- A proxyjacking campaign is looking for vulnerable SSH servers
June 30, 2023
A researcher at Akamai has posted a blog about a worrying new trend -proxyjacking – where criminals sell your bandwidth to a third-party proxy service. To understand how proxyjacking works, we’ll need to explain a few things. There are several legitimate services that pay users to share their surplus Internet bandwidth, such as Peer2Profit and HoneyGain. ...
- Cyberattack knocks out satellite communications for Russian military
June 30, 2023
Dozor-Teleport, the satellite system’s operator, switched some users to terrestrial networks during the outage, according to JD Work, a cyberspace professor at the National Defense University. Analyst Doug Madory of Kentik, which monitors online traffic, said one network was taken over by Dozor’s parent company, Amtel-Svyaz, while three others remained down. The company did not release ...
- The Truth Behind Automation: Debunking the Top 4 Myths
June 30, 2023
How often have you heard the phrase, “We need to implement automation,” over the past year? And how many times have you invested in automation software only to find out it didn’t meet your specific requirements? The widespread adoption of digital transformation, accelerated since the onset of COVID, has created an urgent need for Information Security, ...
- CISA: DoS and DDoS Attacks against Multiple Sectors
June 30, 2023
CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against multiple organizations in multiple sectors. These attacks can cost an organization time and money and may impose reputational costs while resources and services are inaccessible. If you think you or your business is experiencing a DoS or DDoS attack, it ...
- New technique can defeat voice authentication “after only six tries”
June 30, 2023
Voice authentication is back in the news with another tale of how easy it might be to compromise. University of Waterloo scientists have discovered a technique which they claim can bypass voice authentication with “up to a 99% success rate after only six tries”. In fact this method is apparently so successful that it is said ...
- UK: Hacking gang BlackCat says it stole data trove from the Barts Health NHS Trust
June 30, 2023
A gang of cybercriminals says it has breached one of the UK’s largest hospital groups and is threatening to publish a trove of its confidential data. The gang, known as ALPHV or BlackCat, posted a statement on Friday claiming it had obtained seven terabytes of internal documents from the Barts Health NHS Trust, which manages five ...
- What is the FFIEC Cybersecurity Assessment Tool?
June 29, 2023
The FFIEC Cybersecurity Assessment Tool (CAT) is a diagnostic test designed to help institutions identify risks and gauge cybersecurity preparedness. The tool is primarily for financial and non-depository institutions, enabling organizations to make risk-driven security decisions informed by regular cybersecurity assessments and standardized risk measurement criteria. While it is voluntary, financial institutions have expressed concern that ...
- CISA Releases Nine Industrial Control Systems Advisories
June 29, 2023
CISA released nine Industrial Control Systems (ICS) advisories on June 29, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-180-01 Delta Electronics InfraSuite Device Master ICSA-23-180-02 Schneider Electric EcoStruxure ICSA-23-180-03 Ovarro TBox RTUs Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- 2023 CWE Top 25 Most Dangerous Software Weaknesses
June 29, 2023
The Homeland Security Systems Engineering and Development Institute, sponsored by the Department of Homeland Security and operated by MITRE, has released the 2023 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Weaknesses. The CWE Top 25 is calculated by analyzing public vulnerability data in the National Vulnerability Data (NVD) for root cause mappings to ...
- Paracetamol maker Granules India flags significant operations hit from cyber attack
June 29, 2023
Granules India on Thursday warned of a significant loss of revenue and profitability due to a cyber security attack that the pharmaceuticals company faced late last month. Due to significant changes in its IT systems, the IT security incident caused a major disruption in its business operations, the Paracetamol maker said in an exchange filing. Read more… Source: ...