Cyberpills.news

Data Poisoning: a danger for Artificial IntelligencesMitigation strategies to protect neural networks from data poisoning threatsData poisoning is a threat to AI. By manipulating training data, attackers can reduce the reliability of models and introduce backdoors. It's difficult to eliminate it completely, but we can limit the risk with access controls and strong identification policies. Defenses such as firewalls, security patches,...

The cyber kill chain: a security guideHow to deal with threats and protect corporate networksThe article explains the cyber kill chain, a model that describes the stages of a cyber attack. Shows how to mitigate cyber threats and protect data using security measures at every stage.

MGM ESXi servers encrypted by ransomware attack: BlackCat group held responsibleMGM Resorts hit by ransomware attack: cybersecurity implications and business repercussionsAccording to reliable sources, MGM's ESXi servers were encrypted by a ransomware attack conducted by the BlackCat/ALPHV group. The Scattered Spider group is suspected of using several types of social engineering attacks.

Phishing traps: common mistakes to avoidEssential precautions to protect your online securityPhishing is a dangerous cyber attack: don't trust emails from unknown senders, avoid spelling errors, check attached files, don't fall for urgent payment or winnings scams.

Android vulnerability: credit cards at riskThe discovery of a serious vulnerability in the Android operating system puts the security of credit cards at riskA serious security flaw has been discovered on Android that allows access to credit card data via NFC devices such as Flipper Zero. The vulnerability has been identified as CVE-2023-35671 and affects devices running Android 5.0 and later. The fix is only available for recent versions of Android. Older...

Choosing the best CSSP for cybersecurityExpert opinion on how to evaluate the reliability of CSSPsThis article examines the important role of cybersecurity vendors (CSSPs) in protecting against cyber threats. Guidance is provided on how to select a reliable and competent CSSP and the importance of evaluating solutions and supplier experience is highlighted. Finally, it is emphasized that cybersecurity...

Peach Sandstorm: the persistent threat of iranian state actorsThe sophisticated cyber-espionage techniques used by Peach Sandstorm threaten global securityMicrosoft has warned of a global cyber-espionage campaign led by an Iranian state actor called Peach Sandstorm. Using password attacks and exploiting vulnerabilities, they have targeted industries such as defense and pharmaceuticals. Microsoft recommends strengthening your defenses and implementing multi-factor...

Critical vulnerabilities in Notepad++ software: CERT-In warningCERT-In recommendations to protect systems from attacks on Notepad++ softwareThe Indian government agency CERT-In has discovered several vulnerabilities in the Notepad++ program, which could allow an attacker to execute code and obtain sensitive information from the target system. It is critical to apply software updates to resolve such vulnerabilities and protect your system....

Cyber security: the new face of cyber threatsThe challenge of evolving cyber threats: how to protect companies from new attacksThe article highlights the importance of cybersecurity for businesses and the challenges they face. We discuss emerging trends in the cyber security landscape, such as identity-based attacks, and the agility and sophistication of cyber adversaries. We emphasize the need for collaboration between security...

The Pentagon's 2023 strategy: enhance cybersecurity for allied countries and defend critical infr...The DoD's new strategy for enhancing cybersecurity and protecting critical infrastructureThe US Department of Defense has published a cybersecurity strategy 2023. The main goal is to enhance the capabilities of allied countries and critical infrastructure, defending the nation from cyber attacks. Additionally, the Pentagon has launched programs, such as “Hack the Pentagon,” to improve cyb...

Cyber security in Industry 4.0: risks and advanced solutionsAdvanced protection of industrial plants: how to deal with cyber threats in the Industry 4.0 eraThe article describes the challenges of cyber security in Industry 4.0, with case studies of devastating attacks. It presents the fundamentals of security in industrial contexts, such as physical, network, system and data protection. It also provides strategies to improve safety, such as implementing...

GenAI: benefits and risks in the use of generative artificial intelligenceThe mixed impacts of using GenAI: opportunities and threats in the world of technology according to the CEO of McAfeeThe use of generative artificial intelligence (GenAI) offers great benefits, but it also helps hackers perfect online scams. McAfee adapts to technological change, using AI to protect customers. Digital security is necessary in modern society, despite the temptation to reduce expenses. The use of GenAI...

Hacker attack on Retool: stolen cryptocurrencies and deepfakesSophisticated attack leveraging Google Authenticator MFA sync and deepfake puts business security at riskA San Francisco software development company, Retool, was the victim of a sophisticated hacker attack attributed to a Google sync feature. Hackers breached the system and targeted cryptocurrency customers, causing significant damage. The attack exploited deepfake and raises concerns about corporate security...

