Microsoft discovered hackers targeting internet-facing Linux systems and IoT devices to steal IT resources for cryptocurrency mining operations. The campaign begins by brute-forcing target systems and devices and then uses a backdoor to deploy open-source tools such as rootkits and an IRC bot.
Europe's continued efforts to control its data will not stifle competition and are not an act of "protectionism," a top European Union official said amid growing criticism of the EU's legislative proposal to introduce stringent data-sharing requirements for businesses.
The number of victims affected by a campaign that targeted a zero-day vulnerability in Progress Software's MOVEit file transfer product continued to grow as insurer Genworth Financial reported that up to 2.7 million of its customers and agents appear to have been affected by the breach.
The National Security Agency has released mitigation advice for locking down Windows and Linux environments against powerful BlackLotus malware, warning organizations against having "a false sense of security" since patching alone will not stop the bootkit.
Every week, ISMG rounds up cybersecurity incidents around the world. This week, attackers hit European Investment Bank; a California pension fund suffered a cyberattack related to MOVEit; UPS Canada disclosed a data breach; and a new Android malware campaign spread GravityRAT spyware.
The top French privacy regulator has imposed a fine of 40 million euros against a Parisian advertising technology company for its use of website tracking cookies and failure to process users' personal data in compliance with privacy laws under the General Data Protection Regulation.
A proposed federal class action lawsuit alleges that patient debt collection software firm Intellihartx was negligent in its handling of third-party risk, contributing to a breach affecting nearly 490,000 individuals and involving a recent hack on its file transfer software vendor Fortra.
Exabeam will have its third CEO since June 2021 after promoting Chief Product Officer Adam Geller to take over as its top leader. The security operations vendor elevated Geller to replace Michael DeCesare, 57, who joined Exabeam as president and CEO two years ago after leading Forescout for years.
Steve Kerrison, a senior lecturer in cybersecurity at Singapore's James Cook University, recently shared how universities in the Asia-Pacific region are meeting the rising demand for cybersecurity professionals. Meeting the demand starts with understanding the needs of the job market.
British law firms are at increased risk of being hacked due to a growing number of cybercrime-as-a-service groups, the country's top cybersecurity agency warned in a new advisory. Lawyer are under attack from cybercriminals, nation-state groups and ransomware gangs.
Researchers at AhnLab Security Emergency Response Center observed APT37 target South Korean individuals with spear-phishing emails to inject wiretapping malware. The state-backed cybercrime group primarily employs spear-phishing to compromise the devices of victims.
Apple has fixed multiple zero-days that were actively being exploited since 2019 and infect several iOS devices with a spyware implant dubbed TriangleDB via zero-click iMessage exploits. The tech giant said the vulnerabilities actively exploited iOS versions released before iOS 15.7.
Fallout for Progress Software continues as hundreds of private and public sector organizations that use its MOVEit file transfer software face data breaches due to a zero-day attack. Some victims have filed a proposed class action suit in federal court, alleging poor security controls at Progress.
The security benefits of public cloud outweigh the drawbacks since cyber controls can be applied much earlier in the application development life cycle. Palo Alto Networks founder and Chief Technology Officer Nir Zuk said development procedures in traditional data centers are "a complete mess."
Every week, ISMG rounds up cybersecurity incidents in the world of digital assets. This week: Sam Bankman-Fried is set to face two criminal trials instead of one, Binance is sinking deeper into regulatory quicksand, and the Mango Markets hacker is expected to be tried on Dec. 4.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.