January 6, 2023

2023 Predictions for Storage and Backup Ransomware

By Doron Pinhas, Chief Technology Officer, 2022 clearly demonstrated that attacks on data represent the greatest cyber-threat organizations face. The attack pace not only continued, it accelerated. Notable data breaches took place at Microsoft, News Corp., the Red Cross, FlexBooker, Cash App, GiveSendGo, and several crypto firms. Many of these attacks took advantage of known …

2023 Predictions for Storage and Backup Ransomware Read More »

Women’s Health Clinic Suffers Breach in Ransomware Attack

Fraud Management & Cybercrime , Ransomware Pennsylvania Nonprofit Says Patient Medical, Financial Data Breached in 2022 Attack Prajeet Nair (@prajeetspeaks) • January 6, 2023     Image: Shutterstock Pennsylvania-based nonprofit Maternal and Family Health Services this week revealed a ransomware attack in April 2022 that compromised patient medical and financial data. See Also: Securing Healthcare …

Women’s Health Clinic Suffers Breach in Ransomware Attack Read More »

CEO Dibrov on Armis’ Play in Asset Vulnerability Management

Governance & Risk Management , Video , Vulnerability Assessment & Penetration Testing (VA/PT) Yevgeny Dibrov on Why Figuring Out Which Vulnerabilities to Prioritize Is So Vexing Michael Novinson (MichaelNovinson) • January 6, 2023     Yevgeny Dibrov, co-founder and CEO, Armis (Image: Armis) Determining which asset vulnerabilities should be prioritized for remediation is one of …

CEO Dibrov on Armis’ Play in Asset Vulnerability Management Read More »

Blind Eagle APT Hunts Banking Victims in Colombia, Ecuador

Cybercrime , Fraud Management & Cybercrime Hacking Group Returns With Updated Tools and Infection Chain Mihir Bagwe (MihirBagwe) • January 6, 2023     Image: Shutterstock Hacking group Blind Eagle returned from its hiatus and is conducting an ongoing campaign directed at Spanish-speaking targets in Colombia and Ecuador. See Also: OnDemand | Understanding Human Behavior: …

Blind Eagle APT Hunts Banking Victims in Colombia, Ecuador Read More »

Trend Micro establishes new subsidiary for 5G cybersecurity

Trend Micro has established CTOne, a new Trend Micro subsidiary focused on advancing 5G network security and beyond. The group’s intellectual capital and leadership come from Trend Micro’s culture of innovation and is the latest incubation project to launch as a standalone business. “Trend Micro has been at the forefront of network transformations for over …

Trend Micro establishes new subsidiary for 5G cybersecurity Read More »

Twitter Data Breach Exposes Email Addresses of 200 Million Users

Recent reports indicate that a dataset containing the email addresses of approximately 200 million Twitter users was posted to a popular hacking forum for free. It appears the dataset was created in 2021, after a threat actor exploited a Twitter API vulnerability which allowed users to input emails and phone numbers to confirm whether they …

Twitter Data Breach Exposes Email Addresses of 200 Million Users Read More »

Twitter Scraping Breach: 209 Million Accounts Leaked on Hacker Forum

The leaked Twitter data is now circulating on several hacking forums, including prominent Russian-language ones. Personal data, including email addresses, of nearly 209 million Twitter users were scraped, stolen, and posted on an online hacking forum. As seen by Hackread.com, the database posted online contains 209,000,000 records, all belonging to Twitter users. The database comprises …

Twitter Scraping Breach: 209 Million Accounts Leaked on Hacker Forum Read More »

These 10 Austin Tech Companies Raised the Most Funding in 2022

Last year was filled with many ups and downs for tech companies across the globe. Despite the hardships, several businesses still raised high-dollar funding rounds. In Austin, the 10 largest funding round were spread amongst tech companies in different industries, including artificial intelligence, climate tech, e-commerce and much more. Some even hit tech unicorn status …

These 10 Austin Tech Companies Raised the Most Funding in 2022 Read More »

Do Paperless Offices Face More Security Risks?