Las Vegas casinos double violations: Scattered Spider and ALPHV ChargedAn unprecedented hacking operation puts the security of Las Vegas casinos at riskTwo hacker groups, Scattered Spider and ALPHV, have been linked to the attacks on the MGM Resorts and Caesars Entertainment companies in Las Vegas. MGM had to pay a multimillion-dollar ransom, while Caesars suffered widespread outages. Investigations are still ongoing to identify the perpetrators of...

RCE ThemeBleed bug discovered in Windows 11 with a test exploitA risky vulnerability discovered in Windows 11 Themes opens the door to attackersAn exploit called ThemeBleed has been discovered that allows attackers to execute code on the system. The flaw has been patched by Microsoft, but users are advised to apply security updates.

Metaverse and dark web: new territories for organized crimeThe phenomenon of cybercrime in the metaverse and the challenge of new technologiesThe metaverse and the dark web are becoming expansion grounds for mafias, which exploit encrypted communications. The Dia highlights the need for adequate security tools and international cooperation.

LockBit: attackers use alternative ransomware as a fallbackThe emerging threat: 3AM ransomware spreads as an alternative option to security locksAttackers use 3AM ransomware as an alternative to LockBit, trying to bypass security measures. Ransomware encrypts files and deletes backup copies, making recovery difficult. Symantec provides indicators to detect and protect against.

Offline file sharing: the advent of USB Dead DropsAn alternative network for offline and anonymous file exchangeDead Drops is a project that creates an alternative network to the Internet for exchanging files. USB sticks are installed in public places, allowing users to share and find files anonymously and offline. However, it is advisable to use security precautions due to the potential risk of malware.

Hackers steal $53 million worth of cryptocurrencies from CoinExCoinEx under attack: millions of dollars worth of cryptocurrency funds stolenCoinEx, a well-known cryptocurrency exchange, suffered a cyber attack resulting in the loss of digital assets worth approximately $53 million. The cryptocurrencies involved are Ethereum, Tron and Polygon. CoinEx has suspended services to protect users and it is suspected that the Lazarus group may be...

Washington summit addresses open source software securityMeetings between government and industry to protect computer systems from attacks on open source softwareThe second Open Source Software Security Summit brought together key industry players to discuss ways to secure open source software. Government and industry representatives participated to improve the security of open source software.

Cyber Shield: a video game for cybersecurity awarenessPlayful innovation for corporate cyber protection: Gamindo launches Cyber ShieldGamindo created the video game “Cyber Shield” to train employees in the basics of cybersecurity. Through an interactive platform, players learn and practice defense strategies against cyber attacks. The goal is to create an engaging environment to develop solid cybersecurity skills.

Microsoft warns of a new phishing campaign targeting businesses via Teams messagesA dangerous phishing attack threatens businesses via Microsoft Teams: here's what IT professionals need to knowMicrosoft warns of a new phishing campaign that uses messages on Teams to infiltrate corporate networks. The Storm-0324 cluster distributes payloads such as downloaders, banking Trojans, and ransomware. Emails with fake themes are also used to deceive users. Microsoft has made security improvements to...

Severe zero-day vulnerabilities in Adobe's Acrobat and ReaderUrgent updates to address serious zero-day vulnerabilities in Adobe's Acrobat and ReaderAdobe has released security updates to fix a zero-day vulnerability in Acrobat and Reader, along with other fixed vulnerabilities. The attacks exploit a flaw that allows the execution of unauthorized code. Users are encouraged to install updates to protect themselves.

Anonymous Sudan: DDoS attack against TelegramThe mysterious reasons behind the exclusion of Anonymous Sudan from TelegramThe latest article talks about the suspension of the main account of the Anonymous Sudan group on Telegram, an alleged consequence of the use of bots. The group responded with DDoS attacks against the platform itself. It is speculated that the suspension is also linked to previous attacks against Microsoft...

Cyber espionage: new Sponsor backdoor hits various industriesNew cyber threat: Charming Kitten affects at least 34 companiesAn Iran-linked cyber spy group known as Charming Kitten has infected 34 victims in Brazil, Israel and the United Arab Emirates with a new backdoor called Sponsor. This malware exploits vulnerabilities in Microsoft Exchange servers. Experts recommend applying security patches and staying vigilant for...

