AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyberpills.news

CyberChallenge.IT 2024: youth training in cybersecurityFrom recruitment to competition: a journey through Italian cybersecurity trainingCyberChallenge.IT, a free training program aimed at young people between 16 and 24 years old, will soon return to Italy to develop skills in the cybersecurity sector. The course lasts twelve weeks and covers various theoretical and technical aspects. The program culminates in a competition to select...

Cyber incursions into US water utilitiesAmerica's water systems under attack: How cyber terrorism hits resource-constrained utilitiesCyber attacks on US water systems by Iran's Revolutionary Guard raise cyber security concerns. While there was no impact on water quality, the event is seen as a warning to organizations that rely on operational technologies. Federal authorities and the EPA are working to strengthen safety, especially...

New P2PInfect botnet variant discovered affecting IoT devicesNew attack and spread tactics: the disturbing evolution of P2PInfectCado Security Labs research reveals a new version of the P2PInfect malware, targeting IoT devices with MIPS processors. Originally attacking vulnerable Redis systems, P2PInfect evolved to brute-force attacks on SSH servers. With strengthened evasion methods and the ability to execute commands on compromised...

Ransomware Turtle on macOS: 360° investigation by expert Patrick WardleAnalysis of the characteristics and potential threats of Turtle ransomware on macOSSecurity analyst Patrick Wardle studied Turtle, a new ransomware for macOS. Wardle believes Turtle was originally designed for Windows and then adapted for macOS. The ransomware isn't particularly sophisticated but can still cause damage, underscoring the importance for Apple users to remain vigilant...

Bluffs: the alarm of the Italian researcher on bluetooth securityBluffs vulnerability revealed: how it risks your privacy through bluetoothThe new Bluetooth system vulnerability, called "Bluffs", was discovered by Italian researcher Daniele Antonioli. This flaw could compromise the security of various devices manufactured since 2014. It relies on the generation of weak security keys, threatening user privacy. Antonioli presented his research...

Agent Raccoon: a new malware in circulationThe complex panorama of his attack techniques and defense strategiesThe article describes the risk posed by Agent Raccoon, a dangerous new malware, which uses advanced techniques such as keyloggers and screenloggers to steal valuable information. Widespread mainly in the USA, it is often conveyed via phishing emails and escapes detection by common antiviruses. The article...

JAXA under cyber attack. The safety of the space program is a concernThe risk of cyber vulnerability: details of the attack and implicationsThe Japan Aerospace Exploration Agency (JAXA) has suffered a cyberattack due to a Microsoft Active Directory breach, raising concerns about the security of Japan's space program data. According to reports, JAXA has previously been the target of hackers potentially linked to foreign governments. In response...

Apple responds to zero-day vulnerabilities with hotfixesApple has taken urgent action to fix two critical security flawsApple has released an urgent update to fix two zero-day vulnerabilities affecting iPhone, iPad and Mac devices. The flaws, located in the WebKit rendering engine, allowed attacks via malicious web pages that could lead to unauthorized memory reading and corruption. code execution. The security updates...

Rising trend for outsourcing in cybersecurity strategiesCyber security increasingly relies on external expertsA Kaspersky study shows an increase in cybersecurity outsourcing, with 40% of companies relying on external services to strengthen security due to limited internal resources and expertise. We also invest in automation.

Cyberattacks and cryptocurrency laundering: North Korea's strategySanction evasion strategies and social engineering techniques adoptedThe North Korea-linked Lazarus Group uses technology to steal cryptocurrencies, bypassing sanctions. They stole around $3 billion in 6 years, taking advantage of DeFi systems to mask their tracks.

Cyber security: the importance of white hatsGuardians of the web: the impact and strategies of experts in defending the webEthical hackers help protect computer systems and networks by discovering vulnerabilities and teaching how to defend against hacker attacks, collaborating on data security.

Global blow to cybercrime: a major ransomware network has fallenCybercriminal organization busted: a success for global cybersecurityAn international operation has led to the arrest of cyber criminals in Ukraine responsible for ransomware attacks in 71 countries, using advanced malware to extort cryptocurrency payments.

Crisis in aviation: Rosaviatsia targeted by cyberattackCyber attack exposes vulnerability of Russian aviation sectorUkrainian intelligence claims to have hit the Russian aeronautical agency Rosaviatsia with a cyberattack, causing problems for the Russian flight sector, already in difficulty due to sanctions that limit maintenance and spare parts.

Introduction to the new SysJoker threatIn-depth analysis reveals evolutions and risks of SysJoker cross-platform malwareA new version of the SysJoker malware has been discovered. It now uses the Rust language to avoid detection and may be linked to hackers associated with Hamas, according to Check Point.

