Colonial hack: How did cyber-attackers shut off pipeline?
Attacks on critical national infrastructure are an increasing concern, experts say......»»
Effective strategies for measuring and testing cyber resilience
In this Help Net Security interview, Detective Superintendent Ian Kirby, CEO of the National Cyber Resilience Centre Group (NCRCG), discusses the emerging cyber threats and strategies organizations can use to increase cyber resilience. He emphasizes.....»»
Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)
Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in.....»»
VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)
Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the first time and could allow attackers to achieve remote code execution. The v.....»»
Netflix closes its star-studded AAA studio before it announces a game
Netflix has reportedly shut down a star-studded internal studio that was working on a new AAA IP......»»
Nobel economics prize: How colonial history explains why strong institutions are vital to a country"s prosperity
This year's Nobel memorial prize in economics has gone to Daron Acemoglu and Simon Johnson of the Massachusetts Institute of Technology and James Robinson of the University of Chicago for their work on why there are such vast differences in prosperit.....»»
Texas natural-gas pipeline eases bottlenecks, paves way for higher shale output
Texas natural-gas pipeline eases bottlenecks, paves way for higher shale output.....»»
Israeli orgs targeted with wiper malware via ESET-branded emails
Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanc.....»»
Microsoft lost some customers’ cloud security logs
Microsoft has lost several weeks of cloud security logs that its customers rely on to spot cyber intrusions. What happened As reported by Business Insider earlier this month, Microsoft privately notified affected customers of this incident and told t.....»»
Arrested: USDoD, Anonymous Sudan, SEC X account hacker
Law enforcement agencies have arrested suspects involved in cyber attacks claimed by USDoD and Anonymous Sudan, as well as a person involved in the hacking of SEC’s X (Twitter) account. USDoD On Wednesday, the Brazilian federal police (Policia.....»»
China cyber pros say Intel is installing CPU backdoors on behalf of NSA
China says the NSA has been installing backdoors in Intel CPUs for over a decade......»»
The role of compromised cyber-physical devices in modern cyberattacks
Cyber-physical devices are increasingly getting compromised and leveraged by criminal groups and state-sponsored threat actors. Fyodor Yarochkin, Senior Threat Solution Architect with Trend Micro, believes that getting a better understanding of attac.....»»
Fake Google Meet pages deliver infostealers
Users of the Google Meet video communication service have been targeted by cyber crooks using the ClickFix tactic to infect them with information-stealing malware. Fake Google Meet video conference page with malicious ClickFix pop-up (Source: Sekoia).....»»
"Nature markets" may help preserve biodiversity—but they risk repeating colonial patterns of Indigenous exploitation
As the latest global biodiversity summit gets underway in Colombia, finance for the conservation and restoration of nature is one of the key themes of negotiations......»»
Oil company Phillips 66 says it will shut down Los Angeles-area refinery
Oil company Phillips 66 says it will shut down Los Angeles-area refinery.....»»
Attackers deploying red teaming tool for EDR evasion
Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The software, which is intended for red teaming, is being abused to “silence.....»»
Data breaches trigger increase in cyber insurance claims
Cyber claims have continued their upwards trend over the past year, driven in large part by a rise in data and privacy breach incidents, according to Allianz. Cyber claims frequency exceeds €1 million The frequency of large cyber claims (>€1 mill.....»»
How nation-states exploit political instability to launch cyber operations
In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry, discusses the impact of geopolitical tensions on the frequency and sophistication of cyberattacks. He explains how nation-states a.....»»
Protecting the Olympics from cyber-attacks is no mean feat of athleticism
Protecting the Olympics from cyber-attacks is no mean feat of athleticism.....»»
EU adopts Cyber Resilience Act to secure connected products
The EU Council has adopted the Cyber Resilience Act (CRA), a new law that aims to make consumer products with digital components safe(r) to use. CRA requirements The CRA outlines EU-wide cybersecurity standards for digital products, i.e. products tha.....»»
DORA regulation’s nuts and bolts
The frequency, sophistication, and impact of cyber-attacks on financial institutions have been rising. Given the economic system’s interconnected nature, disruptions in one institution can have cascading effects on the broader financial market,.....»»