News
News
- July 06, 2023
06 Jul'23
JumpCloud invalidates API keys in response to ongoing incident
The cloud provider did not give any details about the incident that prompted a mandatory API key rotation, which might have caused service disruptions for customers.
- July 05, 2023
05 Jul'23
June saw flurry of ransomware attacks on education sector
As the school year culminated, ransomware attacks surged across K-12 schools and universities, causing class disruptions and putting sensitive data at risk.
- June 30, 2023
30 Jun'23
TSMC partner breached by LockBit ransomware gang
A cyber attack against Chinese systems integrator Kinmax led to the theft of TSMC proprietary data, which LockBit threatened to publish unless TSMC paid a $70 million ransom.
-
- June 28, 2023
28 Jun'23
DDoS attacks surging behind new techniques, geopolitical goals
A rise in massive DDoS attacks, some of which target the application layer and cause significant disruptions, might require new defense strategies from cybersecurity vendors.
- June 27, 2023
27 Jun'23
Censys finds hundreds of exposed devices in federal orgs
Censys found exposed instances of Progress Software's MoveIt Transfer and Barracuda Networks' Email Security Gateway appliances during its analysis of FCEB agency networks.
-
Sponsored News
-
Server Security in the Era of ChatGPT
Sponsored by Dell Technologies and Intel - The importance of security and compliance to applications and data environments cannot be overstated. A GenAI platform deployment is different from a typical infrastructure as a service (IaaS) implementation in terms of who holds the keys and who can read the data. Research by TechTarget's Enterprise Strategy Group has found that even cloud-first organizations are deploying some workloads on premises, rather than the cloud, due to concerns related to data governance and sovereignty (cited by 42% of respondents) and security (cited by 34%). These organizations understand the real potential for data leakage associated with GenAI. See More
-
Dell Technologies GenAI-validated Designs and Dell Reference Designs
Sponsored by Dell Technologies and Intel - It's important to have the right infrastructure in place to support generative AI solutions. The intent should be to keep control of both proprietary data and associated GenAI-related business outcomes. See More
-
Sustainability, AI and Dell PowerEdge Servers
Sponsored by Dell Technologies and Intel - When it comes to energy efficiency and sustainability in IT, rightsizing is critical. Optimizing the infrastructure model and the right hardware needed to run it should be the goal. See More
-
A Generative AI Use Case Brought to Life with Solutions from Dell Technologies
Sponsored by Dell Technologies and Intel - Generative AI is not science fiction. It is real. Implementing and using generative AI is a goal within reach of any organization, not just large technology-centric ones. According to research by TechTarget's Enterprise Strategy Group, 92% of organizations will have generative AI in production within the next year. IT vendors such as Dell Technologies are currently working to bring AI to businesses, organizations and institutions in a manner customized to their unique needs. See More
-
- June 27, 2023
27 Jun'23
ChatGPT users at risk for credential theft
As ChatGPT's user base continues to grow, Group-IB says threat actors have exploited stolen accounts to collect users' sensitive data and professional credentials.
- June 22, 2023
22 Jun'23
Apple patches zero days used in spyware attacks on Kaspersky
Two Apple zero days were used in the spyware campaign Kaspersky Lab named 'Operation Triangulation,' which was initially discovered on iOS devices of Kaspersky employees.
- June 21, 2023
21 Jun'23
Critical VMware Aria Operations bug under active exploitation
Reports of exploitation for a critical command injection flaw in VMware Aria Operations for Networks came roughly a week after a researcher published a proof-of-concept for it.
- June 21, 2023
21 Jun'23
May ransomware activity rises behind 8base, LockBit gangs
LockBit was the most active group last month, but NCC Group researchers were surprised by 8base, which started listing victims from attacks that occurred beginning in April 2022.
- June 20, 2023
20 Jun'23
Risk & Repeat: More victims emerge from MoveIt Transfer flaw
CISA last week said several federal agencies suffered data breaches resulting from a MoveIt Transfer zero-day vulnerability, though it's unclear what type of data was stolen.
-
- June 20, 2023
20 Jun'23
Attackers discovering exposed cloud assets within minutes
Cloud security vendor Orca Security used honeypots to learn more about how threat actors compromise cloud resources such as misconfigured AWS S3 buckets and GitHub repositories.
