Tag: Cyware News – Latest Cyber News

Digital ID Adoption: Implementation and Security Concerns

As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula. This article has been indexed from Cyware News – Latest Cyber News Read…

Worried About Job Security, Cyber Teams Hide Security Incidents

The frequency and severity of attacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. This article has been indexed from Cyware…

Seizing Control of the Cloud Security Cockpit

Cloud applications and SaaS tools have countless configuration options that are often poorly documented and can change frequently, making it difficult to ensure they are securely configured. This article has been indexed from Cyware News – Latest Cyber News Read…

Fake Antivirus Websites Used to Distribute Info-Stealer Malware

Researchers at Trellix Advanced Research Center spotted fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE, and Inno setup installer, including spying and stealer capabilities. This article has been indexed from…

High-Severity Flaw Affects Cisco Firepower Management Center

Cisco states that there are no workarounds that address this vulnerability. The IT giant has confirmed that this vulnerability does not affect Adaptive Security Appliance (ASA) Software or Firepower Threat Defense (FTD) Software. This article has been indexed from Cyware…

Beware of HTML Masquerading as PDF Viewer Login Pages

Forcepoint X-Labs has recently observed a significant number of phishing email instances in their telemetry targeting various government departments in APAC that masquerade as PDF viewer login pages. This article has been indexed from Cyware News – Latest Cyber News…

Sharp Dragon Expands Towards Africa and The Caribbean

The threat actors demonstrate increased caution in selecting their targets, broadening their reconnaissance efforts, and adopting Cobalt Strike Beacon over custom backdoors. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Sharp Dragon…

Bugcrowd Buys Informer to Enhance Attack Surface Management

Bugcrowd CEO Dave Gerry said their acquisition of Brighton, England-based Informer will fuel the adoption of Bugcrowd’s penetration testing technology and prompt clients to expand the scope of their bug bounty programs. This article has been indexed from Cyware News…

Morocco-based Cybercriminals Cashing in on Bold Gift Card Scams

“Rather than scam or phish everyday people directly for gift card-based payments, Storm-0539 infiltrates large retailers and fraudulently issues gift card codes to themselves, virtually printing their own money,” Microsoft’s Vasu Jakkal explained. This article has been indexed from Cyware…

Bolster Raises $14M Led by Microsoft’s M12

Bolster, an AI startup, has raised $14 million in funding led by Microsoft’s M12 to combat malicious phishing emails. Their flagship product, CheckPhish, offers brand and URL verification services to businesses. This article has been indexed from Cyware News –…

US Man Gets 10 Years for Laundering Cash From Online Fraud

Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million. This article has been indexed from Cyware News – Latest Cyber News Read…

UK Government in $10.8m Bid to Tackle AI Cyber-Threats

The research program will be led by researcher Shahar Avin at the government’s AI Safety Institute and delivered in partnership with UK Research and Innovation and The Alan Turing Institute. This article has been indexed from Cyware News – Latest…

Why Shareable SBOMs are Essential for Software Security

Development teams need to plan ahead and create shareable SBOMs that are standardized in a format that’s readily consumable while also establishing scalable systems for attestation, access management, and data verification, among other factors. This article has been indexed from…

Microsoft’s Recall Stokes Security and Privacy Concerns

Microsoft’s new automatic screenshot retrieval feature could enable hackers to steal sensitive information such as online banking credentials, security experts warned. Additionally, the U.K ICO will probe Recall for compliance with privacy law. This article has been indexed from Cyware…

U.S. House Panel Takes on AI Security and Misuse

Much of the testimony – and concerns raised by the committee – focused on the AI advantages for cybercriminals and nation-state actors, advantages that cybersecurity officials say must be countered by increasingly building AI into products. This article has been…

Rockwell Automation Urges Disconnection of ICS from the Internet

Rockwell Automation warned customers to disconnect industrial control systems (ICS) from the internet, citing escalating cyber threats and rising global geopolitical tensions. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Rockwell Automation…

Former White House Cyber Official Jeff Greene to Join CISA

Former White House National Security Council cyber staff member Jeff Greene, the current cybersecurity programs director at the Aspen Institute think tank, is joining the CISA next month, the agency confirmed. This article has been indexed from Cyware News –…

