Attack on the UK’s Electoral Commission This indictment has prompted a strong international reaction, with the UK explicitly attributing similar cyber misconduct to China-affiliated actors. According to a statement from the UK government, the National Cyber Security Centre (NCSC) has linked a Chinese state-affiliated entity to the compromise of the UK Electoral Commission’s systems between…

Read More

Mar 26, 2024NewsroomMoney Laundering / Digital Currency The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S…

Read More

“I get questions all the time from my colleagues who don’t look like me, asking how they can help, how they can show up and be a part of this,” says Palmore, who is Black. “So, I tell them ‘People entering this industry need to see you and I together coexisting, leading, and effectively engaged…

Read More

Mar 26, 2024NewsroomCyber Attack / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows – CVE-2023-48788 (CVSS score: 9.3) – Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) –…

Read More

For example, nearly one-third (32%) of CISOs said the skills shortage led to an increase in human errors associated with cybersecurity tasks compared to 16% of other respondents. This may be a function of their wide purview, where CISOs see human error issues across the entire organization, compared to managers or staff who may be…

Read More

The rise of technologies that can analyze vast amounts of data, predict cyber threats, and respond in real time, such as Artificial Intelligence (AI) and Machine Learning (ML), has revolutionized modern cybersecurity. These innovations empower organizations to bolster their defense mechanisms, offering faster risk detection, cost reduction, and an overall improvement in security postures. From…

Read More

Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems. Germany’s Federal Criminal Police (known as the BKA) has announced that it has seized the infrastructure of Nemesis and taken down its website. At the same time, cryptocurrency…

Read More

Ivanti has released security advisories to address vulnerabilities in Ivanti Neurons for ITSM and Standalone Sentry. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following Ivanti advisories and apply the necessary updates:  Source link ddde

Read More

CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations. Source link ddde

Read More

Today, CISA and the Federal Bureau of Investigation (FBI) released a joint Secure by Design Alert, Eliminating SQL Injection Vulnerabilities in Software. This Alert was crafted in response to a recent, well-publicized exploitation of SQL injection (SQLi) defects in a managed file transfer application that impacted thousands of organizations. Additionally, the Alert highlights the prevalence…

Read More