Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware
Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors […]
Security
Operation RusticWeb targets Indian Govt: From Rust-based malware to Web-service exfiltration
SEQRITE Labs APT-Team has uncovered a phishing campaign targeting various Indian government personnel since October 2023. We have also identified targeting of both government and private entities in the defence sector over December. New Rust-based payloads and encrypted PowerShell commands have been utilized to exfiltrate confidential documents to a web-based service engine, instead of a dedicated command-and-control (C2) server. With actively […]
The post Operation RusticWeb targets Indian Govt: From Rust-based malware to Web-service exfiltration appeared first on Blogs on Information Technology, Network & Cybersecurity | Seqrite.
Security
Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists
The Solntsepek group has taken credit for the attack. They’re linked to the Russian military, so it’s unclear whether the
Security
How to Generate CSR for Citrix NetScaler VPX?
Discover the seamless process of generating a Certificate Signing Request (CSR) for Citrix in this concise guide. Enhance the security
Analysing Data Breaches Caused by Human Error
A deep dive into the ICO’s numbers We often hear the terms ‘accidental breach’ and ‘internal threat’, but how common are these phenomena? To find out, we looked at the ICO’s (Information Commissioner’s Office) public data set, specifically looking into four data breach types caused by human error: Note that this data set only accounts for personal data breaches reported to the ICO, so it only reflects breaches affecting UK residents that were not just discovered, but also reported. Also note that this blog only accounts for the data from 2020–2022, because these are the only years the ICO has
The post Analysing Data Breaches Caused by Human Error appeared first on IT Governance UK Blog.
Security
Data leak exposes users of car-sharing service Blink Mobility
More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity
Google addressed a new actively exploited Chrome zero-day
Google has released emergency updates to address a new actively exploited zero-day vulnerability in the Chrome browser. Google has released
Security
German police seized the dark web marketplace Kingdom Market
The German police seized the dark web marketplace Kingdom Market as a result of an international law enforcement operation. The
Cybersecurity Tools
FBI Disrupts BlackCat Ransomware Threat Group Activity – The Essential Facts
The U.S. Justice Department (DoJ) announced on December 19th that the Federal Bureau of Investigations had disrupted the BlackCat ransomware threat group’s activity. The FBI offered a decryption tool to more than 500 affected victims. They also encourage potentially unknown BlackCat/ ALPHV victims to speak up. While the event is largely discussed across the cybersecurity […]
The post FBI Disrupts BlackCat Ransomware Threat Group Activity – The Essential Facts appeared first on Heimdal Security Blog.
Sam McNicholls-Novoa on CyberComply
Making compliance easy with our Cloud-based solution CyberComply is a Cloud-based, end-to-end solution that simplifies compliance with a range of cyber security and data privacy standards and laws, including ISO 27001, the GDPR (General Data Protection Regulation), and more. This SaaS (Software as a Service) will help you manage all your cyber security and data privacy obligations in one place. You will gain immediate visibility into critical data and key performance indicators, and stay ahead of regulatory changes. Recently, CyberComply has seen some major updates. But we’re not done yet – the development team is working hard behind the scenes
The post Sam McNicholls-Novoa on CyberComply appeared first on IT Governance UK Blog.