Hackers targeted telecommunications companies in Thailand with a Linux remote access Trojan designed to attack different versions of the open-source kernel, researchers say. Dubbed "Krasue," the malware poses a "severe risk to critical systems and sensitive data," says Group-IB researchers.
Many government and higher ed organizations are focusing on log management to reduce risk, accelerate remediation, and comply with regulations. But logging can come with challenges, such as difficulties ingesting data, slow access to historical data, and tool sprawl.
Impersonated domains, spoofed URLs, phishing websites, typosquatting—the content on these malicious websites are leveraged by threat actors every day and can lead to big losses for brands.
AI is being used "by everyone" these days, including by malicious nation-state actors, and that is raising the level of threats and risks facing hospitals and other healthcare entities, said John Riggi, national adviser for cybersecurity and risk at the American Hospital Association.
AI weaponization, zero days, 'we the people' attacks - these are among the threats projected for 2024 in Fortinet's FortiGuard Labs’ 2024 Threat Predictions. Derek Manky shares insight and analysis on what to expect to defend against in the New Year.
Tool sprawl was an issue before digital transformation and the move to modernization. But now the challenge is amplified, says Jay Livens of Dynatrace. But there is an alternative to tool sprawl, Livens says. He describes a new approach to managing cybersecurity solutions.
Threat actors are exploiting another zero-day flaw in Cisco's IOS XE software to implant a malicious backdoor. The IOS XE operating system runs on a wide range of Cisco networking devices, including routers, switches, wireless controllers, access points and more.
The biggest challenges in threat detection and response today are the inability to cover the entire attack surface and a lack of insight into who is attacking and why. To address these issues, Cisco introduced Breach Protection, a suite of products that combines email, endpoint and XDR protection.
The violent surprise attack on Israel by Hamas and the region's escalating war spotlights the critical importance of situational awareness, and especially for healthcare organizations that rely on medical or tech products from Israeli technology firms, said Denise Anderson, president of the H-ISAC.
What kinds of training do security professionals need? The biggest skills gaps are soft skills - 55%, cloud computing - 47%, security controls - 35%, coding skills and software development - both at 30%, says ISACA's State of Cybersecurity 2023 survey of more than 2,000 security leaders globally.
Apple released patches Thursday to close three actively exploited vulnerabilities that researchers say commercial spyware maker Cytrox used to infect the iPhone of Egyptian politician Ahmed Eltantawy with Predator malware. The Citizen Lab attributes the attacks to the Egyptian government.
SentinelOne observed suspected cyberespionage actors of unknown origin using modular backdoors and highly stealthy tactics in August to target telecommunication companies in the Middle East, Western Europe and South Asia. The group, tracked as Sandman, is using the novel backdoor LuaJIT.
Federal authorities are warning of "significant risk" for potential attacks on healthcare and public health sector entities by the North Korean state-sponsored Lazarus Group involving exploitation of a critical vulnerability in 24 Zoho ManageEngine products.
Authorities are warning of threats posed by Akira, a ransomware group that surfaced in March and has been linked to dozens of attacks on small and midsized entities. The group is targeting many industries, including healthcare, and seems to favor entities that lack MFA on VPNs.
Multiple nation-state hacking groups have been exploiting known flaws in Zoho ManageEngine software and Fortinet firewalls to steal data, cybersecurity officials warn. A new alert details exploits of each vulnerability by separate groups that targeted the same aeronautical firm.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.