Source: www.infosecurity-magazine.com – Author: 1 Multiple UK councils have warned that citizens’ personal data may have been breached following a ransomware attack on a medical equipment supplier. Nottingham Rehab Supplies (NRS) Healthcare, which supplies health and care equipment numerous local authorities across the UK, was hit by a ransomware attack at the start of April […]

La entrada UK Councils Warn of Data Breach After Attack on Medical Supplier – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 A new banking Trojan targeting Android devices has been detected by Cyble Research and Intelligence Labs (CRIL), the research branch of threat intelligence provider Cycble. In a report published on May 16, CRIL described sophisticated malware incorporating a range of malicious features, including overlay attacks, keylogging and obfuscation capabilities. The […]

La entrada New Android Banking Trojan Mimics Google Play Update App – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Australian healthcare company MediSecure has suffered a “large scale” ransomware attack, putting individuals’ personal and health information at risk. The electronic prescriptions provider confirmed the incident in a statement on May 16, which it admitted has impacted the personal and health information of individuals. The company confirmed that the attack […]

La entrada Patient Data at Risk in MediSecure Ransomware Attack – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 UK organizations are trailing their European counterparts on time to remediate software flaws in the US Known Exploited Vulnerability (KEV) catalog, according to a new report from Bitsight. The security vendor reviewed the security posture of 1.4 million entities, excluding cloud and other service providers, to compile its report, A […]

La entrada UK Lags Europe on Exploited Vulnerability Remediation – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 The US authorities appear to have disrupted a notorious hacking forum, just days after a threat actor advertised data stolen from Europol on the site. Although there’s no official word on the action yet, screenshots posted to X (formerly Twitter) show a takedown notice featuring the logos of the FBI, […]

La entrada BreachForums Hacking Marketplace Taken Down Again – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 A cyber-attack has disrupted auction house Christie’s attempts to sell art and other high-value items worth an estimated $840m. Among the items up for auction are a Vincent van Gogh painting valued at $35m and a rare wine.  The cyber-attack has taken Christie’s website offline, possibly last week, preventing potential […]

La entrada Cyber-Attack Disrupts Christie’s $840M Art Auctions – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Cybersecurity researchers have unveiled a concerning trend in PDF exploitation, particularly targeting users of Foxit Reader.  Despite Adobe Acrobat Reader’s dominance in the market, Foxit Reader has emerged as a significant player, boasting over 700 million users worldwide, including major customers in both government and technology sectors. Check Point Research […]

La entrada PDF Exploitation Targets Foxit Reader Users – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 The UK National Cyber Security Centre (NCSC) has launched a new cyber defense service to help protect political candidates against spear-phishing, malware attacks and other cyber threats during the 2024 election cycle. The service, known as the Personal Internet Protection (PIP) offering, was announced at CyberUK 2024 in Birmingham and […]

La entrada NCSC Expands Election Cybersecurity to Safeguard Candidates and Officials – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Google has unveiled a new method to label text as AI-generated without altering it. This new feature, announced on May 14, has been integrated into Google DeepMind’s SynthID tool, which was already capable of identifying AI-generated images and audio clips. This method introduces additional information to the large language model […]

La entrada Google Expands Synthetic Content Watermarking Tool to AI-Generated Text – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Banking giant Santander has confirmed that customer and employee data has been breached following a compromise of a third-party provider. In a statement published on May 14, 2024, the bank revealed that “certain information” relating to customers of Santander Chile, Spain and Uruguay, as well as all current and some […]

La entrada Santander Customer Data Compromised Following Third-Party Breach – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 The technology market needs to be better incentivized to build cyber secure products, argues the CTO of the National Cyber Security Centre (NCSC), Ollie Whitehouse. Speaking in a keynote address on the second day of the CyberUK 2024 conference in Birmingham, Whitehouse said that companies globally know how to build […]

La entrada Current Market Forces Disincentivizing Cybersecurity, Says NCSC CTO – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Global CISOs are routinely belittled and dismissed as being overly negative by their board, according to new Trend Micro research highlighting a “credibility gap” within the function. The security vendor polled 2600 IT leaders with responsibility for cybersecurity to compile its latest report, The CISO Credibility Gap: How a Communication […]

