What to Look for When Hiring a CISO for a Growing Startup
Entrepreneur Media
September 16, 2022
See publication
Tags: Cybersecurity, Startups, Management
Google Chrome fixes 0-day vulnerability already exploited by hackers
Import from wordpress feed
August 19, 2022
Google released patches for Chrome, which in total eliminated more than a dozen vulnerabilities in the browser. Among these problems was a serious zero-day vulnerability that is already being exploited in real attacks. Developers traditionally do not reveal almost any technical details about this 0-
See publication
Tags: Cybersecurity, Privacy, Security
Malicious extensions have attacked about 7 million users since 2020
Import from wordpress feed
August 19, 2022
Kaspersky Lab analysts released a report showing that almost 7 million users encountered malicious and unwanted browser extensions from January 2020 to June 2022. The researchers note that malicious extensions are not always easy to detect. For example, sometimes the wording in their description is
See publication
Tags: Cybersecurity, Privacy, Security
APT41 attacked 13 organizations around the world last year
Import from wordpress feed
August 19, 2022
Group-IB has published a new study on the activity of the Chinese hack group APT41. According to experts, in 2021, hackers were able to gain access to at least 13 organizations around the world. Interestingly, the “working days” of the group are from Monday to Friday. The average working time st
See publication
Tags: Cybersecurity, Security
Google blocked a DDoS attack with a capacity of 46 million requests per second
Import from wordpress feed
August 19, 2022
In June 2022, an unnamed Google Cloud Armor client suffered a DDoS attack over HTTPS that reached a rate of 46 million requests per second (request-per-second, RPS). To date, this is the largest DDoS attack of this type in history. Let me remind you that the previous record in this area was recorded
See publication
Tags: Cybersecurity, Security
Microsoft says it interfered with the operations of the Russian-speaking group SEABORGIUM
Import from wordpress feed
August 18, 2022
Microsoft Threat Intelligence Center (MSTIC) experts say they disrupted an operation by the Russian-speaking hack group SEABORGIUM targeting people and organizations in NATO countries. The grouping, which Microsoft calls SEABORGIUM, has been known to researchers since at least 2017. Other companies
See publication
Tags: Cybersecurity, Risk Management, Security
Two vulnerabilities fixed in Mitsubishi industrial controllers
Import from wordpress feed
August 18, 2022
Positive Technologies researcher Anton Dorfman discovered two vulnerabilities in Mitsubishi controllers of the MELSEC iQ-F series. These devices are used in the food and light industries, woodworking, printing houses, water management, shipping, building engineering systems automation and other area
See publication
Tags: Cybersecurity, Risk Management, Security
Malicious packages from PyPi arrange DDoS attacks on Counter-Strike servers
Import from wordpress feed
August 17, 2022
Analysts from Checkmarx have discovered a new batch of malware in the PyPi repository. This time, the malicious packages turned out to be something out of the ordinary: they don’t steal account data or environment variables, but attack Counter-Strike servers. The researchers write that they fo
See publication
Tags: Cybersecurity, Risk Management, Security
About 1,900 Signal accounts may have been compromised due to the Twilio hack
Import from wordpress feed
August 17, 2022
The phone numbers of approximately 1,900 Signal users were exposed in a data breach that hit cloud-based PaaS company Twilio earlier this month. Let me remind you that the Twilio hack occurred in early August 2022. Then unknown attackers organized a phishing attack on the company’s employees,
See publication
Tags: Cybersecurity, Risk Management, Security
Cuba ransomware operators use previously unknown ROMCOM RAT
Import from wordpress feed
August 15, 2022
Palo Alto Networks reports that the operators of the Cuba ransomware began to use new tactics in their attacks, including the use of a previously unknown remote access trojan (remote access trojan, RAT) called ROMCOM. In their report, the researchers talk about the Tropical Scorpius hack group, whic
See publication
Researcher Hacks Starlink Terminal With $25 Homemade Board
Import from wordpress feed
August 15, 2022
Lennert Wouters, an expert from the Catholic University of Leuven, who previously discovered a bug that allowed Tesla to be hijacked in a couple of minutes, said that he was able to compromise the Starlink terminal using a $ 25 mod chip. At the Black Hat 2022 conference, Wouters announced that he in
See publication
Conti ransomware stops working and splits into several groups
Import from wordpress feed
May 21, 2022
Experts report that the Conti ransomware group has ceased operations, its infrastructure is disabled, and the leaders of the group have said that the brand is no more. One of the first to notice the change was Yelisey Boguslavsky of Advanced Intel, who tweeted that the group’s intern
See publication
Tags: Cybersecurity, Risk Management, Security
The emergence of cheap DarkCrystal RAT worried experts
Import from wordpress feed
May 13, 2022
Researchers from BlackBerry conducted an analysis of the DarkCrystal RAT (aka DCRat) malware and the activity of its developer on the dark web. Apparently, the malware has been active since 2019, is the “brainchild” of a Russian-speaking developer, and sells for as little as 500 r
See publication
Tags: Cybersecurity, Risk Management, Security
What is Advanced Threat Protection, and can you fully rely on it?
