Oct 17, 2024Ravie LakshmananThreat Intelligence / Malware The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka…
Read More“[The chatbot will] help our partners have this integrated experience where they can go and get their questions answered, whether it’s go-to-market resources or … ‘I’m at this program level, I want to move to this next program level. What’s left for me to do to get there?’” Colleen Kapase, vice president of channels and…
Read MoreThe acquisitions come in segments including the fast-growing area of data security posture management (DSPM). A pair of data security startup acquisitions by Netskope and Cyera point toward continued consolidation in the market, with a focus on the fast-growing category of data security posture management (DSPM). On Tuesday, Netskope disclosed its acquisition of DSPM vendor…
Read MoreCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-40711 Veeam Backup and Replication Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known…
Read MoreThe BianLian ransomware group has claimed the cyberattack on Boston Children’s Health Physicians (BCHP) and threatens to leak stolen files unless a ransom is paid. BHCP is a network of over 300 pediatric physicians and specialists operating over 60 locations across New York’s Hudson Valley and Connecticut, offering patient care in clinics, community hospitals, and…
Read MoreCISA released seven Industrial Control Systems (ICS) advisories on October 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations. Source link lol
Read MoreAlmost every week we add another workflow to our automation library. Our platform and copilot are helping people automate otherwise tedious tasks in security operations. Integrations between platforms traditionally involved security engineers writing custom code using application programming interfaces (APIs). For example, if you wanted to scan all your S3 buckets for public access, looking…
Read MoreInsurance giant Globe Life says an unknown threat actor attempted to extort money in exchange for not publishing data stolen from the company’s systems earlier this year. Founded in 1900, Globe Life is among the largest providers of life and health insurance plans in the United States, with a market capitalization of $12 billion and…
Read MoreThe U.S. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. AnonSudan), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. The younger brother is facing charges that could land…
Read MoreOct 17, 2024Ravie LakshmananRansomware / Network Security Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group’s affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service…
Read More