A new report from ENISA, the European Union Agency for Cybersecurity, looking at cyberattacks targeting the European transport network over a period of almost two years, has identified that ransomware has become the prominent threat. Read more in my article on the Tripwire State of Security blog.
Cyber News, Cyber Threat TrendsA vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the mass-hack is […]
Cyber News, Cyber Threat Trends
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories on 49 vulnerabilities in eight industrial control systems (ICS) this week, which are used across multiple critical infrastructure sectors. The vulnerabilities identified by CISA were tracked in products from ICS providers including Siemens, Hitachi, Rockwell, Delta Electronics, VISAM, and Keysight. To read this article […]
Cyber News, Cyber Threat Trends
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications and conduct fraud. “Nexus appears to be in its early stages of development,” Italian cybersecurity firm Cleafy said in a report published this week. “Nexus provides all the main features to perform ATO attacks (Account Takeover) against banking portals […]
Cyber News, Cyber Threat Trends
MLflow, an open-source framework that’s used by many organizations to manage their machine-learning tests and record results, received a patch for a critical vulnerability that could allow attackers to extract sensitive information from servers such as SSH keys and AWS credentials. The attacks can be executed remotely without authentication because MLflow doesn’t implement authentication by […]
Cyber News, Cyber Threat Trends
In the triumvirate of identity types, protecting the identity, privacy, and data of carbon-based forms — humans — is key. Safeguards must be in place as AI becomes more interactive.
Cyber News, Cyber Threat Trends
DMARC blocks spam and phishing emails sent from spoofed domains, and it’s vastly underutilized, a new report says.
Cyber News, Cyber Threat Trends
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
Cyber News, Cyber Threat TrendsA vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the mass-hack is […]
Cyber News, Cyber Threat Trends