cyber_security_channel | News and Media

Telegram-канал cyber_security_channel - Cyber Security News

42585

Be Cyber Aware. Our vacancies channel: @CyberSecurityJobs Our chat: t.me/cybersecuritynewschat LinkedIn: https://www.linkedin.com/company/securitynews/ Facebook: https://www.facebook.com/BreakingCyberSecNews 📩 Cooperation: @cybersecadmin

Subscribe to a channel

Cyber Security News

Sustainability is a Pivotal Element in Shaping the Future of IT

Today’s workforce demands a more user-friendly and efficient IT experience.

We’re investing in new technologies, such as cloud computing and AI, to help meet those needs.

Cyberattacks are becoming more sophisticated and frequent, and they can have a devastating impact on businesses.

We’re investing in advanced security solutions to overcome this challenge, training our employees on cybersecurity best practices and working with our customers to develop tailored security solutions.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

The Texas Data Privacy and Security Act (TDPSA): All the Basics

The Texas Data Privacy and Security Act regulates the collection, use, processing, and treatment of consumers’ personal data.

Businesses subject to the law who violate its regulations are subject to civil penalty.

If violators don’t cure the violation within the cure period and provide the attorney general with evidence of the cure, they can be fined $7,500 per violation.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Hacktivists Enter Fray Following Hamas Strikes Against Israel

"Given the intricate dynamics of modern warfare, where physical and digital realms are deeply intertwined, dismissing these groups as mere symbols would be an oversight," says Callie Guenther, senior manager of threat research for Critical Start.

"Their operations can provide tactical advantages, serve as distractions, or even be used for strategic intelligence gathering.

As the Israel-Palestine conflict progresses, the role of Anonymous Sudan and Killnet could become even more pronounced, potentially influencing the trajectory of events on both the ground and in cyberspace."

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

⚡️Spanish Airline Air Europa Hit By Credit Card System Breach

An email received by an Air Europa customer and seen by Reuters on Tuesday advised that the card used to pay on the Air Europa website should be cancelled and replaced "to prevent possible fraudulent use of your information" following the incident.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Attacks on Maximum Severity WS_FTP Bug Have Been Limited — So Far

The bug is present in the optional Ad Hoc Transfer module of WS_FTP and affects all supported versions of the software.

The flaw has a maximum possible severity score of 10.0 on the CVSS scale because of how easily exploitable it is and the fact that it enables an unauthenticated attacker to run remote commands on the WS_FTP Server's underlying operating system.

CVE-2023-40044 was one of eight vulnerabilities that Progress disclosed last week.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

🤝⏩️ Boost the Cyber Security News Channel!

A few weeks ago Telegram released a new feature called Stories!

Our community would be happy to try it out, establishing another method of communication with our subscribers.

Would you like us to create Stories and test this functionality together?

Click on the “Boost” button below and show your support:

→ /channel/Cyber_Security_Channel?boost

Your help would be greatly appreciated!

Kind regards,
The Cyber Security News Team

Читать полностью…

Cyber Security News

⚡️Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks

According to a timeline created by cybersecurity consultant and OSINT enthusiast Julian Botham, the first hacktivist attacks were launched against Israel by Anonymous Sudan less than one hour after the first rockets were fired by Hamas.

The group targeted emergency warning systems, claiming to have taken down alerting applications in Israel.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

New Law Helps Protect Homeowners’ Private Information

Those notices included, but were not limited to, meeting notices, budget notices, notices of rule changes and similar notices, which would otherwise be a lot of paper that many owners never bother to read.

However, in all cases, HOAs were only able to realize the cost savings and reduced paper waste for owners that filled out a form “opting in” to receiving electronic notices.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Crossword Cybersecurity CEO Reveals Focus for the Rest of 2023

Dr. Ilube emphasises Crossword's focus on organic growth and its commitment to working closely with key accounts.

Addressing the impact of generative AI on cybersecurity, he revealed that Crossword is actively exploring how AI can be integrated into their products, especially in supply chain and network monitoring areas.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks

The remaining two issues have a lower severity rating and their exploitation can lead to information disclosure.

According to ZDI’s timeline, the vulnerabilities were reported to Exim developers in June 2022 and ZDI reached out for an update in late April 2023, with the bug reports being resent to Exim in May.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

New Resource for Domestic Abuse Survivors Combines AI, Cybersecurity, and Psychology

The classes in the SCP master’s program played a pivotal role in shaping Talwalkar’s research in this area. While exploring internet censorship and language models, she recognized the emerging challenges posed by AI in security.

After an insightful conversation with SCP Professor Peter Swire, Talwalkar gained the confidence to shift her focus towards investigating malicious intent in immersive environments.

