ransomware Hack
by
in SecurityNewsMissouri-Based Hospital Chain Initially Reported That Attack Affected Only 500. Seven months after a ransomware disrupted its IT systems for weeks, Catholic hospital chain Ascension Health is now notifying nearly 5.6 million current and former patients and employees that the incident – which also involved data theft – potentially compromised their information. First seen on…
-
Over 3M Builder.ai records leaked by unprotected database
by
in SecurityNews
Tags: data-breachFirst seen on scworld.com Jump to article: www.scworld.com/brief/over-3m-builder-ai-records-leaked-by-unprotected-database
-
Citrix acquisitions poised to enhance zero-trust security
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/citrix-acquisitions-poised-to-enhance-zero-trust-security
-
Play ransomware admits Krispy Kreme compromise
by
in SecurityNews
Tags: ransomwareFirst seen on scworld.com Jump to article: www.scworld.com/brief/play-ransomware-admits-krispy-kreme-compromise
-
RansomHub emerges as dominant ransomware group as 2024 ends
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/ransomhub-emerges-as-dominant-ransomware-group-as-2024-ends
-
Counterfeit Acunetix-based attack tool examined
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/counterfeit-acunetix-based-attack-tool-examined
-
Using CIS Benchmarks to Assess Your System Security Posture
by
in SecurityNews
Tags: unclassifiedFirst seen on scworld.com Jump to article: www.scworld.com/native/using-cis-benchmarks-to-assess-your-system-security-posture
-
Cyberattack hits BeyondTrust Remote Support SaaS implementations
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/cyberattack-hits-beyondtrust-remote-support-saas-implementations