The vulnerability, known as Downfall, exploits a technique used to increase performance in the x86 architecture. By sharing a small register buffer, different applications can inadvertently leave data that can be accessed by an attacker.
Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on other industries.
The Cybersecurity Strategic Plan for fiscal years 2024-2026 outlines the agency’s plans for achieving a future where damaging cyberattacks are rare, organizations are resilient, and technology is secure by design.
The phishing operation, originating from Russia but pretending to be Ukrainian, utilized a high-quality single-page application to create convincing websites and steal credit card and bank details.
Interestingly, the analysis also revealed that malicious attacks such as malware, phishing, and ransomware accounted for just a third (33%) of breaches reported to the ICO, versus 40% of incidents caused by insider threats.
A recent investigation by cybersecurity firm SentinelLabs has revealed that North Korean hackers have targeted a Russian missile engineering organization called NPO Mashinostroyeniya.
The State and Local Cybersecurity Grant Program (SLCGP), now in its second year, is a $1 billion fund with allocations spanning four years and specifically targeting state, local, and territorial government cyber resilience efforts.
Multiple vulnerabilities in the popular airline and hotel rewards platform points.com could have allowed attackers to access users’ personal information, security researchers warn.
Upon analyzing the attack code, Phylum uncovered that it utilized a combination of post-install hooks and pre-install scripts to trigger the execution of malicious code once the packages were installed.
Government organizations and public services are increasingly targeted by cyberattacks from both nation-states and cybercriminals, necessitating the need for stronger cybersecurity measures.