The ransomware gang, dubbed Babuk after its strain of code, is a case study in how quickly crooks can learn the basics of digital extortion and how that breeds ambition for big corporate scalps.
Otorio, a provider of OT security and digital risk management solutions, released an open-source tool designed for hardening the security of GE Digital’s CIMPLICITY, a commonly used HMI/SCADA system.
The vulnerabilities, found in Geeni- and Merkury-branded security cameras and smart doorbells, would allow attackers to take full control of devices and remotely disable cameras in some cases.
Plex Media Server systems are actively being abused by DDoS-for-hire services as a UDP reflection/amplification vector in thousands of Distributed Denial of Service (DDoS) attacks.
A specially crafted network request can cause a loss of communications with the device resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
The US Defense Advanced Research Projects Agency (DARPA) has reported back on its first ever security bug bounty program, saying the scheme has highlighted strengths as well as weaknesses.
As security practitioners, we need to consider a wider variety of possibilities for misuse of data and systems in our care, not just those that affect the majority of people.
The ENISA released its report on pseudonymisation for personal data protection, providing a technical analysis of cybersecurity measures in personal data protection and privacy.
An exploitable integer overflow and heap-based buffer overflow vulnerabilities exists in the PlanMaker document-parsing functionality of SoftMaker Office 2021’s PlanMaker application.
According to a study by email security firm Avanan, email threats reported by users or other mechanisms take two to three hours of a SOC teams time per day, or 22.9% of a SOC team’s daily routine.