Attack Surface Management, Governance & Risk Management, Patch Management Over 200 Vulnerable Servers Targeted by Ransomware Group Amid Growing Exploits Mathew J. Schwartz (euroinfosec) • December 18, 2024 Recent reports indicate over 200 Cleo managed file-transfer servers remain publicly accessible and without necessary updates, posing significant risks in light of…
Black Hat, Events Exploring Automotive Vulnerabilities, Bootloader Flaws, and Cyber Threats at Black Hat Europe 2024 Mathew J. Schwartz (euroinfosec) • December 9, 2024 Image: Shutterstock The Black Hat Europe conference is once again convening in London, promising a diverse agenda that delves into the myriad challenges facing cybersecurity today.…
Krispy Kreme Faces Cyber Attack During Holiday Season In a significant cybersecurity incident, Krispy Kreme, the prominent American doughnut and coffee chain, experienced a sophisticated attack that disrupted its sales operations amidst the crucial Christmas season. The breach occurred in November 2024 and primarily affected the company’s online ordering system,…
The United States has issued sanctions against Sichuan Silence Information Technology, a Chinese cybersecurity firm, alongside its employee Guan Tianfeng, for their involvement in a significant global cyberattack. This action follows the company’s exploitation of a critical vulnerability in popular firewall systems, leading to widespread compromise. The cyber incident, which…
Researchers have identified a concerning trend in digital advertising, where malicious ads masquerade as genuine promotions from legitimate businesses and organizations. From local government entities to large corporations, users frequently rely on search engines to access official websites. This reliance creates an opportunity for fraudsters to exploit paid search placements,…
The recent uptick in malicious cyber activity has highlighted critical sectors at risk, particularly in the realm of Critical Infrastructure Security, Cyberwarfare and Nation-State Attacks, and Fraud Management & Cybercrime. National Security Officials Share Intelligence on a Cyberespionage Campaign Mathew J. Schwartz (euroinfosec) • November 25, 2024 Chinese hackers are…
Cybersecurity Alert: SEO Poisoning Targets Australian Internet Users Searching for Bengal Cats Cybersecurity experts at Sophos are sounding the alarm about a rising cyber threat linked to the increasingly popular search term, "Are Bengal Cats legal in Australia." This alarming trend has been identified as an example of SEO poisoning,…
The FBI has raised alarms about a rising trend of dual ransomware attacks targeting organizations, a phenomenon that has been increasingly observed since July 2023. These coordinated attacks involve the deployment of multiple ransomware variants against a single victim, with notable malware strains including AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum,…
As the 2024 presidential election in the United States approaches, recent disclosures by WIRED highlight concerning evaluations from the US government regarding the integrity and security of the electoral process. Information obtained by the nonprofit organization Property of the People indicates that a report from the Department of Homeland Security…
