Source: This article was first published on https://www.bleepingcomputer.com/news/security/hackers-rob-thousands-of-coinbase-customers-using-mfa-flaw/ Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS ...
Read More

Source: This article was first published on https://www.scmagazine.com/analysis/asset-management/digital-transformation-forces-manufacturers-to-take-a-more-unified-asset-management-approach Risk and asset management must evolve in order to properly secure manufacturing plants, as inevitable digital transformation leads to increased risk and ...
Read More

Source: This article was first published on https://www.bleepingcomputer.com/news/security/fired-it-admin-revenge-hacks-school-by-wiping-data-changing-passwords/ A 29-year old wiped data on systems of a secondary school in the U.K. and changed the passwords at an IT company, ...
Read More

Source: This article was first published on https://www.zdnet.com/article/telegram-bots-are-trying-to-steal-your-one-time-passwords/ The tokens can be used to shred second-stage account verification. Telegram-powered bots are being utilized to steal the one-time passwords required in ...
Read More

Source: This article was first published on https://www.govinfosecurity.com/cisa-launches-insider-threat-self-assessment-tool-a-17657 A new self-assessment tool aims to help public and private sector organizations assess their level of vulnerability to insider threats, according to ...
Read More

Source: This article was first published on https://www.theregister.com/2021/09/28/active_directory_foggyweb_malware/ Microsoft has warned of a new tool designed to exfiltrate credentials and introduce a backdoor into Active Directory servers that is under ...
Read More

Source: This article was first published on https://www.scmagazine.com/analysis/cybercrime/wide-ranging-bec-scam-underscores-dangers-of-doing-business-with-untrusted-suppliers Federal prosecutors in Virginia are charging four individuals for a wide-ranging scheme to defraud businesses, first by hacking into their email or ...
Read More

Source: This article was first published on https://www.zdnet.com/article/hunker-down-the-chip-shortage-and-higher-prices-are-set-to-linger-for-a-while/ With recent murmurings of chip shortages easing through to 2022, one could be forgiven for imagining some sort of promised land where ...
Read More

Source: This article was first published on https://www.zdnet.com/article/this-phishing-as-a-service-operation-is-responsible-for-many-attacks-against-businesses-says-microsoft/ A phishing operation hides in plain sight and turns credential theft into a consumer product. Microsoft is shining a light on a ...
Read More

Source: This article was first published on https://www.zdnet.com/article/some-multi-party-breaches-cause-26-times-the-financial-damage-of-the-worst-single-party-breach-report/ The researchers found that when a ripple event triggers a loss of income, it can lead to losses of $36 million per ...
Read More

Source: This article was first published on https://www.bleepingcomputer.com/news/security/second-farming-cooperative-shut-down-by-ransomware-this-week/ Minnesota farming supply cooperative Crystal Valley has suffered a ransomware attack, making it the second farming cooperative attacked this weekend. Crystal Valley ...
Read More

Source: This article was first published on https://arstechnica.com/information-technology/2021/09/security-audit-raises-severe-warnings-on-chinese-smartphone-models/ The audit red-flagged Xiaomi and Huawei phones but gave OnePlus a pass. The Lithuanian National Cyber Security Centre (NCSC) recently published a ...
Read More

Source: This article was first published on https://cio.economictimes.indiatimes.com/news/next-gen-technologies/tokenization-paving-the-way-for-the-future-of-payments/83421635 Tokenization will not only redefine the current payment ecosystem by enabling a safe and secure experience for the consumer but will aid ...
Read More

Source: This article was first published on https://www.securityweek.com/ongoing-phishing-campaign-targets-apac-emea-governments Government departments in at least 7 countries in the Asia-Pacific (APAC) and Europe, the Middle East and Africa (EMEA) regions have been ...
Read More

Source: This article was first published on https://www.zdnet.com/article/victoria-launches-five-year-au50-million-cyber-strategy/ The new strategy is based on three core missions of improving the delivery of government services, creating a cyber safe place, and ...
Read More

