The threat actor known as UAC-0099 has been linked to continued attacks aimed at Ukraine, some of which leverage a high-severity flaw in the WinRAR software to deliver a malware strain called LONEPAGE. “The threat actor targets Ukrainian employees working for companies outside of Ukraine,” cybersecurity firm Deep Instinct said in a Thursday analysis. UAC-0099 […]
Cyber News
Organizations in the Defense Industrial Base (DIB) sector are in the crosshairs of an Iranian threat actor as part of a campaign designed to deliver a never-before-seen backdoor called FalseFont. The findings come from Microsoft, which is tracking the activity under its weather-themed moniker Peach Sandstorm (formerly Holmium), which is also known as APT33, Elfin, […]
Cyber News
A new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an “add-on feature” and that it depends on the licensing options opted by a customer. “In 2021, Predator spyware couldn’t survive a reboot on the infected Android system (it had it on iOS),” […]
Cyber News
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. “Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in executing Device Takeover (DTO) using the accessibility service, all while expanding its targeted […]
Cyber NewsPrivacy Compliance Amidst Global Big Data Proliferation In an era characterized by unprecedented technological advancement, data has become the new currency. The digital age has ushered in an era where vast amounts of information are generated and collected on a daily basis. This data is the lifeblood of businesses, governments, and organizations worldwide. However, […]
Privacy Compliance
A new piece of JavaScript malware has been observed attempting to steal users’ online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North […]
Cyber News
The Solntsepek group has taken credit for the attack. They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance. This is one of the most significant cyberattacks since Russia invaded in February 2022. Tags: cyberattack, cyberwar, hacking, Russia, telecom, Ukraine Sidebar photo of Bruce Schneier by Joe MacInnis. […]
Cyber NewsLeveraging CJIS Compliance in an Age of Policing Tech Innovations The landscape of law enforcement is undergoing a profound transformation, driven by rapid technological advancements. As police agencies embrace cutting-edge tools and solutions to enhance their capabilities, they must also grapple with the critical need for data security and privacy. In this era of policing […]
CJIS ComplianceITIL Compliance in a DevOps World: Reconciling Speed and Stability In the ever-evolving landscape of information technology, two seemingly contrasting principles have gained significant traction in recent years: ITIL (Information Technology Infrastructure Library) compliance and DevOps. ITIL is a well-established framework for IT service management, emphasizing structured processes and stability, while DevOps is all about […]
ITIL Compliance