Network SecurityGoogle: Zero-day exploits increasingly target enterprise technologiesAn analysis found threat actors are increasingly targeting enterprise-specific technologies.
Network SecurityScreenConnect, BIG-IP bugs a bonanza for hackers conducting cyberespionageOne China-linked threat actor boasted of compromising hundreds of organizations using the known vulnerabilities.
Data SecurityIs Cozy Bear targeting Western political parties with phishing attacks?Google Mandiant says APT29 targeted German politicians and is a threat to Western political parties.
Critical Infrastructure SecurityOdd NuGet package for industrial equipment raises espionage concernsThe open-source .NET package stealthily exfiltrates screenshots from BOZHON equipment.
RansomwareTakedowns spark affiliate bidding war among ransomware gangsAfter authorities disrupted LockBit and ALPHV/BlackCat, smaller extortion groups are scrambling to recruit their former affiliates.
Critical Infrastructure SecurityEPA floats task force to address cyberattacks on water infrastructureRecent attacks by Chinese and Iranian hackers threaten the supply of safe drinking water, the agency warns.
Network SecurityEarth Krahang campaign compromised government servers in 23 countriesThe newly discovered China-linked APT group abused trust between governments.
RansomwareNothing will change as a result of the Change Healthcare incidentUnless there are major policy and regulatory changes and the industry focuses more on threat sharing, nothing much will change in healthcare.
Network SecurityUpdate delays to NIST vulnerability database alarms researchersCrucial enrichment data is not being added to NVD entries as NIST works through a “transition” process.
RansomwareSTOP ransomware, more common than LockBit, gains stealthier variantThe variant performs 65 million data copies as a delay tactic and employs dynamic API resolution.
It makes sense for the Biden administration to focus on software security – but it’s up to the industry to make it happen John Funge November 29, 2023
Five attack vectors that businesses should focus on in the wake of the Israel-Hamas warJeremiah Fowler November 6, 2023
Middle East crisis: Understanding the potential threats – and how the cybersecurity industry can take action Yoav Regev October 18, 2023