La entrada A Third of CISOs Have Been Dismissed “Out of Hand” By the Board – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 System administrators have over 60 CVEs to address in the latest Microsoft Patch Tuesday, including three zero-day vulnerabilities. Of these three zero-day bugs, two have been actively exploited in the wild, the most prominent of which (CVE-2024-30051) has been used to deliver QuakBot and other malware. It is an elevation […]

La entrada Microsoft Fixes Three Zero-Days in May Patch Tuesday – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Since 2005, educational institutions in the United States have experienced 3713 data breaches, impacting over 37.6m records.  According to new data by Comparitech, 2023 marked a record year, with 954 breaches recorded – a dramatic rise from 139 in 2022 and 783 in 2021. This surge was primarily attributed to […]

La entrada Data Breaches in US Schools Exposed 37.6M Records – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Ebury, one of the most advanced server-side malware campaigns, has been active for 15 years but its use by threat actors is still growing, according to cybersecurity firm ESET. A new report published on May 14 by ESET Research showed that operators of the Ebury malware and botnet were more […]

La entrada Ebury Botnet Operators Diversify with Financial and Crypto Theft – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 The US telecoms regulator has named a malicious robocall group for the first time, in a bid to help international partners more effectively identify and block the actors behind it. The Federal Communications Commission (FCC) described “Royal Tiger” as a group of entities and individuals persistently facilitating robocall campaigns designed […]

La entrada FCC Names and Shames First Robocall Threat Actor – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 Critical vulnerabilities have been found within Cinterion cellular modems. Disclosed during a Kaspersky presentation at OffensiveCon in Berlin on May 11, these flaws could allow remote attackers to execute arbitrary code, posing a significant threat to the integrity of millions of industrial devices reliant on these modems. The identified vulnerabilities, including CVE-2023-47610, […]

La entrada Critical Vulnerabilities in Cinterion Modems Exposed – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 A recent incident involving an MS-SQL (Microsoft SQL) honeypot has shed light on the sophisticated tactics employed by cyber-attackers relying on Mallox ransomware (also known as Fargo, TargetCompany, Mawahelper, etc.). The honeypot, set up by the Sekoia research team, was targeted by an intrusion set utilizing brute-force techniques to deploy […]

La entrada Mallox Ransomware Deployed Via MS-SQL Honeypot Attack – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 A ransomware attack on US private healthcare giant Ascension has led to ambulances being diverted and patient appointments being postponed. Ascension confirmed the attack on May 9 after detecting unusual activity on select technology network systems on May 8. The healthcare provider, which operates 140 hospitals across the US, said […]

La entrada Ascension Ransomware Attack Diverts Ambulances, Delays Appointments – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 The Black Basta ransomware group and its affiliates compromised hundreds of organizations worldwide between April 2022 and May 2024, according to a new report from several US government agencies. The Joint Cybersecurity Advisory (CSA) was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Health and Human […]

La entrada Black Basta Ransomware Victim Count Tops 500 – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 A well-known threat actor is selling what they claim to be a legitimate trove of highly sensitive internal data stolen from Europol this month. “IntelBroker” took to hacking site BreachForums on Friday to advertise their wares. “In May 2024 Europol suffered a data breach and lead [sic] to the exposure […]

La entrada Threat Actor Claims Major Europol Data Breach – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 The UK’s AI Safety Institute has made its AI testing and evaluation platform available to the global AI community as of 10 May, 2024. The platform, called Inspect, is set to pave the way for the safe innovation of AI models, according to the AI Safety Institute and Department for […]

La entrada UK’s AI Safety Institute Unveils Platform to Accelerate Safe AI Development – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: www.infosecurity-magazine.com – Author: 1 As cybercriminals and threat actors increase their tooling and capabilities, new sophisticated attack techniques are emerging and it is vital that defenders stay abreast of this evolution. Daniel Blackford, senior manager, threat research at Proofpoint, explained: “A lot of money is following into the hands of bad actors, they’re being […]

La entrada RSAC: Experts Highlight Novel Cyber Threats and Tactics – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.