Mar 18, 2024NewsroomVulnerability / Threat Mitigation Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. “A directory traversal…
Read More
Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems. The firm at the center of the British Post Office scandal, said in a Japanese press release that it had discovered the presence of malware on its computers, the potential theft of customer…
Read More
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. “It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website,” Netskope Threat…
Read More
Multiple GitHub repositories posing as cracked software codes were found attempting to drop the RisePro info-stealer onto victim systems. The campaign delivers a new variant of the RisePro info-stealing malware designed to crash malware analysis tools like IDA and ResourceHacker. G Data CyberDefense, the German cybersecurity company that made the discovery, reported that it had…
Read MoreDrones and the US Air Force Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft, which…
Read More
Mar 18, 2024NewsroomWebsite Security / Vulnerability WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. It impacts…
Read More
Mar 18, 2024NewsroomCyber Warfare / Malware The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. “The uncovered lures include a mixture of internal and publicly available documents,…
Read More
Cost: Varies based on location of exam administration. For example, Americas and Africa, $599; United Kingdom, £479; EMEA, €555. Certified Information Security Manager (CISM) The Certified Information Security Manager, offered by ISACA, is another important certification for CISOs because it is specifically designed for professionals who are responsible for managing and overseeing information security programs,…
Read More
Video Healthcare organizations remain firmly in attackers’ crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023 15 Mar 2024 More than 20 percent of ransomware attacks that hit critical infrastructure organizations in the United States in 2023 were aimed at the healthcare sector, according to…
Read More
Mar 16, 2024NewsroomMalware / Cybercrime Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned…
Read More