admin

admin

New SEC Regulations Mandate U.S. Companies Disclose Cyber Attacks Within 4 Days The U.S. Securities and Exchange Commission (SEC) recently approved regulations requiring publicly traded companies to disclose details about cyber attacks within four days of determining that the incident has a “material” impact on their financials. This marks a significant change in the way data breaches are reported. SEC Chair Gary Gensler stated, “Whether a company loses a factory in a fire or millions of files in a cybersecurity incident, it may be material to investors.” He emphasized that while many public companies currently offer cybersecurity disclosures, there would be greater benefits from a more consistent, comparable, and useful approach. The new rules stipulate that companies must share information regarding the incident’s nature, scope, and timing, along with its financial impact. However, companies may request a postponement of up to 60 days for such disclosures if it is deemed necessary.

New SEC Regulations Mandate Prompt Disclosure of Cyber Incidents by Public Companies On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) enacted new regulations requiring publicly traded companies to disclose significant cyber attacks within four days of recognizing…

BlueBravo Targets European Diplomats with GraphicalProton Backdoor July 28, 2023 Cyber Espionage / Malware The Russian state-sponsored group known as BlueBravo has been detected attacking diplomatic entities in Eastern Europe with the intent of deploying a new backdoor malware dubbed GraphicalProton. This move highlights the ongoing evolution of cyber threats, according to a recent report from Recorded Future. The phishing campaign, active from March to May 2023, employs legitimate internet services (LIS) to obscure command-and-control (C2) activities. BlueBravo, also referred to as APT29, Cloaked Ursa, and Midnight Blizzard (formerly Nobelium), is linked to Russia’s Foreign Intelligence Service (SVR) and has historically utilized platforms like Dropbox, Firebase, Google Drive, Notion, and Trello to bypass detection and maintain covert communication with compromised systems. GraphicalProton marks the latest in a series of malware targeting diplomatic organizations, following GraphicalNeutrino (SNOWYAMBER), HALFRIG, and QUARTERRIG.

BlueBravo Deploys GraphicalProton Backdoor Targeting European Diplomatic Entities On July 28, 2023, reports emerged detailing a sophisticated cyber espionage campaign orchestrated by the Russian state-sponsored group known as BlueBravo. This threat actor has turned its focus towards diplomatic institutions located…