Source: This article was first published on https://www.zdnet.com/article/the-state-of-ransomware-national-emergencies-and-million-dollar-blackmail/ Banks, however, have experienced the highest volume of ransomware attacks this year. Banks have been "disproportionately affected" by a surge in ransomware ...
Read More

Source: This article was first published on https://www.zdnet.com/article/over-60-million-records-exposed-in-wearable-fitness-tracking-data-breach-via-unsecured-database/ Data sources included Apple's HealthKit and Fitbit. An unsecured database containing over 61 million records related to wearable technology and fitness services ...
Read More

Source: This article was first published on https://www.zdnet.com/article/google-patches-two-chrome-zero-days/ Researchers said this was the 10th zero-day exploit that Google had patched this year. On Monday, Google announced fixes for 11 different bugs in ...
Read More

Source: This article was first published on https://healthitsecurity.com/news/university-of-minnesota-unveils-center-for-medical-device-cybersecurity The new Center for Medical Device Cybersecurity aims to cultivate collaboration between students, the tech industry, and government. The University of Minnesota ...
Read More

Source: This article was first published on https://www.networkcomputing.com/network-security/device-management-issues-corporate-environments Remote work, which will remain the norm for the near term, elevates the importance of device management and IT's role in securing ...
Read More

Source: This article was first published on https://krebsonsecurity.com/2021/09/microsoft-attackers-exploiting-windows-zero-day-flaw/ Microsoft Corp. warns that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open ...
Read More

Source: This article was first published on https://www.darkreading.com/attacks-breaches/us-cybercommand-warns-of-mass-exploitation-of-confluence-vuln Apply Atlassian's patch now - before the holiday weekend - the US Defense Department cybersecurity unit and CISA say. On the heels ...
Read More

Source: This article was first published on https://threatpost.com/iot-attacks-doubling/169224/ The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build ...
Read More

Source: This article was first published on https://www.cyberscoop.com/solarwinds-autodesk-hack-russia-us/ The list of victims keeps growing for the suspected Russian hackers who breached a U.S. federal contractor in order to gather intelligence ...
Read More

Source: This article was first published on https://www.bleepingcomputer.com/news/security/atlassian-confluence-flaw-actively-exploited-to-install-cryptominers/ Hackers are actively scanning for and exploiting a recently disclosed Atlassian Confluence remote code execution vulnerability to install cryptominers after a PoC ...
Read More

Source: This article was first published on https://www.zdnet.com/article/fbi-cisa-warns-of-potential-cyberattacks-over-labor-day-weekend/ They cited the Mother's Day weekend attack on Colonial Pipeline, the Memorial Day weekend attack on major meat processor JBS as well ...
Read More

Source: This article was first published on https://www.theregister.com/2021/08/27/microsoft_phishing_defender/ Microsoft has warned that it has been tracking a widespread credential-phishing campaign that relies on open redirector links, while simultaneously suggesting it ...
Read More

Source: This article was first published on https://www.zdnet.com/article/ransomware-now-attackers-are-exploiting-windows-printnightmare-vulnerabilities/ Cyber criminals are exploiting Windows PrintNightmare vulnerabilities in their attempts to infect victims with ransomware - and the number of ransomware groups ...
Read More

Source: This article was first published on https://threatpost.com/unpatched-fortinet-bug-firewall-takeovers/168764/ The OS command-injection bug, in the web application firewall (WAF) platform known as FortiWeb, will get a patch this week. UPDATE An ...
Read More

Source: This article was first published on https://www.washingtonpost.com/politics/2021/08/17/cybersecurity-202-sensitive-government-data-could-be-another-casualty-afghan-pullout/ Among the many long-term costs of the rapid fall of the Afghan government and the swift withdrawal of U.S. diplomatic and military ...
Read More

Source: This article was first published on https://www.theregister.com/2021/08/16/dallas_data_migration_8tb_deletion/ A bungled data migration of a network drive caused the deletion of 22 terabytes of information from a US police force's systems ...
Read More

Source: This article was first published on https://www.securitymagazine.com/articles/95880-the-tokyo-olympics-are-a-cybersecurity-success-story In the months and weeks leading up to the Tokyo Olympics, intelligence agencies and cybersecurity experts warned of the risks of cyberattacks and the ...
Read More