Import from wordpress feed
May 03, 2022
ATP or advanced threat protection is a premiere suite of analytical tools and malware protection systems that protect against phishing attacks, security threats, and other known advanced threats. To help you understand what advanced threat protection is, we need to look at what advanced threats
See publication
Tags: Cybersecurity, Risk Management, Security
Synology and QNAP warn about bugs in their products
Import from wordpress feed
May 02, 2022
Companies have reported numerous critical Netatalk server vulnerabilities. Based on a published report , multiple flaws allow remote attackers to obtain sensitive information and possibly execute arbitrary code using a vulnerable version of Synology DiskStation Manager (DSM) and Synology R
See publication
Tags: Cybersecurity, Risk Management, Security
Quantum ransomware operators carried out the attack in almost 4 hours
Import from wordpress feed
April 25, 2022
The attackers used the IcedID malware as one of their initial access vectors. Quantum ransomware, first discovered in August 2021, has been used in fast network attacks. The attackers used the IcedID malware as one of their initial access vectors, which deploys Cobalt Strike for remot
See publication
Tags: Cybersecurity, Risk Management, Security
ZingoStealer malware is distributed among criminals for free
Import from wordpress feed
April 19, 2022
Cisco Talos experts have discovered the ZingoStealer malware, which is distributed for free by the Haskers Gang hacker group. The malware is capable of stealing confidential information and uploading additional malware to infected systems. For example, it can be RedLine Stealer and XM
See publication
Tags: Cybersecurity, Risk Management, Security
Fodcha botnet attacks over 100 victims daily
Import from wordpress feed
April 15, 2022
Qihoo 360 (360 Netlab) experts report the discovery of a new Fodcha botnet that launches DDoS attacks on hundreds of victims every day. According to the company, the threat is growing rapidly and is replenished with new bots, including routers, DRVs and vulnerable servers. From March
See publication
Tags: Cybersecurity, Risk Management, Security
Apple leaves critical bugs unpatched in macOS Big Sur and Catalina
Import from wordpress feed
April 08, 2022
Apple patched two actively exploited vulnerabilities in macOS Monterey last week , but Intego analysts emphasize that the company left users of older supported versions of its OS, i.e. Big Sur and Catalina, unprotected. We are talking about vulnerabilities CVE-2022-22674 (a problem in the AppleA
See publication
Tags: Cybersecurity, Risk Management, Security
German authorities shut down Hydra Market darknet marketplace and confiscated $25 million in bitcoin
Import from wordpress feed
April 05, 2022
Law enforcement officials announced the liquidation of Hydra Market, the largest Russian-language trading platform on the darknet. During the operation, the German authorities were able to seize 543 bitcoins (about $25 million at the current exchange rate) from the criminals. The liquidation of
See publication
Tags: Cybersecurity, Risk Management, Security
Trojan Alert – Borat RAT – Experts are worried about the it’s functionalities
Import from wordpress feed
April 04, 2022
A new Trojan that provides operators with remote access (RAT) has appeared on darknet marketplaces. According to the description, the Borat malware is extremely easy to use and allows attackers to easily launch DDoS attacks, bypass User Account Control (UAC), and deploy ransomware on the victim̵
See publication
Tags: Cybersecurity, Risk Management, Security
