Month: August 2024
The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. Meaning, they are continuously sending their Windows usernames and passwords to domain names they do not control and which are…
Read More
The group behind Doubleface ransomware has recently attacked the website of Donetsk International Airport, demonstrating its capability to execute high-profile cyberattacks. Doubleface ransomware uses the C/C++ programming language. It also employs AES-128 and RSA-4096 encryption algorithms. According to the seller, Doubleface ransomware is undetected by most major antivirus programs like Windows 10/11 Defender, Avast, Kaspersky…
Read More
For the week ending Aug. 23, CRN takes a look at the companies that brought their ‘A’ game to the channel including AMD, ePlus, Grafana Labs, Amazon and Novva Data Centers. The Week Ending Aug. 23 Topping this week’s Came to Win list is chipmaker AMD for a strategic acquisition that will provide a boost…
Read More
The federal police in Argentina (PFA) have arrested a 29-year-old Russian national in Buenos Aires on charges of money laundering related to cryptocurrency proceeds belonging to the North Korean Lazarus hackers. The San Isidro Specialized Fiscal Unit in Cybercrime Investigations (UFEIC) collaborated with blockchain analysis firm TRM Labs to identify and locate the individual despite him…
Read More
Looking to sharpen your team’s event logging and threat detection? A new guide offers plenty of best practices. Plus, the FAA wants airplanes to be more resilient to cyberattacks. Meanwhile, check out the critical vulnerabilities Tenable discovered in two Microsoft AI products. And get the latest on ransomware trends, vulnerability management practices and election security!…
Read More
Fixed two moderately rated bugs One of the other vulnerabilities fixed with the patch is CVE-2024-7711, which received a “medium” severity rating at a 5.3 CVSS score. The vulnerability is an incorrect authorization vulnerability allowing an attacker to update the title, assignees, and labels of any issue inside a public repository, according to GitHub. CVE-2024-6337,…
Read More
The new hires come as Microsoft continues to assert leadership in the growing AI space while furthering efforts to increase the security of its products. A Microsoft artificial intelligence CEO, a CTO of worldwide defense and intelligence, and a corporate vice president of core data services are among the most consequential hires at Microsoft so…
Read More
Aug 23, 2024The Hacker NewsThreat Detection / Security Automation Let’s be honest. The world of cybersecurity feels like a constant war zone. You’re bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It’s exhausting, isn’t it? But what if there was a better way? Imagine having every…
Read More
ESET researchers uncovered a crimeware campaign that targeted clients of three Czech banks. The malware used, which we have named NGate, has the unique ability to relay data from victims’ payment cards, via a malicious app installed on their Android devices, to the attacker’s rooted Android phone. Key points of this blogpost: Attackers combined standard…
Read More
Read the full article for key points from Intruder’s VP of Product, Andy Hornegold’s recent talk on exposure management. If you’d like to hear Andy’s insights first-hand, watch Intruder’s on-demand webinar. To learn more about reducing your attack surface, reach out to their team today. Attack surface management vs exposure management Attack surface management (ASM)…
Read More