WiKI-Eve attack: stealing passwords from WiFi routersThe new technique that compromises the security of Wi-Fi networks, putting user passwords at riskA new attack called WiKI-Eve exploits a vulnerability in WiFi to intercept passwords typed on smartphones. Researchers found that this attack can guess numeric passwords in less than 100 attempts with 85% accuracy. Improved security measures are needed to protect against this type of attack.

What's new in the National Institute of Standards and Technology's brand new CMF frameworkNew updates and performance metrics in NIST's Cybersecurity Framework 2.0The National Institute of Standards and Technology (NIST) has released a draft of the Cybersecurity Framework 2.0. This new version included new features and focuses on organizational security. Comments will be accepted until 2024.

The new Machinery Regulation and its importance in industrial cybersecurityThe impacts of the Machinery Regulation on the protection of company data and the management of IT risksThe new Machinery Regulation approved by the European Parliament introduces cybersecurity requirements to guarantee the safety of machines. It focuses on new technologies such as artificial intelligence, IoT and robotics. Manufacturers must take measures to protect machines from cyber attacks. Compliance...

Sri Lanka data incident: ransomware attack hits governmentA cyber disaster that could put national security at riskThe Sri Lankan government suffered a major cyber attack that compromised over 5000 email accounts due to outdated software. Backup servers were also compromised, making data recovery difficult. The government will not pay ransom to attackers.

Apple addresses zero-day vulnerabilities exploited in recent spyware attackClosing the door on surveillance: Apple's quick response to zero-days exploited in spyware attackApple has fixed two serious vulnerabilities in its iOS operating systems. These flaws were exploited in a recent spyware attack using the Pegasus software. The vulnerabilities allowed attackers to execute code through malicious images and attachments. Apple has released software updates to patch these...

New England sees surge in cybersecurity and data privacy class action filingsRising legal complexities reflect a shift in cybersecurity litigation trendsIn 2023, New England has seen a rise in cybersecurity and data privacy class action lawsuits, particularly in Massachusetts. Healthcare, tech, retail, manufacturing, financial services, and professional services are the most targeted industries. Two key trends are multiple copycat complaints from a single...

Wild telemarketing: fine for Tiscali and ComparafacileViolations of privacy regulations in telemarketing: fines for Tiscali and ComparafacileTiscali and Comparafacile were fined by the Privacy Guarantor for abusive telemarketing practices. Tiscali provided incomplete information on customer data retention and sent promotional SMS without consent. Comparafacile contacted people without consent and without providing adequate information. Both...

Unveiling the top GitHub hacking tools for Android securityUnveiling a powerful arsenal of hacking tools designed to enhance Android securityThis article highlights the importance of strong security measures on Android devices and introduces the top GitHub hacking tools for Android. These tools help ethical hackers and security professionals assess and strengthen the security of Android apps by uncovering vulnerabilities and monitoring real-time...

American sanctions against Trickbot and Conti in fighting cybercrimeThe joint US-UK effort against russian-sponsored cybercrimeThe US Treasury Department has adopted new sanctions against the Trickbot and Conti hacker groups, linked to Russian cybercrime. The sanctions target 11 individuals involved in Trickbot, including administrators and programmers. The United States is stepping up efforts to counter the threat of Russian...

Reproducing cybersecurity incidents: an opportunity for strategic improvementA strategic approach to cybersecurity through detailed analysis of attacksReproducing cybersecurity incidents is an important process for improving the protection of organizations. Retracing the events of an attack allows you to better understand the threat and strengthen response and defense strategies. Reproduction also provides a training opportunity for team members and...

Proofpoint survey: misalignment between Board of Directors and CISO on cybersecurityThe challenge of communication between the Board of Directors and CISO in managing corporate cybersecurityThe Proofpoint survey reveals that the perception of cybersecurity in Italy differs between boards of directors and CISOs. Many boards feel at risk of cyber attacks, but only 57% have invested in security. It is necessary to improve communication between the two figures for effective cybersecurit...

Security labels for smart devices: are you willing to pay more for peace of mind?Vulnerable smart devices are putting consumer security at risk: is a change in approach necessary?Buyers are willing to pay more for smart devices that provide data security and privacy, according to a new study. However, experts warn that voluntary labels may not be enough and suggest mandatory labeling to prevent manipulation by manufacturers. The White House has announced plans to introduce optional...

North korean hackers target cybersecurity community with zero-day attacksSophisticated tactics deployed by North Korean hackers shake cybersecurity communityNorth Korean hackers are targeting the cybersecurity community, using social engineering tactics to establish trust with their victims. They exploit zero-day vulnerabilities in popular software, evade detection through anti-VM checks, and gather information from victims' systems. This is not their first...

