ISACA CEO Hails Europe as a Lighthouse of Capability
ISACA, a global association of information systems auditors and control professionals, is rapidly growing in Europe, and at a faster...
News
Global Economy Could Lose $3.5trn in Systemic Cyber-Attack
Insurance giant Lloyd’s of London has published a systemic risk scenario of a cyber-attack resulting in global economic losses of...
Google Play Protect Bolsters Security Against Malicious Apps
Google has bolstered the security of Android devices with a significant update to Google Play Protect. According to the tech...
AI Adoption Surges But Security Awareness Lags Behind
A new ExtraHop survey involving over 1200 global security and IT leaders has provided fresh insights into the adoption and...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
Our new principles to help make cloud backups more resilient
Our new principles to help make cloud backups more resilient Every month there are press reports of a global organisation...
Over 10,000 Cisco devices hacked in IOS XE zero-day attacks
Update October 17, 16:40 EDT: Added new information on breached Cisco IOS XE devices. Attackers have exploited a recently disclosed...
Fighting off cyberattacks? Make sure user credentials aren’t compromised
As an IT professional, you know that threat actors work overtime to get your end-users’ credentials. Whether it’s 3 PM...
SpyNote Android malware spreads via fake volcano eruption alerts
The Android 'SpyNote' malware was observed in attacks targeting Italy using a fake 'IT-alert' public alert service that infected visitors...
D-Link confirms data breach after employee phishing attack
Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for...
Malicious Notepad++ Google ads evade detection for months
A new Google Search malvertizing campaign targets users looking to download the popular Notepad++ text editor, employing advanced techniques to...
KwikTrip all but says IT outage was caused by a cyberattack
Kwik Trip has released another statement on an ongoing outage, all but confirming it suffered a cyberattack that has led...
Amazon adds passkey support as new passwordless login option
Amazon has quietly added passkey support as a new passwordless login option for customers, offering better protection from information-stealing malware...
Over 40,000 admin portal accounts use ‘admin’ as a password
Security researchers found that IT administrators are using tens of thousands of weak passwords to protect access to portals, leaving...
A Third of Organizations Not Ready to Comply with NIS2
Just a third (34%) of impacted organizations in the UK, France and Germany are prepared for the EU’s updated Network...
Fake Browser Updates Used in Malware Distribution
Cybersecurity researchers from Proofpoint have identified a rising trend in threat activity that employs fake browser updates to disseminate malware. At...
Rising AI-Fueled Phishing Drives Demand for Password Alternatives
Online phishing scams are becoming more frequent and more sophisticated, according to the Online Authentication Barometer, published by the FIDO...
Persistent Espionage Campaign Targets APAC Governments
Cybersecurity experts at Kaspersky have unveiled a covert and highly advanced espionage campaign, codenamed “TetrisPhantom.”The persistent operation has specifically targeted...
US-CERT Vulnerability Summary for the Week of October 9, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info3ds -- teamwork_cloud_no_magic_releaseA Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from...
The forgotten malvertising campaign
In recent weeks, we have noted an increase in malvertising campaigns via Google searches. Several of the threat actors we...
Signal says there is no evidence rumored zero-day bug is real
Signal messenger has investigated rumors spreading online over the weekend of a zero-day security vulnerability related to the 'Generate Link...
Women Political Leaders Summit targeted in RomCom malware phishing
A new, lightweight variant of the RomCom backdoor was deployed against participants of the Women Political Leaders (WPL) Summit in...
Steam enforces SMS verification to curb malware-ridden updates
Valve has announced implementing additional security measures for developers publishing games on Steam, including SMS-based confirmation codes. This is to...
CISA, FBI urge admins to patch Atlassian Confluence immediately
CISA, FBI, and MS-ISAC warned network admins today to immediately patch their Atlassian Confluence servers against a maximum severity flaw...
