Patients of Dutch mental health clinics are being warned that their personal records have fallen into the hands of hackers following a security breach at an online portal that “guaranteed” their privacy. Read more in my article on the Hot for Security blog.
Cyber News, Cyber Threat TrendsThe guidance is for network defenders and leaders to understand and respond to DDoS attacks
Cyber News, Cyber Threat TrendsThe firm is one of the defense department’s external providers employed to run one of its websites
Cyber News, Cyber Threat TrendsThe researchers were able to obtain the ZIP file containing the samples for the data breach
Cyber News, Cyber Threat Trends
An unofficial patch has been made available for an actively exploited security flaw in Microsoft Windows that makes it possible for files signed with malformed signatures to sneak past Mark-of-the-Web (MotW) protections. The fix, released by 0patch, arrives weeks after HP Wolf Security disclosed a Magniber ransomware campaign that targets users with fake security updates which employ a
Cyber News, Cyber Threat Trends
In today’s world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. But what should you look for when choosing the right provider? The sheer number of providers can be daunting, and finding one […]
Cyber News, Cyber Threat Trends
The threat actor behind the Fodcha distributed denial-of-service (DDoS) botnet has resurfaced with new capabilities, researchers reveal. This includes changes to its communication protocol and the ability to extort cryptocurrency payments in exchange for stopping the DDoS attack against a target, Qihoo 360’s Network Security Research Lab said in a report published last week. Fodcha first came to
Cyber News, Cyber Threat Trends
ACM.97 Requiring MFA, encryption, and disallowing network misconfigurations that expose admin ports and data This is a continuation of my series of posts on Automating Cybersecurity Metrics. Where was I? Oh yes, I was trying to use the Developer user created with CloudFormation for whom we autogenerated a password to login into the AWS console and […]
Cyber News, Cyber Threat Trends
Cloud-based repository hosting service GitHub has addressed a high-severity security flaw that could have been exploited to create malicious repositories and mount supply chain attacks. The RepoJacking technique, disclosed by Checkmarx, entails a bypass of a protection mechanism called popular repository namespace retirement, which aims to prevent developers from pulling unsafe repositories with
Cyber News, Cyber Threat Trends