- June 19, 2023
19 Jun'23
Microsoft: DDoS attacks caused M365, Azure disruptions
Microsoft confirmed widespread service disruptions earlier this month were caused by layer 7 DDoS attacks by a threat group it identified as Storm-1359.
- June 16, 2023
16 Jun'23
U.S. government agencies breached via MoveIt Transfer flaw
CISA Director Jen Easterly said 'several' U.S. agencies suffered intrusions via their MoveIt Transfer instances, but have not seen significant effects from the attacks.
- June 15, 2023
15 Jun'23
Risk & Repeat: Mandiant sheds light on Barracuda ESG attacks
Barracuda Networks attempted to fix the critical ESG zero-day vulnerability, but a Chinese nation-state threat actor was able to maintain access on compromised devices.
- June 15, 2023
15 Jun'23
Chinese nation-state actor behind Barracuda ESG attacks
Mandiant said the zero-day attacks on Barracuda Email Security Gateway appliances were part of a 'wide-ranging campaign in support of the People's Republic of China.'
- June 14, 2023
14 Jun'23
State governments among victims of MoveIT Transfer breach
The Clop ransomware gang, which claimed responsibility for multiple data breaches tied to the MoveIT Transfer flaw, said it would delete data stolen from government agencies.
- June 13, 2023
13 Jun'23
AWS launches EC2 Instance Connect Endpoint, Verified Permissions
At re:Inforce 2023, AWS launched a new service that allows customers to connect to their EC2 instances through SSH and RDP connections, removing the need for a public IP address.
- June 13, 2023
13 Jun'23
Fortinet warns critical VPN vulnerability 'may' be under attack
Fortinet said the heap buffer overflow flaw might have been exploited already and warned that Chinese nation-state threat group Volt Typhoon would likely attack the vulnerability.
- June 13, 2023
13 Jun'23
Mandiant: New VMware ESXi zero-day used by Chinese APT
VMware said the ESXi flaw was 'low severity' despite being under active exploitation because it requires the attacker to already have gained root access on the target's system.
- June 12, 2023
12 Jun'23
MoveIT Transfer attacks highlight SQL injection risks
Security vendors say SQL injection flaws, like the zero-day vulnerability recently disclosed by Progress Software, can be challenging for companies to identify and resolve.
- June 08, 2023
08 Jun'23
Risk & Repeat: Moveit Transfer flaw triggers data breaches
Several organizations, predominantly in the U.K., have confirmed data breaches that stemmed from exploitation of the critical Moveit Transfer zero-day vulnerability.
- June 08, 2023
08 Jun'23
Barracuda: Replace vulnerable ESG devices 'immediately'
Customers with email security gateway appliances affected by a recent zero-day flaw, CVE-2023-2868, are being urged to replace devices, even if the hardware has been patched.
- June 08, 2023
08 Jun'23
MoveIt Transfer flaw leads to wave of data breach disclosures
Organizations that have confirmed a data breach tied to the critical MoveIt flaw disclosed in May include the government of Nova Scotia, the BBC and HR software firm Zellis.
- June 07, 2023
07 Jun'23
What generative AI's rise means for the cybersecurity industry
ChatGPT's moment in cybersecurity is significant for both technological and marketing reasons. Security analysts and experts have their own reasons why.
- June 06, 2023
06 Jun'23
Ransomware takes down multiple municipalities in May
City and local governments experienced severe disruptions to public services due to ransomware attacks in May, particularly from the Royal ransomware group.
- June 06, 2023
06 Jun'23
Verizon 2023 DBIR: Ransomware remains steady but complicated
Chris Novak, managing director of cybersecurity consulting at Verizon Business, said 2023 was a "retooling year" for ransomware threat actors adapted to improved defenses.
- June 05, 2023
05 Jun'23
Ransomware actors exploiting MoveIt Transfer vulnerability
Microsoft said the recently disclosed zero-day flaw in Progress Software's managed file transfer product is being exploited by threat actors connected to the Clop ransomware gang.
- June 01, 2023
01 Jun'23
Zyxel vulnerability under 'widespread exploitation'
Researchers warn that threat actors are widely exploiting an unauthenticated command injection vulnerability to target multiple Zyxel network devices.
