AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyberpills.news

DDoS attacks and legal challenges test the Internet ArchiveThe technical and legal challenges faced by the Internet Archive: between cybersecurity and copyright battlesThe Internet Archive is under DDoS attack, causing disruptions to services such as the Wayback Machine. Despite the disruptions, the data is safe. The attacks come at a critical time for the organization, which is already embroiled in legal disputes over alleged copyright violations.

EU ATM malware threatens lenders around the worldThe threat of automated malware on ATMsThe "EU ATM Malware" is malicious software that affects ATMs of various brands, with a 99% success rate. Automated and versatile, it threatens global banking security. Banks must update their defenses to counter this threat.

Netflix and proactive cybersecurity collaborationStrategic collaboration between Netflix and the ethical hacker community to improve securityNetflix has paid out more than $1 million through its bug bounty program to incentivize experts to report vulnerabilities. This strategy improves the security of the platform and demonstrates the company's commitment to protecting its users.

An uncertain future for cybersecurity in EuropeEuropean initiatives and investments to strengthen cybersecurity and close the skills gapIn Italy and Europe there is a shortage of skills in cybersecurity. Initiatives such as those of ENISA and the G7 community in Rome seek to respond to this challenge. The European Commission invests millions in training and resilience against cyber attacks.

The challenges of digital identity management in the age of cybersecurityThe evolution of IAM solutions to counter modern cyber threatsDigital identity is critical to IT security. Organizations must protect credentials from attacks using technologies such as multi-factor authentication (MFA) and biometrics. AI and blockchain are the future for improving the management and security of digital identities.

ShrinkLocker: malicious use of BitLocker in latest ransomware variantA new threat uses Windows security features to lock down entire memory drivesShrinkLocker is a new ransomware that uses Windows BitLocker to encrypt entire hard drives, making it difficult to access data without a recovery key. Companies must strengthen security and backup policies to prevent and mitigate such attacks.

Security strategies and challenges in modern surveillance camerasSolutions and practices to ensure the cybersecurity of surveillance camerasSurveillance cameras are essential for security, but vulnerable to cyber-attacks. It is crucial to update firmware, use encryption, firewalls and security training for users to protect monitored data and environments from unauthorized access.

Cybersecurity strategies for the Paris 2024 OlympicsChallenges and solutions to ensure cybersecurity of global sporting eventsThe article examines cybersecurity for the Paris 2024 Olympics, the importance of data in the sporting world, the solidarity projects of the Yellow Flames and the proposals for an Authority that monitors the accounts of professional clubs in sport.

Microsoft services crisis: causes, impacts and recovery strategiesRecent technical issues trigger a reliability and continuity crisis for essential Microsoft servicesRecent technical issues have affected Microsoft services like Bing and ChatGPT, causing significant outages. The cause may be a network or configuration error. Microsoft is working to resolve and improve the resilience of services, also involving third parties such as DuckDuckGo.

Implementation and management of personal data security in organizationsChallenges and strategies for the data controllerThe data controller ensures the security of the information through technical and organizational measures, contracts with suppliers, and the use of tools such as ISMS. It must also educate staff and respond quickly to incidents.

Netflix addresses a critical vulnerability in its big data orchestration servicesNetflix successfully addresses a critical security flawNetflix has addressed a critical vulnerability in its Big Data services that could allow unauthorized access to sensitive data. The company worked with experts to quickly resolve the issue and continues to invest in advanced security technologies to prevent future risks.

Google vs. Microsoft: cybersecurity battle intensifiesCompetition between giants: Google denounces Microsoft's vulnerabilities and proposes Workspace as a more secure solutionGoogle criticized Microsoft's security after a hack, promoting its own Workspace as an alternative. It also launched aggressive offers to attract customers. Microsoft responded with the "Secure Future" initiative to improve security and regain trust.

LockBit: infiltration into the systems of the University of SienaAn overview of the cyber attack on the University of Siena and the implications for academic securityLockBit attacked the University of Siena, compromising sensitive data and threatening to disclose it if their demands are not met. This highlights the need to improve cybersecurity, especially in academic institutions that handle valuable data.

Cyber security in the UK: current challenges and response strategiesAn in-depth assessment of current cyber threats and countermeasures in the UKThe UK DSIT's "Cybersecurity Breaches Survey 2024" report finds that many businesses and non-profit organizations have suffered cyber attacks, especially phishing. Security measures are still lacking, with concerns about supply chain risks and variable attention to security.

USB devices and advanced tools for cybersecurity testingAnalysis of malicious USB devices and penetration testing toolsRubber Ducky and BadUSB exploit USB vulnerabilities to perform quick scripted attacks. Pineapple WiFi intercepts WiFi traffic by creating cloned networks. The Proxmark3 clones RFID/NFC cards. The Bash Bunny performs advanced USB attacks with custom scripts, useful in security testing.

Understanding Ransomware-as-a-Service (RaaS)Advanced strategies to defend against RaaS threats and reduce business risksRansomware-as-a-Service (RaaS) allows anyone to launch ransomware attacks. To defend yourself, it is essential to educate employees, take regular backups, use advanced security technologies and collaborate with other organizations to share threat intelligence.