Cisco addresses a critical vulnerability in the BroadWorks platformCisco will provide critical fixes for security vulnerabilities found in BroadWorks and Identity Services EngineCisco announced the resolution of two critical vulnerabilities affecting BroadWorks and Identity Services Engine. Patches are available to address issues that could allow attackers to gain undue access to systems and cause service disruptions. Affected users are advised to install patches and keep their...

MacOS malware: s new threat for Apple usersA sophisticated threat that endangers the security of Apple devices and sensitive user dataThe Atomic Stealer malware for MacOS manages to bypass the Gatekeeper, the operating system's security. It is distributed via Google ads and presents itself as TradingView platform to lure victims. Once downloaded, it convinces victims to give up their password. Users should be careful to download apps...

Cybersecurity budgets increase as cyberattacks become increasingly dangerousThe importance of an effective cybersecurity strategy to protect companies from increasingly dangerous attacksAccording to Palo Alto Networks, Indian companies are increasing investments in cybersecurity due to the growing risk of disruptive attacks. The transportation, manufacturing and public sector suffered the most attacks. Adopting a Zero Trust approach and automating your SOC are crucial to responding...

The cybersecurity alarm: threats to the ICT/OT supply chain in EuropeEmerging challenges in the cybersecurity landscape for the ICT/OT supply chain industryThe interconnection of digital systems and networks offers unprecedented opportunities, but also increases the cybersecurity threat to the ICT/OT supply chain. According to a report by ENISA, cyber attacks via the supply chain increased from 1% to 17% in 2021. It is crucial to adopt robust protocols...

The president of the Privacy Guarantor invites Parliament to be cautious in the use of massive surveillance...Protection of personal data: suggestions from the Privacy Guarantor for responsible surveillanceThe president of the Privacy Guarantor, Pasquale Stanzione, has proposed banning the use of IT devices for wiretaps that can modify the content of the host device. The aim is to ensure greater privacy protection and prevent access to information by third parties. The Guarantor also suggested introducing...

New variant of Mirai botnet infects Android TV set-top boxesThe new threat to Android TV devices: Pandora malware spreads rapidly among low-cost set-top boxesA new variant of the Mirai malware has been discovered on low-cost Android TV devices. It spreads via malicious firmware updates and pirated apps. The user can protect themselves by choosing reputable brands and avoiding unofficial sources. Awareness about the risk of pirated content is essential.

Google's Chrome Store review process foiled by Data-StealerMalicious extensions threaten user security despite Google's new measuresAttackers can still bypass Google's review process to get malicious extensions into the Chrome Web Store, stealing sensitive data. Vulnerabilities have been discovered in the input fields of web pages. Researchers suggest measures to protect sensitive browser data.

Securing the software supply chain: addressing open source vulnerabilitiesMinimizing risks and fortifying open source security in software developmentThis article emphasizes the importance of addressing open source vulnerabilities and securing the software supply chain. It discusses the shift left approach, implementing secure design and coding practices, and the use of frameworks like S2C2F to ensure a more resilient software supply chain.

Cybersecurity evolution: insights from NSA chief NakasoneUnveiling the transformative shifts in cybersecurity strategiesGen. Paul Nakasone, head of the NSA and U.S. Cyber Command, discussed evolving cybersecurity threats at the Billington Cybersecurity Summit. He highlighted the changing landscape, China and Russia as major concerns, and the need for improved strategies, structures, and workforce development. Nakasone...

Critical zero-day vulnerability exposes Atlas VPN Linux client usersUrgent security advisory: ensure privacy protection and evaluate VPN alternatives for Atlas VPN Linux usersA zero-day vulnerability in Atlas VPN's Linux client allows websites to expose users' real IP addresses, compromising their privacy. The flaw enables unauthorized access to the VPN's command-line interface without authentication, revealing sensitive information. A PoC exploit was shared online, prompting...

The UK Electoral Commission fails a crucial cybersecurity testThe gaps in the IT security of the Election Commission expose the entire population to serious risksThe UK Electoral Commission has admitted to a cyber breach that compromised the personal data of 40 million voters. The attack occurred after the Commission failed a cybersecurity test and used outdated software. An investigation is underway to assess the consequences and improve cybersecurity.

Internal risk management in cybersecurity: a complex challengeAdvanced protection strategies to counter insider threats in cybersecurityThe article highlights the importance of managing internal risk in cybersecurity. It is highlighted that cyber attacks often involve internal components, such as employees. The difference between "internal risk" and "internal threat" and the importance of adopting a multi-layered defense strategy are...