- June 01, 2023
01 Jun'23
Zero-day vulnerability in MoveIt Transfer under attack
Rapid7 observed exploitation of a SQL injection vulnerability in Progress Software's managed file transfer product, which was disclosed this week but has not been patched.
- June 01, 2023
01 Jun'23
Mitiga warns free Google Drive license lacks logging visibility
The ability to view logs is critical for enterprises to detect and attribute malicious activity. Mitiga said the Google Drive issue allows data exfiltration without a trace.
- May 31, 2023
31 May'23
Barracuda zero-day bug exploited months prior to discovery
Barracuda said a zero-day flaw used to target its email security gateway appliance customers is a remote command injection vulnerability exploited since at least October 2022.
- May 31, 2023
31 May'23
Many Gigabyte PC models affected by major supply chain issue
Eclypsium researchers say the insecure implementation of PC hardware manufacturer Gigabyte's App Center could potentially result in supply chain attacks.
- May 30, 2023
30 May'23
Vendors: Threat actor taxonomies are confusing but essential
Despite concern about the proliferation of naming taxonomies used to identify threat groups, vendors say they are crucial their understanding and visibility into threat activity.
- May 25, 2023
25 May'23
Chinese hackers targeting U.S. critical infrastructure
Microsoft uncovered a Chinese nation-state threat group that is compromising Fortinet FortiGuard devices to gain access to critical infrastructure entities in the U.S. and Guam.
- May 25, 2023
25 May'23
Risk & Repeat: A troubling trend of poor breach disclosures
This Risk & Repeat episode covers three data breach disclosures from Dish Network, Gentex Corporation and Clarke County Hospital and the troubling trends that connect all three.
- May 24, 2023
24 May'23
Updated 'StopRansomware Guide' warns of shifting tactics
CISA's updates to the 'StopRansomware Guide' address shifts in the threat landscape as more threat actors skip the encryption step and focus on data theft and extortion.
- May 24, 2023
24 May'23
Barracuda discloses zero-day flaw affecting ESG appliances
Barracuda Networks said threat actors exploited the zero-day to gain 'unauthorized access to a subset of email gateway appliances,' though it did not say how many.
- May 23, 2023
23 May'23
Threat actors leverage kernel drivers in new attacks
Fortinet detailed a campaign using a malicious driver in attacks against organizations in the Middle East, and Trend Micro detailed a driver-based attack by BlackCat ransomware.
- May 22, 2023
22 May'23
Iowa hospital discloses breach following Royal ransomware leak
Clarke County Hospital revealed that it took network services offline after an attack in April, but did not address the reported data leak by the Royal ransomware gang.
- May 19, 2023
19 May'23
Dish 'received confirmation' ransomware gang deleted stolen data
A line in Dish Network's breach notification sent to affected employees this week suggested the satellite TV provider had paid a ransomware gang to delete stolen data.
- May 18, 2023
18 May'23
Acronis adds EDR to endpoint security
Acronis EDR uses Intel threat detection technology to uncover sophisticated attacks, such as fileless malware, but it also has to compete in a crowded market.
- May 18, 2023
18 May'23
Gentex confirms data breach by Dunghill ransomware actors
The Dunghill ransomware gang last month claimed responsibility for an attack against Gentex Corporation, which confirmed this week that it suffered a breach several months ago.
- May 17, 2023
17 May'23
KeePass vulnerability enables master password theft
KeePass developer Dominik Reichl said the vulnerability should be fixed in KeePass version 2.54, which is expected to release in July along with other security updates.
- May 16, 2023
16 May'23
Chinese APT exploits TP-Link router firmware via implant
Check Point Software Technologies said the malicious implant, which it attributed to Chinese APT "Camaro Dragon," was firmware agnostic and could be used against other vendors.
- May 16, 2023
16 May'23
Coalition: Employee actions are driving cyber insurance claims
After analyzing cyber insurance claims data, Coalition determined that phishing escalated in 2022, ransomware dropped and timely patching remained a consistent problem.
- May 15, 2023
15 May'23
CrowdStrike warns of rise in VMware ESXi hypervisor attacks
As enterprise adoption of virtualization technology increases, CrowdStrike has observed a rise in ransomware attacks on servers running VMware's ESXi bare-metal hypervisors.