Severe cyber attack on WebTPA exposes sensitive data of millions of usersThe incident puts the privacy and security of millions of people, including customers and business partners, at riskA data breach hit WebTPA, exposing the personal information of 2.4 million people. The company is working to resolve the issue and offers credit monitoring services. Victims should check their finances and update passwords for safety.

CyberArk Enhances Its Capabilities by Acquiring Venafi for $1.54 BillionThe acquisition aims to combine privileged access management and machine identity protection expertise, enhancing the offering of integrated security solutions for enterprisesCyberArk acquires Venafi for $1.54 billion. The integration of Venafi's solutions enhances machine identity security by combining cryptographic keys and certificates with CyberArk's privileged access management, improving enterprise IT protection.

The importance of cybersecurity in web hostingAdvanced security and recovery solutions for optimal data protection in web hostingIn an age of growing cyber threats, security in web hosting services is essential. Key points include 24/7 technical support, use of HTTPS and SSL certificates, and backup and disaster recovery plans to ensure protection and business continuity.

Legislative changes on cybersecurity: new sanctions and notification obligationsNew regulations to strengthen cybersecurity in public administrations and the private sectorNew laws toughen penalties for unauthorized access to computer systems and oblige public administrations to notify attacks to the National Cybersecurity Agency within 24 hours, under penalty of heavy fines. Plus, they promote encryption and enhance cybersecurity roles.

Global threat: serious security flaw discovered in the IEEE 802.11 Wi-Fi standardNew flaw in the IEEE 802.11 Wi-Fi standard exposes the security of global networks to serious risksA team of researchers from KU Leuven has discovered a vulnerability in the IEEE 802.11 Wi-Fi standard that allows hackers to create fake access points and intercept data traffic. This issue, known as CVE-2023-52424, affects billions of Wi-Fi devices.

Innovative collaboration between Apple and Google to secure user privacyA new standard for detecting unknown trackers on iOS and AndroidApple and Google collaborated to create a standard called “Detecting Unwanted Location Trackers” to alert iOS and Android users when they detect unknown Bluetooth trackers, thus improving privacy protection against unauthorized tracking.

The fundamental aspects of computer security in everyday lifeProtection and prevention: how to safeguard personal data in the digital worldIn a digitalized world, online security is crucial. Signs of attacks include slowdowns and unknown files. Protecting yourself with antivirus, strong passwords and regular updates is essential. Specific insurance policies can offer additional financial protection.

Black Basta hits Synlab: analysis of the attack and cybersecurity lessons for the healthcare sectorCyber defense strategies: how to protect healthcare infrastructures from ransomwareA hacker group called Black Basta stole and published health data from Synlab, a large medical company in Italy. Using ransomware and phishing, they have caused serious risks to patients. Synlab has decided not to pay ransoms and is notifying affected patients.

Botswana Cyber Revolution Summit 2024 announcementGlobal experts gather to define the future of cybersecurity in the heart of AfricaThe “Botswana Cyber Revolution Summit 2024” will be held on August 9 in Gaborone, bringing together cybersecurity experts to discuss innovations and trends in the industry.

Announcement of CYBSEC-EXPO, new cybersecurity fairMediapoint & Exhibitions inaugurates an event focused on the latest IT security solutions at an international levelCYBSEC-EXPO is a new event in Italy dedicated to cybersecurity, scheduled from 29 to 31 May 2024 in Piacenza. It will focus on solutions to protect critical infrastructures from cyber attacks.

Introduction to Hackbat: revolutionary pentesting toolFind out how Hackbat is transforming the approach to cybersecurity testingThe article introduces Hackbat, a new open source pentesting device based on Raspberry Pi Pico W, used to perform ethical vulnerability testing on computer systems.

Google releases an emergency update for ChromeUrgent update to fix critical vulnerability in Chrome, users advised to install it immediatelyGoogle has released an urgent update for Chrome due to a serious vulnerability, CVE-2024-4671, which allows attackers to execute arbitrary code. We recommend that you upgrade your browser.

Leak of sensitive data from Europol according to hacker claimsArtificial intelligence and preventive measures at the center of the cybersecurity debateA hacker hacked Europol data and put it up for sale on an online forum. Confidential data was exposed, including employee personal details and internal documents.

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concernsDell suffered a cyber attack that exposed the data of 49 million customers, including names and addresses. The information was sold online. Dell advises customers to be vigilant for suspicious activity.

Microsoft strengthens cybersecurityNew policies and accountability measures to strengthen cybersecurity at MicrosoftMicrosoft has introduced new security policies, tying executive bonuses to security goals achieved, in response to recent criticism and hacker attacks.

"Emerging Threat: Social Media Platforms Vulnerable to New Exploit"New critical exploit discovered that threatens the security of millions of users of social platformsA 0day exploit found on the dark web allows access to Facebook and Instagram, bypassing two-step verification. Originally offered at $1000, it now costs $300.

