Average pay premium: 11% Market value increase: 10% InfoSys Security Management Professional (ISSMP) ISC2 also administers certification for InfoSys Security Management Professional. Designed for leaders like CIOs, CISOs, and CTOs, ISSMP focuses on governance, management, and leadership of information security programs. Leaders will master six domains, including soft skills such as leadership and business management,…
Read More
Jun 20, 2024NewsroomThreat Intelligence / Cybercrime A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it’s aware of four different distribution methods — namely VBA dropper, VBA downloader, link downloader, and executable…
Read More
Jun 20, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack…
Read More
Business Security Hacktivism is nothing new, but the increasingly fuzzy lines between traditional hacktivism and state-backed operations make it a more potent threat 19 Jun 2024 • , 5 min. read Hacktivism surged back into mainstream consciousness with Russia’s invasion of Ukraine in February 2022. Less than two years later, politically-motivated groups and individuals were…
Read More
David Vance, a senior analyst from ESG Global, offers an explanation, and it has to do with MadPot, the network of honeypots AWS has built into the system. “Since Sonaris leverages a tremendous amount of threat intelligence gathered from AWS’ threat sensor framework, called MadPot, I believe it can be an effective front-line tool to…
Read More
T-Mobile has denied it was breached or that source code was stolen after a threat actor claimed to be selling stolen data from the telecommunications company. “T-Mobile systems have not been compromised. We are actively investigating a claim of an issue at a third-party service provider,” T-Mobile shared in a statement to BleepingComputer. “We have…
Read More
There’s a wee data breach with unhealthy implications in Scotland, privacy has gone off the rails in the UK, and a cheater blames Apple for his expensive divorce. All this and much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week…
Read More
Image: DigitalIceAge Forklift manufacturer Crown Equipment confirmed today that it suffered a cyberattack earlier this month that disrupted manufacturing at its plants. Crown is one of the largest forklift manufacturers in the world, employing 19,600 people and having 24 manufacturing plants in 14 locations worldwide. Since approximately June 8th, Crown employees have been reporting that the company was…
Read MoreNew Blog Moderation Policy There has been a lot of toxicity in the comments section of this blog. Recently, we’re having to delete more and more comments. Not just spam and off-topic comments, but also sniping and personal attacks. It’s gotten so bad that I need to do something. My options are limited because I’m…
Read More
Advance Auto Parts has confirmed it suffered a data breach after a threat actor attempted to sell stolen data on a hacking forum earlier this month. Advance operates 4,777 stores and 320 Worldpac branches and serves 1,152 independently owned Carquest stores in the United States, Canada, Puerto Rico, the U.S. Virgin Islands, Mexico, and various…
Read More