CSO
US AI experts targeted in cyberespionage campaign using SugarGh0st RAT
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
DarkReading
US AI Experts Targeted in SugarGh0st RAT Campaign
Researchers believe the attacker is likely China-affiliated, since a previous version of the malware was used by a China nation-state attack group.
Bleeping Computer
Microsoft: Windows Server 2019 updates fail with 0x800f0982 errors
Microsoft has acknowledged a new known issue causing this month's KB5037765 security update for Windows Server 2019 to fail to install with 0x800f0982 errors.
The Hacker News
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
Kimsuky hackers launch new social engineering attack using fake Facebook accounts. Learn how they target activists via Messenger and deliver malware.
SecurityWeek
Legacy of Wisdom: Security Lessons Inspired by My Father
Honoring my father's memory by translating his timeless life lessons into practical wisdom for the cybersecurity profession.
Cyber Security News
Top 10 Best Managed Service Providers (MSP) for CISO, CTO & IT Managers - 2024
Best MSP for CISO, CTO & IT Managers - 1. Perimeter 812. Secureworks 3. IBM 4. Trustwave 5. Wipro 6. Verizon 7. Sophos 8. Symantec.
The Cyber Express
Beyond Borders: CISA Addresses the Global Influence on US Election Cybersecurity
During a recent Senate committee hearing, Director of National Intelligence Avril Haines emphasized state hackers' continued prominence as a threat,
Infosecurity News
UK Lags Europe on Exploited Vulnerability Remediation
UK organizations are less likely than their European peers to have known exploited bugs but take longer to fix them
The Hacker News
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
Nearly a dozen security flaws have been discovered in the GE HealthCare Vivid Ultrasound product family.
The Cyber Express
Nissan Cybersecurity Incident Update: 53,000 Employees Affected
Following the massive Nissan data breach from November last year that exposed the Social Security numbers of thousands of former
Trend Micro
Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024
This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.
Infosecurity News
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware
The Cyber Express
The Cybersecurity Guardians: Meet the Top 30 cybersecurity Influencers to Follow in 2024
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
Bleeping Computer
Protect against lateral movement attacks by securing credentials
Organizations need to detect and remove intruders quickly to prevent data loss and minimize the impact of lateral movement attacks. Learn more from Specops Software on blocking lateral movement in networks.
Infosecurity News
Google Expands Content Watermarking Tool to AI-Generated Text
Google DeepMind’s SynthID can now be used to watermark AI-generated images, audio, text and video
CSO
Singing River ransomware attack now thought to have affected over 895,000
The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack.
The Hacker News
It's Time to Master the Lift & Shift: Migrating from VMware vSphere to Microsoft Azure
Moving to the cloud just got easier. Discover how Zerto simplifies your VMware vSphere to Microsoft Azure migration.
SecurityWeek
Senators Urge $32 Billion in Emergency Spending on AI After Finishing Yearlong Review
Senators are recommending that Congress spend at least $32 billion over the next three years to develop AI and place safeguards around it.
The Cyber Express
CISA, FBI, and DHS Releases Cybersecurity Blueprint for Civil Society
CISA, in collaboration with DHS, FBI, and international cybersecurity entities, has revealed a comprehensive guide aimed at bolstering cybersecurity for
Cyber Security News
10 Best Network Security Providers for Healthcare Industry in 2024
Best Network Security Providers for the Healthcare Industry - 1. Perimeter 81, 2. Palo Alto Networks, 3. Fortinet, 4. Cisco, 5. Trend Micro
Cyber Security News
How To Reduce The Alert Triage Time In Security Operations: SOC Analyst Guide
Alert Triage is a process of recognizing the important alerts from a huge pool of security alerts and allocating the resources accurately.
DarkReading
Singapore Cybersecurity Update Puts Cloud Providers on Notice
The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
CSO
FBI warns Black Basta ransomware impacted over 500 organizations worldwide
CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting.
The Record
Officials defend election security efforts as senators call on them to improve their game
“We've got to do a better job of making sure Americans of all political stripes understand what is very probably coming their way over the next less than six months,” Senate Intelligence Chair Mark Warner told leaders from ODNI, CISA and the FBI.
