Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoors on a “limited number” of devices. Tracked as CVE-2023-7102, the issue relates to a case of arbitrary code execution that resides within a third-party and open-source library named Spreadsheet::ParseExcel that’s used by the Amavis […]
Cyber News
Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content […]
Cyber News
A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it’s developed using an open-source mobile app framework called Xamarin and abuses the operating system’s accessibility permissions […]
Cyber News
Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a network to carry out cryptocurrency mining and distributed denial-of-service (DDoS) attacks. “Threat actors can also choose to install only scanners and sell the […]
Cyber News
Google Maps now stores location data locally on your device, meaning that Google no longer has that data to turn over to the police. Tags: geolocation, Google, privacy Sidebar photo of Bruce Schneier by Joe MacInnis.
Cyber News
The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. “The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness,” cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. “Carbanak returned last month through new distribution […]
Cyber News
The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB’s formal exit from Russia earlier this year. Cloud Atlas, active since […]
Cyber NewsDeciphering FISMA Compliance Amidst Growing Cyber Threat Vectors In an ever-evolving digital landscape, the importance of cybersecurity cannot be overstated. Government agencies, private companies, and individuals alike are increasingly vulnerable to cyber threats that are growing in complexity and sophistication. To combat these threats, various regulatory frameworks and compliance standards have been established to ensure […]
FISMA ComplianceBeyond IT: vCTO’s Role in Organizational Culture Transformation In an era defined by rapid technological advancements and digital disruption, the role of the Chief Technology Officer (CTO) has evolved beyond managing IT infrastructure and systems. Today, the vCTO, or Virtual Chief Technology Officer, plays a pivotal role in driving not only technological innovation but also […]
Virtual Chief Technology Officer (vCTO)