Source: This article was first published on https://cyware.com/news/glowworm-an-attack-technique-that-recovers-sound-via-led-36de103a Security researchers have developed a new attack technique that uses optical emission from a LED of a device. This attack can recover ...
Read More

Source: This article was first published on https://cyware.com/news/reverserat-20-uses-nightfury-agent-to-target-new-victims-0096dba6 ReverseRAT, a remote access trojan used in major attack projects targeting organizations in South and Central Asia, has received prominent modifications in ...
Read More

Source: This article was first published on https://www.cshub.com/executive-decisions/articles/shadow-it-risks-cisos-should-know Shadow IT is the bane of existence for CISOs and CIOs. For decades, individuals working in lines of business have been bringing ...
Read More

Source: This article was first published on https://cisomag.eccouncil.org/7-in-10-organizations-in-india-likely-to-suffer-a-data-breach-next-year-report/ Trend Micro’s Cyber Risk Index (CRI) report revealed that lost IP, critical infrastructure damage, and cost of outside experts are the major ...
Read More

Source: This article was first published on https://www.zdnet.com/article/hacker-returns-more-than-260-million-after-poly-attack/ The hacker behind the largest decentralized finance platform hack in history returned much of what they stole on Wednesday, sending back approximately $260 million ...
Read More

Source: This article was first published on https://www.scmagazine.com/analysis/backup-and-recovery/scripps-health-cyberattack-ehr-downtime-caused-112-7m-in-lost-revenue-recovery The ransomware attack against Scripps Health that led to more than four weeks of electronic health record (EHR) downtime procedures and the ...
Read More

Source: This article was first published on https://www.scmagazine.com/news/cloud/pci-security-standards-council-and-the-cloud-security-alliance-issue-guidance-on-scoping-cloud-environments The PCI Security Standards Council (PCI SSC) and the Cloud Security Alliance (CSA) on Thursday released a joint bulletin that explains the reasons why ...
Read More

Source: This article was first published on https://theconversation.com/what-is-pegasus-a-cybersecurity-expert-explains-how-the-spyware-invades-phones-and-what-it-does-when-it-gets-in-165382 End-to-end encryption is technology that scrambles messages on your phone and unscrambles them only on the recipients’ phones, which means anyone who ...
Read More

Source: This article was first published on CISO MAG. With the increase in API usage, API attacks are also becoming more and more prolific. Many CISOs realize their API security ...
Read More

Source: This article was first published on Softpedia News. The Biden administration begins to prioritize the cybersecurity infrastructure after numerous massive attacks. The topic of cybersecurity has received considerable attention ...
Read More

Source: This article was first published on TheRegister. Home Wi-Fi was an obvious target, but evildoers also knew to probe cloudy connections. Criminals targeted security gaps at financial services firms ...
Read More

Source: This article was first published on Vice. The company said the hackers targeted video games in China, potentially to cheat and compromise their accounts. Hackers were able to trick ...
Read More

Source: This article was first published on Security Magazine. The National Institute of Standards and Technology (NIST) has published a new draft on ransomware guidance for organizations. The document features advice on how ...
Read More

Source: This article was first published on TechCrunch. Three months after air transport data giant SITA reported a data breach, we are still learning about the damage. Air India said ...
Read More

Source: This article was first published on Inc42. Data related to over 18 Cr orders from pizza chain Domino’s India appeared on the dark web last month Now, it has ...
Read More

For the sixth consecutive year, QIIB has been awarded the highest certification in information security and protection of bank cards data- Payment Card Industry Data Security Standard (PCI-DSS), granted by ...
Read More

SISA, a global payment security specialists, Founder and CEO, Mr. Dharshan Shanthamurthy, recently delivered an informative address on payment security to the ISACA Bangalore Chapter on Saturday 27th April 2019 ...
Read More

The PCI Security Standards Council recently hosted the PCI India Forum Event in New Delhi on March 13, 2019. A very engaging and informative event, it featured payment and cyber ...
Read More