Bleeping Computer
Microsoft fixes VPN failures caused by April Windows updates
Today, Microsoft fixed a known issue breaking VPN connections across client and server platforms after installing the April 2024 Windows security updates.
Bleeping Computer
Test your network like a hacker with $1,000 off this course bundle
Ethical hacking gets deep into your networks to find problems before criminals can exploit them. For a limited time start learning how with these 18 cybersecurity courses for $39.97, $1058 off the $1098 MSRP.
Security Affairs
VMware fixed zero-day flaws demonstrated at Pwn2Own2024
VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024
Bleeping Computer
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
Security Affairs
MITRE released EMB3D Threat Model for embedded devices
The non-profit technology organization MITRE released the EMB3D threat model for embedded devices used in critical infrastructure.
DarkReading
Dangerous Google Chrome Zero-Day Allows Sandbox Escape
Exploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild.
The Hacker News
VMware Patches Severe Security Flaws in Workstation and Fusion Products
Researchers have uncovered a critical vulnerability in VMware's Bluetooth device, allowing code execution by malicious actors.
Bleeping Computer
VMware fixes three zero-day bugs exploited at Pwn2Own 2024
VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest.
Ars Technica
Apple, SpaceX, Microsoft return-to-office mandates drove senior talent away
"It’s easier to manage a team that’s happy.”
Ars Technica
The hunt for rare bitcoin is nearing an end
Rare bitcoin fragments are worth many times their face value.
The Cyber Express
Cybersecurity Concerns Surround ChatGPT 4o’s Launch; Open AI Assures Beefed up Safety Measure
The field of Artificial Intelligence is rapidly evolving, and OpenAI's ChatGPT is a leader in this revolution. This groundbreaking large
Infosecurity News
UK Insurance and NCSC Join Forces to Fight Ransomware Payments
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses
The Hacker News
6 Mistakes Organizations Make When Deploying Advanced Authentication
Advanced authentication: The key to addressing the weakest link in cybersecurity - human users. Learn how to fortify your organization's defenses.
SecurityWeek
Student, Personnel Information Stolen in City of Helsinki Cyberattack
The City of Helsinki says usernames, email addresses, and personal information was stolen in a recent cyberattack.
SecurityWeek
MITRE EMB3D Threat Model Officially Released
MITRE announced the public availability of the EMB3D threat model for embedded devices used in critical infrastructure.
The Cyber Express
Hackers Exploit Unpatched Bug in Helsinki Education Division Data Breach
Hackers exploited an unpatched remote access server vulnerability in the Helsinki education division data breach to scour through records of
Latest Hacking News
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Torrance, California, May 13th, 2024, CyberNewsWireCriminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially
The Cyber Express
Millions of IoT Devices at Risk from Cinterion Modem Vulnerabilities
Millions of Internet of Things (IoT) devices present across the industrial, healthcare, automotive, financial, and telecommunication sectors are at significant
Cyber Security News
OpenAI Releases GPT-4o, Faster Model & Free For All ChatGPT Users
OpenAI, which is the leading artificial intelligence research lab, recently announced its latest breakthrough in AI technology called GPT-4o.
The Record
Civil society under increasing threats from ‘malicious’ state cyber actors, US
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
SC Magazine
LockBit ransomware spread in millions of emails via Phorpiex botnet
Emails from “Jenny Green” delivered LockBit Black through attached ZIP files.
SC Magazine
Google patches 6th Chrome zero-day of 2024, three days after last one
Security pros say the industry can expect to see this bug exploited soon, so patch, monitor and conduct other measures, like browser isolation and sandboxing.
The Record
UK 'increasingly concerned' about Russian intelligence links to hacktivists
GCHQ Director Anne Keast-Butler warned at the CyberUK conference that the Kremlin’s partnership with criminal groups was contributing to cyberattacks as well as other operations.
Ars Technica
Before launching, GPT-4o broke records on chatbot leaderboard under a secret name
Anonymous chatbot that mystified and frustrated experts was OpenAI's latest model.
DarkReading
500 Victims In, Black Basta Reinvents With Novel Vishing Strategy
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
Security Affairs
City of Helsinki suffered a data breach
The City of Helsinki suffered a data breach that impacted tens of thousands of students, guardians, and personnel.
