Mar 20, 2024NewsroomCybercrime / Financial Security Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection. “BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to…
Read MorePrivacy Given the unhealthy data-collection habits of some mHealth apps, you’re well advised to tread carefully when choosing with whom you share some of your most sensitive data 19 Mar 2024 • , 5 min. read In today’s digital economy there’s an app for just about everything. One area that’s booming more than most is…
Read MoreMar 20, 2024NewsroomCybercrime / Dark Web The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the…
Read MoreMost importantly, civil defense groups can and should be supported by the government under crisis conditions. In other countries, the receipt of strong private support and encouragement by such groups has translated into situational compensation during response periods. Members with certifications and community roles can be compensated for incident response duties performed, something that encourages…
Read MoreMar 20, 2024NewsroomCritical Infrastructure / Network Security The U.S. Environmental Protection Agency (EPA) said it’s forming a new “Water Sector Cybersecurity Task Force” to devise methods to counter the threats faced by the water sector in the country. “In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by…
Read MoreApply appropriate updates provided by Mozilla to vulnerable systems immediately after appropriate testing. (M1051: Update Software)o Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.o Safeguard 7.4: Perform…
Read MoreTackling the ransomware business model In his personal policy position on ransomware not affiliated with SANS or any other group, Martin advocates banning ransomware payments altogether as the current best option for addressing the scourge. “We allow people to pay because they panic and are in a really difficult position. They don’t understand what’s going…
Read MoreRecently, I represented Fortinet at a U.S. House Committee on Energy and Commerce hearing about strengthening cybersecurity in a digital era. I emphasized the importance of public-private partnerships to strengthen cyber resiliency in the United States, how organizations can implement secure-by-design recommendations, and work to close the cybersecurity workforce gap. Below, I recap some of the key points I made in my testimony.…
Read MoreToday, CISA, the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other U.S. and international partners are issuing a joint fact sheet, People’s Republic of China State-Sponsored Cyber Activity: Actions for Critical Infrastructure Leaders. Partners of this publication include: U.S. Department of Energy (DOE) U.S. Environmental Protection Agency (EPA) U.S. Transportation Security Administration…
Read MoreMar 19, 2024The Hacker NewsAPI Security / Vulnerability Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What’s more,…
Read More