Tag: attack
-
Hackers Steal 17M Patient Records in Attack on 3 Hospitals
by
in SecurityNewsIT Outage, Downtime Procedures Affecting Services at California Healthcare Provider. Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1. First seen…
-
Citrix shares mitigations for ongoing Netscaler password spray attacks
by
in SecurityNewsCitrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/citrix-shares-mitigations-for-ongoing-netscaler-password-spray-attacks/
-
Yearlong supply-chain attack targeting security pros steals 390K credentials
by
in SecurityNewsMultifaceted, high-precision campaign targets malicious and benevolent hackers alike. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/12/yearlong-supply-chain-attack-targeting-security-pros-steals-390k-credentials/
-
CISA confirms critical Cleo bug exploitation in ransomware attacks
by
in SecurityNewsCISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-confirms-critical-cleo-bug-exploitation-in-ransomware-attacks/
-
With ‘TPUXtract,’ Attackers Can Steal Orgs’ AI Models
by
in SecurityNewsA new side-channel attack method is a computationally practical way to infer the structure of a convolutional neural network, meaning that cyberattackers or rival companies can plagiarize AI models and take their data for themselves. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/tpuxtract-attackers-steal-ai-models
-
Researchers: Iranian Custom Malware Targets Fuel Systems
by
in SecurityNewse=4>An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated CyberAv3ngers swept up fuel management systems made by U.S.-based firm Gilbarco Veeder-Root. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/researchers-iranian-custom-malware-targets-fuel-systems-a-27058
-
390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC Exploits
by
in SecurityNewsA now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials.The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to “mysterious unattributed threat”) by Datadog…
-
Cyberint’s 2024 Report Highlights Surge in Credential Theft and Rise of AI-Powered Phishing
by
in SecurityNewsCyberint, a Check Point company, has released its 2024 Cyber Security Landscape Report, painting a concerning picture of the evolving threat landscape. The report, drawing on data from the Cyberint Argos Platform, analysed 140,000 cyber threat alerts across critical industries, revealing a 333% surge in credential theft, a significant rise in supply chain attacks, and…
-
Analysis: AI-Powered Cyberattacks Are Here, But Real Threat Is Still Humans With A Keyboard
by
in SecurityNewsCrowdStrike’s Adam Meyers says manual attacks from hackers remain a massive problem for organizations even in the era of AI-driven cyberattacks. First seen on crn.com Jump to article: www.crn.com/news/security/2024/analysis-ai-powered-cyberattacks-are-here-but-real-threat-is-still-humans-with-a-keyboard
-
How AWS is protecting customers from cyber threats
by
in SecurityNewsAmazon Web Services reveals how its threat intelligence capabilities work under the hood to thwart cyber attacks and keep its customers’ data safe First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366617118/How-AWS-is-protecting-customers-from-cyber-threats
-
Ultralytics Supply-Chain Attack
by
in SecurityNewsLast week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics ”, which has almost 60 million downloads”, was published to the Python Package Index (PyPI) package repository. The package contained downloader code that was downloading…
-
Cleo patches file transfer zero-day flaw under attack
by
in SecurityNewsCleo published a patch for its Harmony, VLTrader and LexiCom managed file transfer products, which addresses a ‘critical vulnerability’ that’s separate from CVE-2024-50623. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366617274/Cleo-patches-file-transfer-zero-day-flaw-under-attack
-
PUMA creeps through Linux with a stealthy rootkit attack
by
in SecurityNewsA new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features.PUMAKIT, as called by the Elastic Security researchers who discovered it during routine threat hunting on VirusTotal, was deployed as part of a multi-stage malware architecture that consists of a dropper, two memory-resident…
-
Drowning in Visibility? Why Cybersecurity Needs to Shift from Visibility to Actionable Insight
by
in SecurityNewsBy focusing on prioritized, actionable insights, security teams can keep pace with the rapid expansion of the attack surface, manage frequent changes across their digital infrastructure and proactively address evolving attack tactics, techniques and procedures (TTPs). First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/drowning-in-visibility-why-cybersecurity-needs-to-shift-from-visibility-to-actionable-insight/
-
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms
by
in SecurityNewsIran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States.The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras, routers,…
-
Thales and Imperva Win Big in 2024
by
in SecurityNews
Tags: access, api, application-security, attack, authentication, banking, business, ciso, cloud, communications, compliance, conference, control, cyber, cybersecurity, data, ddos, defense, encryption, firewall, gartner, group, guide, iam, identity, infosec, insurance, intelligence, malicious, mfa, microsoft, monitoring, privacy, risk, saas, service, software, strategy, threat, usaThales and Imperva Win Big in 2024 madhav Fri, 12/13/2024 – 09:36 At Thales and Imperva, we are driven by our commitment to make the world safer, and nothing brings us more satisfaction than protecting our customers from daily cybersecurity threats. But that doesn’t mean we don’t appreciate winning the occasional award. In the year…
-
Researchers Discover Malware Used by Nation-Sates to Attack Industrial Systems
by
in SecurityNewsIOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-nation-sate-industrial/
-
How to turn around a toxic cybersecurity culture
by
in SecurityNews
Tags: access, advisory, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, governance, group, guide, healthcare, jobs, password, phishing, risk, sans, service, strategy, technology, threat, training, vulnerability, zero-trustA toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk.In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybersecurity at MIT Sloan (CAMS), a research consortium focusing on cybersecurity leadership and governance issues. “They don’t…
-
Cyberangriff auf Museen in Großbritannien
by
in SecurityNewsNational Museum of the Royal Navy hit by cyber attack First seen on museumsassociation.org Jump to article: www.museumsassociation.org/museums-journal/news/2024/12/national-museum-of-the-royal-navy-hit-by-cyber-attack/
-
Citrix NetScaler Under Siege: Significant Increase in Brute Force Attacks Observed
by
in SecurityNewsA significant increase in brute-force attacks targeting outdated and misconfigured Citrix NetScaler devices has been observed in Germany, prompting warnings from cybersecurity experts and organizations, including CERT Germany and the... First seen on securityonline.info Jump to article: securityonline.info/citrix-netscaler-under-siege-significant-increase-in-brute-force-attacks-observed/
-
APT60 Exploits Legitimate Services in Sophisticated Malware Attack Targeting Japanese Organizations
In August 2024, JPCERT/CC confirmed a targeted attack against a Japanese organization, believed to be the work of the threat group APT-C-60. This advanced campaign utilized legitimate services like Google... First seen on securityonline.info Jump to article: securityonline.info/apt-c-60-exploits-legitimate-services-in-sophisticated-malware-attack-targeting-japanese-organizations/
-
Holding Back Salt Typhoon + Other Chinese APT CVEs
by
in SecurityNewsOver the past several years, US Federal Agencies and private sector companies have observed China-based threat actors targeting network and telecommunication critical infrastructure. A wave of recent reports have disclosed that these attacks have succeeded in compromising government and industry targets to a far greater extent than previously thought. As a result, CISA has issued……
-
Europol Cracks Down on Holiday DDoS Attacks
by
in SecurityNewsIn Operation PowerOFF, global authorities aim to deter individuals from engaging in malicious cyber acts. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/europol-holiday-ddos-attacks