Ars Technica
ChatGPT-4o allows real-time audio-video conversations with an “emotional” AI chatbot
GPT-4o demo shows new AI model singing a bedtime story, detecting user's facial expressions.
%20(1).webp)
Cyber Security News
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
"Our partnership with Quad9 is a recognition of the accuracy of Criminal IP's data," stated Byungtak Kang, CEO of AI SPERA.
The Hacker News
MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices
MITREcorp has launched EMB3D, a new threat-modeling framework for embedded devices used in critical infrastructure.
Latest Hacking News
Dell API Exploitation Led to Breach Affecting 49M Customers
Dell customers need to stay cautious as the vendors admit a data breach impacting their customers. What makes this breach notable is its root cause, which turns out to be a Dell API exploit by
Bleeping Computer
Criminal IP Teams with Quad9 for Advanced Threat Intelligence Sharing
The Criminal IP Threat Intelligence (CTI) search engine to integrate with Quad9's threat-blocking service. Learn more from Criminal IP about how this integration can help you.
HACKRead
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Torrance, California, May 13th, 2024, CyberNewsWire
CyberNews
Russia-linked group incorporating AI in its new automated propaganda machine
A Russia-linked group is automating fake news fabrication and publishing with AI.
Infosecurity News
Ascension Ransomware Attack Diverts Ambulances, Delays Appointments
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
CyberSecurity Dive
Black Basta ransomware is toying with critical infrastructure providers, authorities say
The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors. Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.
SecurityWeek
Black Basta Ransomware Hit Over 500 Organizations
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
Infosecurity News
Black Basta Ransomware Victim Count Tops 500
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
The Hacker News
Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries
Kaspersky researchers have uncovered multiple security flaws in Cinterion cellular modems that could put your communication networks and IoT devices a
The Hacker News
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
SecurityWeek
FBCS Collection Agency Data Breach Impacts 2.7 Million
Financial Business and Consumer Solutions (FBCS) says the personal information of 2.7 million was impacted in the recent data breach.
Cyber Security News
CISA Warns Of Black Basta Ransomware Attacking 500+ Industries
Black Basta ransomware is used by threat actors because of its powerful abilities and inconspicuous moves.
CyberNews
High-tech bomb disposal robots to the rescue in the UK
T4 is said to be adept at navigating narrow urban spaces, trains, buses, and climbing stairs.
CyberSecurity Dive
Only one-third of firms deploy safeguards against generative AI threats, report finds
Generative AI gives attackers an edge over cyber defenders, according to a Splunk survey of security experts.
Security Affairs
Firstmac Limited disclosed a data breach after cyber attack
Firstmac Limited disclosed a data breach after the new Embargo extortion group leaked over 500GB of data allegedly stolen from the company.
CSO
IntelBroker steals classified data from the Europol website
The agency said core operations remain unaffected even as IntelBroker claimed to possess classified, law enforcement data.
CyberSecurity Dive
Don’t be afraid of GenAI code, but do be wary
Don’t fall for scare headlines about GenAI code—it offers multiple benefits—but also be aware of its limits and risks.
The Record
Hack of provincial Canadian government suspected to be ‘state-sponsored’
Foreign hackers made three attempts to compromise government systems in British Columbia, officials said.
SC Magazine
Ascension ‘making progress’ to restore systems after ransomware attack
Black Basta, the gang reportedly responsible for the attack against the large health system, is described as prolific and sophisticated by federal agencies.
Bleeping Computer
Largest non-bank lender in Australia warns of a data breach
Firstmac Limited is warning customers that it suffered a data breach a day after the new Embargo cyber-extortion group leaked over 500GB of data allegedly stolen from the firm.
Bleeping Computer
The Post Millennial hack leaked data impacting 26 million people
Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website.
Bleeping Computer
CISA: Black Basta ransomware breached over 500 orgs worldwide
CISA and the FBI said today that Black Basta ransomware affiliates breached over 500 organizations between April 2022 and May 2024.
Bleeping Computer
Europol confirms web portal breach, says no operational data stolen
Europol, the European Union's law enforcement agency, confirmed that its Europol Platform for Experts (EPE) portal was breached and is now investigating the incident after a threat actor claimed they stole For Official Use Only (FOUO) documents containing classified data.