Scammers are Selling Fake NSO Pegasus Spyware

CloudSEK researchers found the fake spyware after perusing around 25,000 posts of individuals offering Pegasus and other NSO tools via channels on the messaging service Telegram. This article has been indexed from Cyware News – Latest Cyber News Read the…

ARPA-H Pledges $50M for Hospital IT Security Auto-Patching

The US government’s Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments. This article has been indexed from Cyware…

Snapchat Revises AI Privacy Policy Following UK ICO Probe

Instant messaging app Snapchat its artificial intelligence-powered tool under compliance after the U.K. data regulator said it violated the privacy rights of individual Snapchat users. This article has been indexed from Cyware News – Latest Cyber News Read the original…

100 Groups Urge Feds to Put UHG on Hook for Breach Notices

Over 100 medical associations and industry groups, representing thousands of U.S. doctors and healthcare professionals, have urged the HHS to hold Change Healthcare accountable for breach notifications following a massive February ransomware attack. This article has been indexed from Cyware…

QNAP QTS Zero-Day in Share Feature Gets Public RCE Exploit

An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. This article has been indexed from Cyware News – Latest Cyber News Read the…

Chinese Telco Gear May Get Banned in Germany

Germany is considering banning the use of Huawei and ZTE equipment in its 5G networks due to national security concerns, despite industry opposition and the potential high costs associated with the removal of the Chinese-made technology. This article has been…

The Mystery of the Targeted Ad and the Library Patron

An attorney discovered that the mobile ads she saw were reflecting her recent library audiobook borrowing habits, raising concerns about the privacy of library patron data and the potential for targeted advertising based on that information. This article has been…

Chinese Duo Indicted for Laundering $73m in Pig Butchering Case

Two Chinese nationals have been indicted for their alleged involvement in a multimillion-dollar “pig butchering” investment fraud scheme, where they laundered over $73 million through US financial institutions and cryptocurrency wallets. This article has been indexed from Cyware News –…

Too Many ICS Assets are Exposed to the Public Internet

The enterprise attack surface is rapidly expanding due to the convergence of IT and OT systems, leading to a large number of ICS assets being exposed to the public internet and creating new vulnerabilities that security teams struggle to manage.…

US SEC Approves Wall Street Data Breach Reporting Regs

The SEC has approved new regulations that require broker-dealers and investment firms to notify their clients within 30 days of detecting a data breach, in an effort to modernize and enhance the protection of consumers’ financial data. This article has…

The Importance of Access Controls in Incident Response

Adequate IAM policies are essential for incident management tooling to ensure the right people can quickly address issues without being blocked. Authentication verifies a person’s identity, while authorization manages permissions and access levels. This article has been indexed from Cyware…

CISA Senior Official Goldstein to Leave Agency in June

Eric Goldstein, the executive assistant director for cybersecurity at the CISA, is leaving the agency in June after playing a crucial role in driving the agency’s secure-by-design initiatives and strengthening partnerships with the private sector. This article has been indexed…

White House Unveils AI Safety Framework for US Workers

The White House unveiled a framework to protect U.S. workers from AI risks, emphasizing health and safety rights, governance, human oversight, and transparency as organizations adopt new technologies. This article has been indexed from Cyware News – Latest Cyber News…

UK Government Publishes AI Cybersecurity Guidance

The UK government has released guidance to help AI developers and vendors protect their AI models from hacking and potential sabotage, with the goal of transforming this guidance into a global standard to promote security by design in AI systems.…

Researchers Report High-Impact Cat-Phishing Targeting Users

HP’s new report reveals that cybercriminals are increasingly using “cat-phishing” techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Researchers…

CISA Warns of Hackers Exploiting Chrome, EoL D-Link Bugs

CISA has added a high-severity vulnerability (CVE-2024-4761) in Chrome’s V8 JavaScript engine to its ‘Known Exploited Vulnerabilities’ catalog, which is being actively exploited. This article has been indexed from Cyware News – Latest Cyber News Read the original article: CISA…

Norway Recommends Replacing SSL VPN to Prevent Breaches

The Norwegian NCSC recommends organizations replace SSL VPN/WebVPN solutions with more secure alternatives, like IPsec with IKEv2, by 2025 to prevent breaches from repeated vulnerabilities. This article has been indexed from Cyware News – Latest Cyber News Read the original…