Author: Guus Beckers Back in 2022 Fox-IT decided to open source its proprietary incident response tooling known as Dissect. Since then it has been adopted by many different companies in their...
The design of the gun police say they found on the alleged United Healthcare CEO's killer—the FMDA or “Free Men Don’t Ask”—was released by a libertarian group.
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day...
Adobe, too. The post Microsoft closes 2024 with extensive security update appeared first on CyberScoop.
Datadog researchers identified an intrusion targeting Amazon Simple Email Service (SES) in an AWS environment, where attackers employed advanced persistence techniques. The attack was notable for...
The vulnerability — CVE-2024-50623 — was recently patched by software developer Cleo and affects the company’s LexiCom, VLTransfer and Harmony products. However, researchers at cybersecurity firm...
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting...
The Patch Tuesday for December of 2024 includes 72 vulnerabilities, including four that Microsoft marked as “critical.” The remaining vulnerabilities listed are classified as “important.”
It would go beyond the FCC’s own proposal to regulate telecommunications carriers under federal wiretapping law. The post Wyden legislation would mandate FCC cybersecurity rules for telecoms...
Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers...
The Black Basta ransomware group is using advanced social engineering tactics and a multi-stage infection process to target organizations.
The U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury...
ChatGPT Plus and Pro users now have access to Sora Turbo, intended to be faster and safer than the version shown in February.
The U.S. Federal Energy Regulatory Commission (FERC) has issued a final rule updating its regulations to include, with... The post FERC finalizes Version 4.0 standards for gas pipeline efficiency...
A new NetRise report provides an in-depth analysis of software compositions, vulnerability risks, and non-CVE risks across various... The post NetRise study: Containers fastest-growing, though...
Sichuan Silence Information Technology Company and one of its employees, Guan Tianfeng, were the targets of the sanctions, and the Justice Department indicted Guan for his role in the attacks. The...
A critical security flaw in Dell Power Manager has been discovered that could allow attackers to compromise your systems and execute arbitrary code.
In today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often...
The department’s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. The post Treasury sanctions Chinese cyber company, employee for...
Microsoft addressed over 1000 CVEs as part of Patch Tuesday releases in 2024, including 22 zero-day vulnerabilities.BackgroundMicrosoft’s Patch Tuesday, a monthly release of software patches for...
Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data...
Malaysia's Parliament passed the Personal Data Protection Amendment Bill 2024, introducing major updates to the Personal Data Protection Act 2010 (PDPA). Here's what you need to know.
U.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. [...]
A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed...
Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code
U.S. Democratic Senator Ron Wyden announced a new draft bill with the goal of securing American telephone networks and Americans’ communications in response to the massive hack of telecom...
Wyden’s bill would require the FCC to implement security requirements for telecom carriers that were originally included in a 1994 federal law but that the agency never fully acted upon.
Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats. Here's a quick rundown of the current malware and...
A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. [...]
The following is the information on Yara and Snort rules (week 2, December 2024) collected and shared by the AhnLab TIP service. 8 YARA Rules Detection name Description Source VeeamHax exe – file...