- May 12, 2023
12 May'23
Bl00dy ransomware gang targets schools via PaperCut flaw
The Bl00dy ransomware gang is targeting schools via a critical remote code execution flaw present in unpatched instances of PaperCut MF and NG print management software.
- May 12, 2023
12 May'23
Experts question San Bernardino's $1.1M ransom payment
While no public safety services were compromised in the ransomware attack on San Bernardino County's Sheriff's Department, the government opted to $1.1 million to threat actors.
- May 10, 2023
10 May'23
CISOs face mounting pressures, expectations post-pandemic
Proofpoint's 2023 Voice of the CISO report shows deep concern among executives about impending data loss and exposure from negligent -- and malicious -- employees.
- May 10, 2023
10 May'23
Dragos discloses blocked ransomware attack, extortion attempt
Dragos Inc. published a blog post that outlined a likely ransomware attack it stopped this week, though a threat actor obtained 'general use data' for new hires.
- May 10, 2023
10 May'23
Akamai bypasses mitigation for critical Microsoft Outlook flaw
Enterprises might remain vulnerable to a critical Outlook flaw that Microsoft patched in March, as an Akamai researcher uncovered a way to bypass remediation efforts.
- May 09, 2023
09 May'23
Risk & Repeat: Ex-Uber CSO Joe Sullivan sentenced
This podcast episode covers the sentencing of former Uber CSO Joe Sullivan over the 2016 breach cover-up, and what it means for other security executives and the industry at large.
- May 08, 2023
08 May'23
Intel BootGuard private keys leaked following MSI hack
Intel said it was "actively investigating" reports that OEM BootGuard keys were stolen and leaked by ransomware actors following a breach at motherboard maker MSI
- May 08, 2023
08 May'23
Western Digital confirms ransomware actors stole customer data
Western Digital issued an update late Friday that confirmed customer data was stolen in an attack for which Alphv ransomware actors claimed responsibility.
- May 05, 2023
05 May'23
Former Uber CSO Joe Sullivan avoids jail for breach cover-up
A U.S. district judge sentenced former Uber security chief Joe Sullivan to three years of probation and 200 hours of community service for his role in the 2016 breach cover-up.
- May 04, 2023
04 May'23
Cybersecurity execs ponder software liability implementation
Reactions to the Biden Administration's push for legislation enforcing software liability were mostly positive, but questions remain regarding implementation.
- May 04, 2023
04 May'23
Ransomware attack disrupts Dallas police, city services
The city said less than 200 government devices were compromised by the Royal ransomware attack, though it's unclear if threat actors exfiltrated sensitive data.
- May 04, 2023
04 May'23
Ransomware gangs display ruthless extortion tactics in April
Ransomware groups are pressuring enterprises into paying with harsher extortion tactics, contacting individual victims directly and leaking stolen photos and video footage.
- May 03, 2023
03 May'23
Google rolls out passkeys in service of passwordless future
Google referred to its new passkey option, which features facial recognition, fingerprint and PIN-based authentication, as 'the beginning of the end of the password.'
- May 03, 2023
03 May'23
Studies show ransomware has already caused patient deaths
No patient deaths have been definitively attributed to cyber attacks on hospitals, but some infosec experts say that statistical evidence shows a different, grim reality.
- May 02, 2023
02 May'23
CrowdStrike focuses on ChromeOS security, rising cloud threats
Raj Rajamani, CrowdStrike's chief product officer of data, identity, cloud and endpoint security, said ChromeOS devices are gaining increasing adoption in the enterprise space.
- May 02, 2023
02 May'23
Risk & Repeat: Security industry bets on AI at RSA Conference
This podcast episode covers the focus on AI-powered security products and uses at RSA Conference 2023 in San Francisco last week, as well as other trends at the show.
- May 01, 2023
01 May'23
1Password execs outline shift to passwordless authentication
1Password CEO Jeff Shiner and Anna Pobletts, head of passwordless, discuss the power of passkeys, the adoption challenges ahead, and the threat of generative AI attacks.
- April 28, 2023
28 Apr'23
ChatGPT uses for cybersecurity continue to ramp up
The use of OpenAI's technology in cybersecurity products is growing as companies look to improve threat detection and assist short-staffed and fatigued security teams.
