The Russian Turla hacker group has targeted the Ukrainian defense sector and other Eastern European entities with a novel backdoor, dubbed DeliveryCheck, to deploy secondary payloads likely used for espionage, according to security researchers at Microsoft.
Top U.S. and Australian cybersecurity agencies strongly urged users to patch a critical zero-day flaw in Citrix ADC and Gateway appliances being exploited by unnamed threat actors in the wild. The bug, which is tracked as CVE-2023-3519, gives unauthenticated attackers RCE privileges.
The U.S. government has added two more commercial spyware vendors - Cytrox and Intellexa - to its list of organizations that face restrictions if they attempt to procure American goods or services, owing to the firms' "threatening the privacy and security of individuals and organizations worldwide."
Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.
Spanish law enforcement officers scored several recent wins against cybercriminals this month. Police nabbed a Ukrainian hacker on the run for 10 years, arrested a fraudster known to have run a smishing campaign that amassed 1.2 million euros, and broke up a phishing nexus - all in two weeks.
What are your third parties doing for you when it comes to security, and what has been assumed that you are doing, plus what’s the impact of AI? Bridget Kenyon, CISO at Shared Service Connected, said most organizations need better visibility into vendor risks.
Netcraft landed a DigiCert and Progressive Leasing executive as its CEO to expand the company's footprint in the U.S. and better identify cyberattacks in real time. The firm tapped Ryan Woodley to capitalize on the $100 million raised from Spectrum Equity by bringing more scalability via automation.
It's becoming more critical than ever for hospitals to have vigorous programs that continuously evaluate and address the security risks posed by third-party vendors, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
Cryptocurrency hackers are shifting their focus from bitcoin to other tokens and newer blockchain services such as cross-chain bridges for illicit activity. Why is the oldest crypto token so unappealing to hackers these days, and what do other options offer? Ari Redbord of TRM Labs explained.
How bad is the breach of the MOVEit zero-day to businesses, government agencies and their customers? The short answer is that the known fallout from the Clop ransomware group attack already looks bad and keeps getting worse as ongoing investigations add to the victim count of 20 million people.
President Xi Jinping directed state agencies to strengthen the government’s control over the internet and information technology sector, potentially discouraging investment in the country. Among the obstacles is a new Counter-Espionage Law focused on investigating foreign companies.
Ransomware and malicious cyber activity are growing in the Asia-Pacific region. Anshuman Sharma, associate director of Asia-Pacific at Verizon, dissects the regional impact of ransomware attacks and explains how Asia-Pacific organizations have responded to recent supply chain attacks.
Microsoft estimates that each day threat actors attack 95 million Active Directory accounts. In the face of so many attacks, security teams should assume compromise and focus not just on securing Active Directory but also on recovery and resilience, said Semperis' Simon Hodgkinson.
The administrator of the now-defunct BreachForums has pleaded guilty to two counts of hacking and one count of child pornographic possession. Conor Fitzpatrick, 20, operating under the moniker Pompompurin, made nearly $700,000 running the criminal online forum for just under a year.
Cybercriminals may be using a generative AI tool called WormGPT to create convincing phishing emails to support business email compromise attacks. A new survey shows that 1 in 5 people fall for the fake, AI-generated emails, according to cybersecurity researchers.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.