Security Affairs
A cyberattack hit the US Healthcare giant Ascension
A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country
Bleeping Computer
Ascension redirects ambulances after suspected ransomware attack
Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday.
DarkReading
Ascension Healthcare Suffers Major Cyberattack
The attack cut off access to electronic healthcare records (EHRs) and ordering systems, plunging the organization and its health services into chaos.
SecurityWeek
Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service
Ascension is scrambling to contain a significant hack causing disruption and “downtime procedures” at hospitals around the country.
CyberNews
Google maps out tiny portion of brain
One cubic millimeter of the human brain has been shown to have 50,000 cells and 150 million neural connections.
DarkReading
Cybersecurity Races to Unmask New Wave of AI Deepfakes
Kevin Mandia, CEO of Mandiant at Google Cloud, calls for watermarks as the industry braces for a barrage of mind-bending AI-generated fake audio and video.
The Hacker News
What's the Right EDR for You?
EDR solutions can detect threats that traditional defenses like antivirus often miss. Find out how EDR provides a deeper level of security.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 4)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
.png)
Cyber Security News
Accenture Wins $789 Million Contract to Support Global U.S. Navy Maritime Forces
AFS, a subsidiary of global professional services company Accenture, has been awarded a $789 million contract to bolster the cybersecurity.
CSO
Dell data breach exposes data of 49 million customers
The company says the breach compromised non-critical customer data and involved no sensitive personal or financial information.
The Record
After Ascension ransomware attack, feds issue alert on Black Basta group
The FBI, CISA and Department of Health and Human Services (HHS) alerted healthcare organizations to the group's activities. A separate report said Black Basta was behind the attack on Ascension healthcare system.
Computerworld
Apple updates its Platform Security Guide
It's essential reading for IT admins, security researchers and anyone with an interest in Apple security, now updated for 2024.
Bleeping Computer
Poland says Russian military hackers target its govt networks
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
Bleeping Computer
Monday.com removes "Share Update" feature abused for phishing attacks
Project management platform Monday.com has removed its "Share Update" feature after threat actors abused it in phishing attacks.
The Cyber Express
International Baccalaureate Exam Hack Speculation Sparks Student Outrage
The International Baccalaureate Organization (IBO) confirmed a hacking incident, while clarifying that no ongoing exam papers were leaked despite claims
CyberNews
AI ethicists warn against haunting of ‘griefbots’
The emerging industry of “digital afterlives” will cause social and psychological harm, University of Cambridge researchers have warned.
The Cyber Express
Ascension Healthcare Hit by Cyberattack: Patients Wait Hours, Chaos Ensues
Ascension, one of the largest nonprofit healthcare systems in the United States, is facing disruptions in clinical operations due to
HACKRead
The Future of Phishing Email Training for Employees in Cybersecurity
The future of cybersecurity awareness lies in training programs. Discover the future of phishing email training, including gamification and AI.
Infosecurity News
Fake Online Stores Scam Over 850,000 Shoppers
Researchers discover 75,000+ domains hosting fraudulent e-commerce sites, in a campaign dubbed BogusBazaar
CyberNews
Neuralink’s brain implant malfunctions in patient's head
Elon Musk’s Neuralink has admitted part of its brain implant – already in a patient’s head – has malfunctioned, before adding there was no risk to the person’s safety.
The Cyber Express
Major Changes in NIST Cybersecurity Framework 2.0: Enhancements and Adoption Strategies
The NIST Cybersecurity Framework (CSF) is a framework designed to provide cybersecurity risk-management guidance to private and public industries, government
SecurityWeek
Zscaler Investigates Hacking Claims After Data Offered for Sale
Zscaler says its customer, production and corporate environments are not impacted after a notorious hacker offers to sell access.
CyberNews
Ascension Catholic hospitals in midst of possible cyberattack
Non-profit Ascension health systems tells business partners to disconnect from its networks after a suspected cyberattack disrupts operations at facilities across the US.
The Record
Federal agencies assisting Catholic health network amid cyberattack
Deputy National Security Advisor Anne Neuberger said the incident is an example of the need for more to be done to protect critical infrastructure.
Loading more articles....