Cloud-native development practices are creating dangerous new security blind spots for organizations in the US, UK, France, and Germany, according to a new study from Venafi.
Dropper malware allows cybercriminals to install payloads on compromised devices. SecuriDropper disguises itself as harmless apps and uses a different Android API to install the payload, mimicking the process used by app marketplaces.
The FBI has attributed recent cryptocurrency hacks to North Korean-sponsored threat actors, highlighting the need for increased cybersecurity cooperation among liberal democracies in the Pacific.
An Iranian APT group known as Agrius has been targeting higher education and technology organizations in Israel with destructive attacks and wipers, including MultiLayer, PartialWasher, and BFG Agonizer, since January 2023.
According to a report by Sophos, the rate of data encryption following a ransomware attack in the healthcare sector has reached its highest level in the last three years.
The first vulnerability, tracked as CVE-2023-23368, allows remote attackers to execute commands via a network. The second vulnerability, identified as CVE-2023-23369, can also be exploited by remote attackers.
The Secure Future Initiative includes implementing secure default settings out of the box and using automation, AI, and memory-safe languages to develop software that is secure by design and default.
The European Data Protection Board has directed the Irish Data Protection Commissioner to restrict Meta platforms from using customer’s personal data for ad personalization, citing a violation of GDPR.
Researchers identified Russian-linked Turla APT deploying an updated version of the Kazuar backdoor, suggesting a revival of the malware after years of inactivity with improved code structure and enhanced functionality. The new version of the Kazuar backdoor supports over 40 distinct commands. The upgraded version of Kazuar reveals that Turla APT is making consistent efforts to […]
Public healthcare institutions in Singapore experienced disruptions in internet connectivity due to DDoS attacks. Synapxe, the agency overseeing these institutions, stated that there is no evidence of a compromise of healthcare or patient data.