On November 9th 2023 National Institute of Standards and Technology, NIST, released special publication 800-171 Revision 3 Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations as a Final Public Draft. Both the full draft and accompanying assessment methodology were…
Tag: EN
CVE-2023-4966 vulnerability becomes a global problem
Threat researcher Kevin Beaumont has been tracking attacks against various companies, including the Industrial and Commercial Bank of China (ICBC), DP World, Allen & Overy, and Boeing, and found they had something […] Thank you for being a Ghacks reader.…
New Protestware Uses npm Packages to Call for Peace in Gaza and Ukraine
By Waqas Apart from displaying these messages, the packages performed no other actions. This indicates that these aren’t malicious per se. This is a post from HackRead.com Read the original post: New Protestware Uses npm Packages to Call for Peace…
Check Point Software Technologies Expands SecureAcademy™ Program in Canada with Eight New Universities and Colleges to Empower the Next-Generation of Cybersecurity Professionals
The cybersecurity education program provides programming to academic institutions across the country, including Sheridan College, Willis College, and, most recently, the University of Calgary. Canadian organizations across all sectors are being targeted by cyberattacks. As the incidence of cybercrime continues…
Zimbra zero-day exploited to steal government emails by four groups
Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments. Google Threat Analysis Group (TAG) researchers revealed that a zero-day vulnerability, tracked as CVE-2023-37580 (CVSS score: 6.1), in the Zimbra Collaboration email software was…
Rackspace racks up $12M bill in ransomware raid recovery
And that’s not counting the incoming lawsuits Rackspace’s costs from last year’s ransomware infection continue to mount: the cloud hosting biz told America’s financial watchdog, the SEC, its total expenses to date regarding that cyberattack have reached $12 million –…
Vulnerability Summary for the Week of November 6, 2023
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info 1e — platform The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL…
Microsoft unveils expansion of AI for security and security for AI at Microsoft Ignite
The new era of AI is here. At Microsoft Ignite, we will be announcing new cybersecurity capabilities to help you thrive in this new age. Explore our big announcements. The post Microsoft unveils expansion of AI for security and security…
The CTI Process Hyperloop: A Practical Implementation of the CTI Process Lifecycle
Implementing the CTI Process Lifecycle as a Hyperloop The Intelligence Hyperloop is an implementation model for the Cyber Threat Intelligence (CTI) Process Lifecycle. The lifecycle is a well-established process describing how intelligence products are driven by planning & direction initially,…
Check Point Software Technologies Expands SecureAcademy™ Program in Canada with Eight New Universities and Colleges to Empower the Next-Generation of Cybersecurity Professionals
The cybersecurity education program provides programming to academic institutions across the country, including Sheridan College, Willis College, and, most recently, the University of Calgary. Canadian organizations across all sectors are being targeted by cyberattacks. As the incidence of cybercrime continues…