The U.S. Cyber Safety Review Board (CSRB) has issued a stern rebuke to Microsoft for significant security failures that enabled a cyberattack by a Chinese state-sponsored group known as Storm-0558. This breach, which occurred last year, compromised nearly two dozen organizations in both Europe and the U.S. The findings, shared…
Cash App Users Advised to Claim Payout from Class-Action Settlement Users of the Cash App mobile payment service who have conducted money transfers within the past six years may have the opportunity to claim a payout of up to $2,500 as part of a proposed $15 million class-action settlement. This…
Cloud Security: The Imperative of Penetration Testing "Defenders think in lists, attackers think in graphs," remarked John Lambert from Microsoft, encapsulating the contrasting mindsets of cybersecurity defenders and attackers. This fundamental difference underscores the need for organizations to adopt an attacker’s viewpoint in bolstering their cybersecurity measures. While traditional defense…
The Federal Bureau of Investigation (FBI) has issued a warning regarding the ongoing risk posed to Barracuda Networks Email Security Gateway (ESG) appliances, despite recent patches deployed in response to a critical vulnerability. This advisory indicates that while Barracuda has addressed the flaw, the devices remain susceptible to exploitation by…
Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Policy Change Grants Military Contractors and Security Agencies Access to AI Model Rashmi Ramesh (rashmiramesh_) • November 6, 2024 Image: Shutterstock In a significant policy shift, Meta has revised its stance regarding the military use of its artificial intelligence model,…
Ransomware Landscape Sees Shift as Attacks Decline in Early 2024 The ransomware sector experienced a significant transformation in early 2024, following a notable increase in incidents throughout 2023. The year closed with an alarming 5,070 victims globally, reflecting a staggering 55.5% rise in ransomware attacks. However, as the new year…
Cyberattack Disables Tracking Systems for British Prison Transport A recent cyberattack on Microlise, a telematics provider based in the United Kingdom, has resulted in a temporary disruption of essential tracking systems and panic alarms for British prison vans. Although this incident has sparked concerns regarding the safety and security of…
Two newly identified security vulnerabilities in Ivanti Connect Secure (ICS) devices are currently being exploited to facilitate the notorious Mirai botnet attack. This information was disclosed by Juniper Threat Labs, which highlighted that the vulnerabilities, known as CVE-2023-46805 and CVE-2024-21887, are being leveraged to deliver the botnet’s malware payload. CVE-2023-46805…
Two UK Teenagers Convicted for LAPSUS$ Hacking Activities Targeting Major Tech Firms A jury in London has convicted two teenagers for their roles in the notorious LAPSUS$ hacking group, also known as Slippy Spider. This gang has been linked to a series of high-profile cyberattacks against leading technology companies, employing…
