As businesses increasingly migrate to the cloud, chief information security officers (CISOs) face numerous critical challenges in ensuring robust cloud security. Don’t believe me? Experts highlighted this at the recent Gartner Security & Risk Management Summit. Gartner projects a significant 24% increase in spending on cloud security, positioning it as the fastest-growing segment within the…
Read MoreApple announces a new privacy feature in iOS that will allow you to hide and lock away your apps – but will be philanderers who benefit the most? And an ex-police officer is arrested for extortion. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham…
Read More
Jun 13, 2024NewsroomCyber Crime / Ransomware The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in…
Read More
Jun 13, 2024NewsroomMobile Security / Vulnerability Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details related to the nature…
Read More
Jun 13, 2024NewsroomCyber Attack / Malware A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said “this backdoor is not…
Read More
Questions to think through during the tabletop include: How long does the organization keep backups? How long does it take to restore from backups and has that process actually been tested? The tabletop also invites discussions around how the organization is prepared to respond to the discovery of unauthorized administrative activity, who would be notified,…
Read More
Tenable®, Inc. the Exposure Management company, today announced that Citizen Watch Co., Ltd (CITIZEN), a well-established name and brand leader in the watch industry for over 100 years, has chosen Tenable Vulnerability Management to reduce business risk related to its move to the cloud. Founded in Japan in 1918, CITIZEN is renowned for creating quality…
Read More
A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. The Windows Search protocol is a Uniform Resource Identifier (URI) that enables applications to open Windows Explorer to perform searches using specific parameters. While most Windows searches will look at…
Read More
That exposed company names, LDAP usernames, email addresses, and the version number of the company’s Purity software but no “compromising information such as passwords for array access, or any of the data that is stored on the customer systems,” a statement said. The company said it was monitoring its infrastructure for unusual activity and had…
Read More
“An attacker who successfully exploited this vulnerability could bypass Outlook registry block lists and enable the creation of malicious DLL files,” the company said. The arbitrary code execution occurs with the privileges of the current user, so, in order to fully take over a system, attackers would have to combine it with a privilege escalation…
Read More