Cybersecurity strategies compared between Taiwan and JapanStrengthening digital defenses in the information ageTaiwan and Japan strengthen cybersecurity against attacks and disinformation, Taiwan educates about digital, Japan uses AI in defenses.

Zero-day network vulnerabilities affect IoT devicesCybersecurity experts reveal new risks for the Internet of ThingsStudio Akamai has discovered two zero-day vulnerabilities in IoT used by criminals to create botnets for DDoS attacks. Security can be improved by changing default passwords.

The Cyber Security & Cloud Expo 2023 kicks off in LondonA meeting of brilliant minds in the field of cybersecurity and cloud technologiesThe Cyber Security & Cloud Expo event will be held in London, with over 6,000 ICT professionals and 150 speakers discussing security and cloud. It is an opportunity for networking and updating on new technologies in the sector.

CyberLink supply chain intrusion by North Korean hackersCyberLink installer compromise: the sophisticated operation of the Lazarus groupNorth Korean hacker group Lazarus attacked Taiwan's CyberLink company, spreading malware through altered company software. Microsoft detected the attack and notified affected users.

Breach in biometric verification on PCsSecurity vulnerabilities in fingerprint recognition sensorsRecent research highlights vulnerabilities in the fingerprint sensors of some laptops, which allow unauthorized access. The use of secure protocols such as SDCP is recommended.

Microsoft launches security rewards programEncourage the search for flaws in the security of defender productsMicrosoft has launched the "Microsoft Defender Bounty Program" which rewards up to $20,000 to those who find and report serious errors in its Defender products.

Google compromise attempt: LummaC2 malware revives cookiesCyber attack strategies are advancing: a potential risk to data securityCybercriminals claim they can "reanimate" expired Google cookies via Lumma malware. The risk is unauthorized access to accounts. Caution advised for users. Google investigates possible vulnerability.

Cybersecurity strategies in the health sectorStrengthen cyber defenses in federal healthcareBiden's executive order promotes cybersecurity in the healthcare sector, with the adoption of zero trust architectures. HHS and CISA have created a security toolkit, and the FDA emphasizes the importance of securing medical devices.

Espionage activities of the russian cyber group APT28Fancy Bear's advanced tactics targeted by cyber security authoritiesA Russian cyber-espionage group, APT28, targets Western entities using advanced, hard-to-detect malware. There is an urgent need for organizations to strengthen their cyber security.

Empathy as a compass in the management of cyber attacksUsing emotional intelligence to sharpen cyber defenses and strengthen human relationshipsThe article explains the importance of empathy in cybersecurity to prevent attacks, facilitate communication, improve training and design intuitive tools.

Denmark the target of a massive cyber attack by Russian hackersContrast and defense strategies in the era of international cyber offensivesA group of Russian hackers has launched a large-scale cyberattack against Danish infrastructure and institutions, using phishing and advanced malware. Coordinated action for safety and prevention is essential.

Increase in ransomware groups with multi-point extortionComplex strategies and emerging risks in the ransomware landscapeThe emerging trend in cybercrime is ransomware that uses multiple extortions, such as encrypting data and publishing stolen information. Companies must strengthen security to deal with them.

Advanced synergies: the rise of AI in HPCInnovating scientific research: the duet between artificial intelligence and high-performance computingThe integration between Artificial Intelligence (AI) and High-Performance Computing (HPC) is powering research and data. At the SC23 conference we discussed ethical responsibilities, the impact of this union on the future of research and the technical challenges to be addressed.

Security breach at Toronto librariesCrisis management and post-accident containment measuresToronto libraries have been hit by a ransomware attack, potentially exposing personal data. Authorities and libraries work together to investigate and improve security.

New security risks for Intel serversCritical flaw revealed in Intel server processing chipsA serious vulnerability has been discovered in Intel server processors, which could allow data attacks. Intel has released updates to fix it but they may slow down systems.

IT crisis in a leading company in the banking sectorThe emergence of new risks for the global financial system following cyber-attacksThe largest bank in the world suffered a cyber attack that forced it to use USB for market operations. This shows the importance of improving IT security in the banking sector.

Network Perception and Claroty: innovative alliance for industrial cybersecurityStrengthening cybersecurity in critical infrastructures through advanced synergiesThe companies Network Perception and Claroty have collaborated to enhance the security of critical infrastructures, integrating their technologies to prevent cyber attacks.

Cyber-espionage campaign impacts Israeli hi-tech sectorChallenges in cyberspace: the battle to defend Israeli trade secretsA group of Iranian hackers attacked Israel's tech sector, stealing data and putting corporate networks at risk through phishing and malware. The international community is working to counter the threat.