- April 27, 2023
27 Apr'23
Secureworks CEO weighs in on XDR landscape, AI concerns
Secureworks CEO Wendy Thomas talks with TechTarget Editorial about the evolution of the threat detection and response market, as well as the risks posed by new AI technology.
- April 26, 2023
26 Apr'23
CISA aims to reduce email threats with serial CDR prototype
CISA officials at RSA Conference 2023 showed off a prototype designed to measure the risk of suspicious files and remove them from email and web services.
- April 26, 2023
26 Apr'23
How ransomware victims can make the best of a bad situation
At RSA Conference 2023, Mandiant's Jibran Ilyas provided tips for ransomware victims that decide to pay, including a list of counterdemands to make to the threat actors.
- April 26, 2023
26 Apr'23
CrowdStrike details new MFA bypass, credential theft attack
At RSA Conference 2023, CrowdStrike demonstrated an effective technique that a cybercrime group used in the wild to steal credentials and bypass MFA in Microsoft 365.
- April 25, 2023
25 Apr'23
RSAC panel warns AI poses unintended security consequences
A panel of experts at RSA conference 2023 warned of hallucinations and inherent biases but also said generative AI can assist in incident response and other security needs.
- April 25, 2023
25 Apr'23
Rising AI tide sweeps over RSA Conference, cybersecurity
AI is everywhere at RSA Conference 2023, though experts have differing views about why the technology has become omnipresent and how it will best serve cybersecurity.
- April 25, 2023
25 Apr'23
RSAC speaker offers ransomware victims unconventional advice
Triton Tech Consulting CEO Brandon Clark advised organizations to set aside the stigma of 'negotiating with terrorists' when deciding whether to pay a ransomware gang.
- April 25, 2023
25 Apr'23
Bugcrowd CTO talks hacker feedback, vulnerability disclosure
Bugcrowd CTO Casey Ellis said the company's new penetration testing service helps establish the company beyond public perception of it being purely a bug bounty platform.
- April 25, 2023
25 Apr'23
Google, Mandiant highlight top threats, evolving adversaries
Enterprises are struggling to keep up as adversary groups improve tactics. But one of the most difficult groups to defend against, according to Google and Mandiant, was a surprise.
- April 25, 2023
25 Apr'23
DOJ's Monaco addresses 'misperception' of Joe Sullivan case
In her RSA Conference keynote, Deputy Attorney General Lisa Monaco was asked if the prosecution of former Uber CSO Joe Sullivan damaged trust with the private sector.
- April 24, 2023
24 Apr'23
IBM launches AI-powered security offering QRadar Suite
IBM aims to use QRadar Suite's AI features, which it calls the 'unified analyst experience,' to enable security analysts to focus on higher-priority work.
- April 24, 2023
24 Apr'23
RSA Conference 2023 highlights strength through alliances
Follow this RSA 2023 guide from TechTarget Editorial to get pre-conference coverage and stay on top of breaking news and analysis from the infosec world's biggest annual event.
- April 20, 2023
20 Apr'23
Fortra completes GoAnywhere MFT investigation
An investigation around the zero-day attack that affected a growing number of victims revealed that activity started earlier than Fortra initially reported.
- April 20, 2023
20 Apr'23
DC Health Link breach caused by misconfigured server
Mila Kofman, executive director of the District of Columbia Health Benefit Exchange Authority, blames "human error" for the DC Health Link breach.
- April 20, 2023
20 Apr'23
Mandiant: 3CX breach caused by second supply chain attack
Trading Technologies said in a statement it had 'not had the ability to verify the assertions in Mandiant's report' that its software played a role in the 3CX supply chain attack.
- April 19, 2023
19 Apr'23
Point32Health confirms service disruption due to ransomware
A ransomware attack interrupted access to services provided by one of New England's largest healthcare insurers, though the scope of affected customers and data remains unknown.
- April 18, 2023
18 Apr'23
Mandiant: 63% of breaches were discovered externally in 2022
Mandiant said the 2022 increase is most likely affected by the threat intelligence firm proactively investigating threat activity targeting Ukraine last year.
- April 13, 2023
13 Apr'23
Western Digital restores service; attack details remain unclear
While Western Digital confirmed that it suffered a data breach on March 26, the storage company has not offered details about the attack scope or whether ransomware was involved.