With the ever-growing reliance on technology and expanding connectivity in the digital world, going paperless is increasingly possible for all kinds of businesses, bringing significant benefits. However, many offices are concerned about the potential security risks of digitizing their data. Learn more about the pros and cons of going paperless at the office, including the …

Do Paperless Offices Face More Security Risks? Read More »

The Four Keys to Achieving an Optimal Application Experience

By Larry Goldman, Senior Manager of Product Marketing, To this point, many businesses have failed to look at application experience (AX) management holistically, as its own challenge with its own set of distinct––and interlocking––solutions. This oversight has been to their detriment. The fact is that every second of lag time on an online banking app …

The Four Keys to Achieving an Optimal Application Experience Read More »

Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack

The Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack in December that is still impacting medical activity. The Saint Gheorghe Recovery Hospital in Botoşani, in northeastern Romania, was hit by a ransomware attack in December that is still impacting medical operations. The hospital is not able to report the services performed in December …

Saint Gheorghe Recovery Hospital in Romania suffered a ransomware attack Read More »

Friday Squid Blogging: Squid Fetish

Friday Squid Blogging: Squid Fetish Seems that about 1.5% of people have a squid fetish. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Tags: squid Sidebar photo of Bruce Schneier by Joe MacInnis.Read more

How the Hacker Covered His Tracks After Stealing Over 200 Bitcoin

Share this… The cybercriminal who stole more than 200 bitcoin (BTC) from Luke Dashjr, the creator of Bitcoin Core, carried out a series of transactions in order to conceal the ultimate destination of the stolen assets. This individual demonstrates a high level of caution and a significant amount of understanding about programming and Bitcoin based …

How the Hacker Covered His Tracks After Stealing Over 200 Bitcoin Read More »

Is Your Company Protected From Common Cyber Threats?

Many medium and small businesses are known for neglecting their cybersecurity. This usually arises due to several reasons, including financial constraints, human resource problems, or fear. Mostly, however, many businesses are not focused on cybersecurity since they are under the impression that cyber threats only affect larger businesses. However, medium to small-sized businesses are also …

Is Your Company Protected From Common Cyber Threats? Read More »

Assurance IQ Shakes Website Activity Tracking Fight For Now

By Allison Grande (January 6, 2023, 9:41 PM EST) — A California federal judge has axed a proposed class action accusing Assurance IQ and its software vendor of unlawfully recording website visitors’ keystrokes and electronic communications, although he gave the plaintiff another chance to amend his claims in a dispute that has been widely credited …

Assurance IQ Shakes Website Activity Tracking Fight For Now Read More »

The Five-Step PCI DSS 4.0 Transition Checklist

By Tyler Reguly, senior manager, security R&D at cybersecurity software and services provider The pandemic ushered in an unprecedented wave of online purchasing, as people around the world became far more comfortable with virtual shopping. In fact, the U.S. Census Bureau’s latest  reports e-commerce expenditures rose from $571.2 billion in 2019 to $815.4 billion in 2020, …

The Five-Step PCI DSS 4.0 Transition Checklist Read More »

Software Engineer Charged With ‘Office Space-Inspired’ Fraud

Fraud Management & Cybercrime , Governance & Risk Management , Insider Threat ‘Shopping Experience’ Engineer at Retailer Accused of ‘Malicious Software Edits’ Mathew J. Schwartz (euroinfosec) • January 6, 2023     Image: Three men prepare to execute a fax machine in this scene from the 1999 workplace comedy film “Office Space.” More signs truth …

Software Engineer Charged With ‘Office Space-Inspired’ Fraud Read More »

Texas County EMS Agency Says Ransomware Breach Hit 612,000

Fraud Management & Cybercrime , Ransomware Emergency Medical, Ambulance Providers Face Extra Security Threats, Experts Say Marianne Kolbasuk McGee (HealthInfoSec) • January 6, 2023     Image: MedStar Mobile Healthcare A municipal ambulance services provider that serves 15 cities in a Texas county has reported to federal regulators a ransomware breach potentially affecting 612,000 individuals, …

Texas County EMS Agency Says Ransomware Breach Hit 612,000 Read More »

Q&A: Sounil Yu

Sounil Yu, CISO at JupiterOne, talks about imposter syndrome, communicating in business-relevant terms and pinpointing gaps in organizations’ security programs. Below is a transcribed version of the interview, which is part of a series of conversations by Decipher with CISOs across the security industry. Lindsey O’Donnell-Welch: What have been some of the biggest lessons learned …

Q&A: Sounil Yu Read More »

Just few malicious packets allow to take control of Centos Web Panel 7 servers. Exploit PoC for RCE flaw published.

Share this… Control Web Panel, which was formerly known as CentOS Web Panel and comes in both free and paid versions, is a web hosting control panel that is both open source and free to use. It was developed to allow for the quick and easy management of servers (both dedicated and virtual private servers) …

Just few malicious packets allow to take control of Centos Web Panel 7 servers. Exploit PoC for RCE flaw published. Read More »

The Rise of Collaboration for Proactive Phishing Defense

The cybersecurity industry has been talking about collaborative approaches forever. In fact, the cyber community has been using a collaborative approach for a long time on things like the identification of vulnerabilities. It’s how CVEs are identified, verified, enumerated, and cataloged. But that’s mostly rear-looking, not real-time, not a proactive defense. Read more