Security breach at Henry County schoolsStrengthening digital defenses in educationA cyber attack threatened the security of Henry County's school network. Measures have been taken to protect the data and the attack is being investigated to improve security.

Digital security: Pakistan and AIAdvanced AI strategies against cyber threat in PakistanExperts in Karachi highlight Pakistan's lag in cyber security and propose the use of AI to prevent cyber attacks with high precision.

Training course in the universe of cybersecurityFundamental approach and resources for immersion in the world of cybersecurityThe guide illustrates the importance of acquiring skills in cybersecurity, with courses, certifications, virtual laboratories and community support. Learning in this field is a continuous process.

Response to major digital intrusion at Australian portsEmergency measures and economic impact post-cyber attack in logistics nodesAn Australian port has halted operations due to a cyber attack. The causes are being investigated and security is being strengthened to prevent future damage. This has economic and logistical impacts.

Digital defense: strategies against cyber attacksAnalysis of the latest trends in security and digital defense strategiesCyber attacks are on the rise, especially ransomware that locks data and demands ransoms. It is vital to train people on how to recognize dangers such as phishing and cooperate globally to combat cyber threats.

Global banking giant under ransomware attackA look at the ICBC ransomware incident and prevention strategiesICBC Bank was hit by a ransomware attack that put data and financial operations at risk. It responded by activating safety protocols to contain the damage and protect customers.

Towards a new era of cybersecurity in ItalyImpacts and strategies in the era of digital transformation for cyber defense in ItalyIn Italy, the public and private sectors are working together to increase cybersecurity awareness and resilience, through events, training and cooperation for a secure digital future.

Expansion of the cyber threat: the case of Imperial KittenAnalysis of tactical evolutions and consequences for global securityImperial Kitten, Iranian hacker group, intensifies cyber attacks. They use social engineering and phishing to steal data. It is crucial to defend yourself with training, monitoring and information sharing in IT.

Security alert: new trends of Russian hackersNew cybercriminal methodologies and digital counterintelligence tacticsRussian groups advance cyber tactics with “Living off the Land” methods to hide in networks, creating security risks. Defense requires proactive techniques and information sharing between IT experts.

CISA alert: increase in DDoS attacks via SSDPMeasures and responses to the growing risk of DDoS attacks using SSDPUS CISA has warned of active exploits on SSDP vulnerabilities for amplified DDoS attacks. Recommends disabling unused SSDPs and configuring networks to prevent abuse.

Illegal exploitation of Azure resources for crypto miningInvestigation reveals hidden illegal mining activity on corporate cloud platformsIn the study of cloud computing, a hidden cryptocurrency miner was found on Azure. It uses advanced techniques to hide and exploit resources without being detected, raising security concerns.

Mega DDoS attacks target Russian banking sectorIntensification of cyber attacks against Russian financial infrastructureSberbank, the main Russian bank, suffered a large-scale DDoS attack with one million requests per second, a peak never before recorded for the institution. The attack was more sophisticated than previous episodes.

Authentication alert: security risk investigationAuthentication management and prevention of illicit accessMicrosoft Authenticator users have received unsolicited authentication notifications, indicating possible security risks. Microsoft investigates and recommends caution and MFA.

QNAP: critical intervention to resolve security flaws in NASUrgent security measures: QTS, QuTS hero and QuTScloud updated to counter serious threatsQNAP has released updates to fix two serious vulnerabilities in its NAS devices, which could allow attackers to execute commands. It is urgent to install these updates.

Security alert for Atlassian: the escalation of a critical riskWarning about the consequences of exploits on Atlassian: an urgent call to strengthen defensesWarning: A serious vulnerability (CVE-2023-22518) has been discovered in Atlassian Confluence Server and Data Center with maximum risk. An urgent update is recommended to prevent ransomware attacks.

Android: fixed 37 vulnerabilities with the november 2023 updateImproved mobile device defense with the integration of critical security fixesGoogle has released security updates for Android, fixing 37 vulnerabilities. A flaw in the system allowed information disclosure, but was fixed along with other flaws.

Foray into the cloud: Kinsing's new modus operandiAdvanced cyberattack strategies target cloud services through a critical vulnerabilityThe Kinsing hacker group attacks cloud systems using the Looney Tunables vulnerability to install crypto-mining software and steal credentials.

Cybersecurity on alert: Canadian clinics in checkCyber security at risk: Canadian healthcare faces large-scale data breachesFive Canadian healthcare facilities have been hit by a ransomware attack that caused the leak of sensitive patient and employee data. The Daixin group claimed responsibility for the action. Investigations are underway.