- April 13, 2023
13 Apr'23
Hacking Policy Council launches, aims to improve bug disclosure
Founding members for the Hacking Policy Council, launched Thursday by the Center for Cybersecurity Policy and Law, include HackerOne, Bugcrowd, Google and others.
- April 12, 2023
12 Apr'23
OpenAI launches bug bounty program with Bugcrowd
ChatGPT publisher OpenAI said its new Bugcrowd bug bounty program will not accept submissions involving "issues related to the content of model prompts and responses."
- April 12, 2023
12 Apr'23
Nokoyawa ransomware exploits Windows CLFS zero-day
The Nokoyawa ransomware attacks highlight the growing use of zero-day exploits by a variety of threat groups, including financially motivated cybercriminals.
- April 11, 2023
11 Apr'23
FTX bankruptcy filing highlights security failures
Debtors claim that defunct cryptocurrency exchange FTX lacked any dedicated security personnel and failed to implement critical access controls for billions of dollars in assets.
- April 11, 2023
11 Apr'23
Recorded Future launches OpenAI GPT model for threat intel
The new OpenAI GPT model was trained on Recorded Future's large data set and interprets evidence to help support enterprises struggling with cyberdefense.
- April 07, 2023
07 Apr'23
Microsoft, Fortra get court order to disrupt Cobalt Strike
Microsoft, Fortra and the Health Information Sharing and Analysis center announced they obtained a court order in an effort to curb malicious Cobalt Strike use.
- April 06, 2023
06 Apr'23
119 arrested in Genesis Market takedown
The FBI and Dutch National Police led the takedown of Genesis Market alongside more than a dozen partners, including the U.K., Italy, Spain and Romania.
- April 05, 2023
05 Apr'23
42% of IT leaders told to maintain breach confidentiality
While transparency and prompt reporting are important steps following an attack, Bitdefender found that many IT professionals were told to maintain confidentiality after a breach.
- April 04, 2023
04 Apr'23
March ransomware disclosures spike behind Clop attacks
The Clop ransomware gang claimed responsibility for several disclosed ransomware attacks on major enterprises, which stemmed from a zero-day flaw in Fortra's GoAnywhere software.
- April 04, 2023
04 Apr'23
Risk & Repeat: Inside the 3CX supply chain attack
This podcast episode discusses the 3CX supply chain attack, where it may have started, who was behind it and how the unified communications vendor has responded to the incident.
- April 03, 2023
03 Apr'23
Source of 3CX supply chain attack unclear as fallout continues
Multiple statements originally referenced a third-party library as the apparent source for 3CX's recent supply chain attack, but that may no longer be the case.
- April 03, 2023
03 Apr'23
Why medical device vulnerabilities are hard to prioritize
Vulnerabilities in critical medical devices could lead to loss of life. But opinions are mixed on how serious the risk is to patient safety and how best to address the flaws.
- March 30, 2023
30 Mar'23
3CX desktop app compromised, abused in supply chain attack
3CX customers noticed that several threat detection platforms began flagging and blocking the UC vendor's desktop application last week due to malicious activity in the executable.
- March 30, 2023
30 Mar'23
Azure Pipelines vulnerability spotlights supply chain threats
Legit Security researchers discovered a remote code execution flaw within Microsoft's Azure DevOps platform that could give threat actors complete control of development pipelines.
- March 29, 2023
29 Mar'23
Google: Spyware vendors exploiting iOS, Android zero days
Recent campaigns observed by Google's Threat Analysis Group showed spyware vendors' use of zero days and known vulnerabilities pose an increasing threat.
- March 28, 2023
28 Mar'23
Microsoft launches AI-powered Security Copilot
Microsoft Security Copilot is an AI assistant for infosec professionals that combines OpenAI's GPT-4 technology with the software giant's own cybersecurity-trained model.
- March 28, 2023
28 Mar'23
Publicly disclosed U.S. ransomware attacks in 2023
TechTarget Editorial's ransomware database collects public disclosures, notifications and confirmed reports of attacks against U.S. organizations each month.
- March 27, 2023
27 Mar'23
Zoom launches Okta Authentication for E2EE to verify identity
Authenticated Zoom attendees will get a blue shield icon next to their participant name to give enterprises additional security during sensitive meetings.