Surge in RedLine infections in 2023 according to Kaspersky LabA detailed analysis reveals the escalation of attacks and sophisticated techniques for stealing personal and financial dataThe article discusses the growth of RedLine malware, a program that steals sensitive data and infected 10 million systems in 2023, accounting for 55% of cyber attacks.

Critical VPN flaw discovered: the TunnelVision attackA new type of DHCP attack threatens the security of VPN networks by exposing user dataResearchers have discovered a vulnerability, called TunnelVision, in VPNs that allows data to be diverted and intercepted using the DHCP protocol. They recommend using personal hotspots and virtual machines to protect yourself.

BogusBazaar: millions stolen through fraudulent e-commerceDeciphered the system of large-scale scams, with the use of advanced technologies for theft of financial dataThe article describes the case of "BogusBazaar", a network of 75,000 fake online shops that defrauded via sites that stole credit card data, with ongoing investigations and advice to avoid similar frauds.

An EU step forward against cyber stalkingNew EU measures to tackle gender-based violence and strengthen protection for victimsThe European Commission has introduced a directive that criminalizes crimes such as cyber stalking and revenge porn, as well as serious abuses such as female genital mutilation. Penalties vary from 1 to 5 years.

Dirty Stream: Microsoft identifies new attack on AndroidA new cyber threat threatens the security of Android users through compromised applicationsMicrosoft has discovered a vulnerability in Android devices called "Dirty Stream", which allows attackers to alter data between apps, causing risks such as data theft.

McAfee introduces update to deepfake detection technologyMcAfee and Intel join forces to address the growing threat of deepfakes with cutting-edge solutionsMcAfee and Intel have improved deepfake detection technology, integrating artificial intelligence into Intel Core processors to increase privacy and performance.

Make it critical in Dropbox's e-signature serviceViolation of the electronic signature system exposes sensitive dataDropbox suffered a security breach that exposed sensitive user data of its Dropbox Sign service, including emails, phone numbers and passwords. Measures have been taken to mitigate the problem.

Strategies and developments for the future of innovation in ItalyTowards a more innovative and safe Italy: advancement strategies and future challengesThe article discusses the importance of innovation and digitalisation in Italy, highlighting government and EU support, the importance of cybersecurity and responding to global conflicts through innovation.

The Akira phenomenon: analysis of the ransomware that shook 2023An in-depth analysis of the impact and techniques of the most dangerous ransomware of 2023The article discusses the Akira ransomware, which emerged in 2023, affecting 250 entities, demanding ransoms of up to $42 million. It uses advanced methods such as vulnerability exploits and phishing to infiltrate and spread within networks.

Kapeka: the new cyber threat from RussiaDiscovering and analyzing a new global cybersecurity challengeThe Kapeka backdoor, identified by WithSecure, is a threat to Windows, linked to the Sandworm group. It disguises itself as a Word add-in and handles malicious operations remotely.

Security flaws: Microsoft Defender and Kaspersky exposedRisk of false positives and data deletion in environments protected by security solutions deemed reliableVulnerabilities in antivirus software from Microsoft and Kaspersky were discovered at the Black Hat Asia event, allowing false positive attacks that delete legitimate files. Despite the patches, the problem persists. Important to have robust backups.

Massive data theft in Argentina: millions of driving licenses compromisedLarge-scale data breach shakes Argentina: privacy and national security at riskA hacker breached Argentina's driving license database, exposing data on 5.7 million citizens, including senior officials. He demands a ransom to return the data, highlighting serious flaws in the country's cybersecurity.

Telegram becomes a playground for Pegasus spyware trafficHighly sophisticated spyware for sale on a popular messaging platform. Apple warns its usersPegasus spyware, created by NSO Group, is now being sold on Telegram by a Russian group for $1.5 million. Apple responded by issuing global security alerts and improving protection strategies for users.

Severe vulnerability in Magento software puts global e-commerce at riskImplications and mitigation strategies for Magento platform usersThe recent bug in Magento, Adobe's e-commerce platform, exposed the data of 160,000 credit cards to security risks. It is essential to regularly update and test your system to protect sensitive information.

New developments and Microsoft solutions against the Spectre v2 attack on WindowsMitigation strategies and configuration recommendations for Windows usersThe new Spectre v2 attack uses "Branch History Injection" to compromise Windows systems. Microsoft has updated procedures to limit this threat by editing the registry.

The complexity of the fight against digital piracy in ItalyTechnical and legal challenges in blocking online piracy using IP and CDN filtering systems in ItalyThe article discusses the technical and legal issues of the Piracy Shield anti-piracy tool, highlighting how blocking CDN IPs can limit access to legitimate content. It offers more precise filtering methodologies.

Career opportunities in Italian intelligence: entering the heart of securityFind out how to join the intelligence forces and contribute to national securityItalian Intelligence is looking for experts in AI, cybersecurity and other areas for national security. Candidates must be reliable and discreet. Rigorous selection process. Applications by May 31, 2024.

Hacker attack impacts Microsoft and US federal agenciesNational security implications and strategic responses to credential theftHackers linked to Russia stole Microsoft credentials, risking the security of US agencies. CISA called for immediate action. The attack is linked to the Midnight Blizzard group. Analysis underway to mitigate damage.