Hackers used an updated malware framework dubbed Mata by Kaspersky to target more than a dozen oil, gas and defense sector companies in Eastern Europe, including air-gapped systems. Kaspersky previously associated Mata with North Korea but doesn't attribute this campaign to the Pyongyang regime.
This week, Citrix's update was insufficient, a Navy IT manager was sentenced to prison for accessing a database, a Moldovan man pleaded not guilty to running a credentials marketplace, new details emerged on health data breaches, and a television advertising giant suffered a ransomware attack.
Iranian state-sponsored hackers conducted an eight-month espionage campaign against a Middle Eastern government, compromising dozens of computers. The Crambus group exploited publicly available tools and three novel pieces of malware to access systems, maintain persistence and steal data.
North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.
Tenable held steady atop Forrester's vulnerability risk management rankings while Vulcan Cyber broke into the leaders category and Rapid7 and Qualys tumbled from the leaderboard. The way vendors deliver vulnerability management has shifted away from ingesting vulnerability assessment results.
The U.S. needs to pass federal legislation to establish a national framework of standards and a rules of the road for AI, but first passing federal data privacy legislation is an essential foundational part of that, some witnesses told members of Congress.
Pro-Ukrainian hackers claimed responsibility for wiping the servers of the Trigona ransomware gang, a recently formed group that may have links to the Russian cybercriminal underground. "'Terrible Russian hackers,' yeah, yeah," wrote a self-described spokesman for the Ukrainian Cyber Alliance.
Arctic Wolf last week announced plans to buy SOAR platform provider Revelstoke in a move to boost Arctic Wolf's automated response capabilities and lay the groundwork for "deeply embedded" AI and machine learning. CEO Nick Schneider explained how the deal will benefit customers and drive innovation.
Nation-state hackers are targeting a vulnerability in WinRAR, a popular Windows utility for archiving files, warns Google’s Threat Analysis Group, which said it has seen "government-backed hacking groups" who hail from multiple countries, including China and Russia, targeting the bug.
Watermarking is a core part of a White House trustworthiness initiative to bind companies into observing steps to guarantee the safety of AI products. The problem, say AI experts, is that watermarking is as likely to fail as succeed. Watermarking removal tools are available on the open internet.
Cisco issued an urgent warning Monday about a critical vulnerability in one of its modular operating system's web interfaces that is designed for routers, switches and other appliances. Hackers exploited the IOS XE software UI to gain admin rights that give them full control of compromised devices.
IBM says the personal information of 631,000 people was compromised by a "technical method" that allowed unauthorized access to a third-party database used by a Johnson & Johnson patient medication support platform. IBM said the problem has been fixed, but two lawsuits have already been filed.
Nation-state hacks against Western start-ups are surging in a bid by competitor nations to glean intellectual property, warns the Five Eyes intelligence alliance. The stolen data was likely used to fast-track technological and military capabilities within adversary nations, alliance members say.
Amplifying kinetic attacks, Russian hackers in recent months have hit at least 11 telecommunications firms in Ukraine with a barrage of "destructive" malware designed to exfiltrate data, steal social media account credentials, destroy IT systems and disrupt operations, the Ukrainian government says.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.