With Crooks’ guidance, she began exploring the socio-technical environment of IPV.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Netscout Identified Nearly 7.9M DDOS Attacks in the First Half of 2023

NETSCOUT's insights into the threat landscape come from its ATLAS sensor network built over decades of working with hundreds of Internet Service Providers globally, gleaning trends from an average of 424 Tbps of internet peering traffic, an increase of 5.7% over 2022.

The company has observed nearly 500% growth in HTTP/S application layer attacks since 2019 and 17% growth in DNS reflection/amplification volumes during the first half of 2023.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Why the California Privacy Rights Act (CPRA) Matters for Investment Advisers, Broker-Dealers and Other Financial Professionals

Previously, the CCPA generally exempted “personal information” (i.e., information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to a particular person) about a business’s employees or business-to-business contacts, but those exemptions are no longer available.

As a result, investment advisers, broker-dealers, fund managers, and other financial institutions subject to the CCPA that have employees in California may be subject to new compliance obligations under the CCPA.

Similarly, https://www.jdsupra.com/legalnews/why-the-california-privacy-rights-act-5777864/ to the exceptions described below, financial businesses that have clients, investors, or prospective clients or investors in California are subject to these same new obligations.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Researchers Uncover RaaS Affiliate Distributing Multiple Ransomware Strains

What makes ShadowSyndicate somewhat different from other affiliates is the number of ransomware families it has distributed over the past one year, says Eline Switzer, threat intelligence analyst at Group-IB.

"At this stage, our hypothesis is that ShadowSyndicate is a RaaS affiliate, although this is one of several potential explanations for this malicious activity," Switzer says.

"The fact that several different ransomware families were used, especially within the course of a single year, is peculiar for a single affiliate, and we haven't seen such examples of this in the past."

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

UAE-Linked 'Stealth Falcon' APT Mimics Microsoft in Homoglyph Attack

In the past, Stealth Falcon (aka Fruity Armor or Project Raven) has been known to target political activists, dissidents, and journalists in the Middle East.

This latest attack occurred somewhere in the region of the Anatolian and Arabian peninsulas, according to ESET.

The firm also noted that a second sample of the malware was uploaded to Virus Total, from Qatar.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

A Deep Dive Into US Cross-Industry Group Looking to Probe AI Risks

Emphasising a comprehensive approach, the working group will not solely spotlight generative AI, but scrutinise AI technologies at large, entailing a thorough investigation into their use cases, currently proposed regulatory and legislative measures, and deducing best practices applicable for both corporations and legislative entities.

Despite the prevailing apprehensions related to risks, technology companies are progressively unveiling AI products, particularly within the cybersecurity industry.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

South Korea's PIPC launches AI privacy unit

The enforcement regulations for the Personal Information Protection Committee establishing a new AI Privacy Team (hereinafter referred to as the ‘Artificial Intelligence Team’) dedicated to privacy issues will be promulgated and put into full operation.

Chairman Koh Hak-soo said, “The Personal Information Commission has taken the first step in establishing an artificial intelligence (AI) personal information disciplinary system and securing a promotion system to lead global norms.”

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Turnkey Rootkit for Amateur Hackers Makes Supply Chain Attacks Easy

When ReversingLabs researchers first came upon the copycat package — suspiciously uploaded on Aug.

25 by a new account and not connected to any other npm projects — they discovered unobfuscated malicious code inside of its "index.js" file.

Upon running, the malicious file downloaded an executable file: a copy of DiscordRAT 2.0.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Are Your Emails Safe? After PhilHealth Cyber Attack, Here’s How to Spot Data Breach

Kaspersky also advised users to sign up for a two-factor authentication (2FA) if a website or an application allows them to.

“It’s an extra level of security for your online accounts that requires you to enter an additional piece of identity information,” it said.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

KillNet Claims DDoS Attack Against Royal Family Website

The attack was a perfect case-in-point, coming just 10 days after King Charles appeared at the Palais du Luxembourg, home of the French senate.

"Now, more than 80 years since we fought, side by side, for the liberation of Europe, we once again face unprovoked aggression on our continent," Charles said in a bilingual speech.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Critical TorchServe Flaws Could Expose AI Infrastructure of Major Companies

TorchServe is used by organizations around the world and has more than 30,000 PyPi downloads every month and over one million DockerHub pulls.

It’s used by major companies such as Amazon, Google, Intel, Microsoft, Tesla and Walmart.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Bitcoin Lightning Offline Transactions: The Future Of Peer-To-Peer Digital Cash?

The constant mobility of users presents a puzzle: how to decide with whom to initiate a payment channel.

This decision is influenced by "mobility patterns" – individuals’ habitual routes and frequented locations.

Regular visits to certain spots might indicate a need for establishing a payment channel there to optimize the success rate of transactions.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

How Digital Health Companies Navigate the Patchwork of State Data Privacy Laws

While HIPAA-covered entities have familiarized themselves with the complexities of HIPAA over the past 25 years, there will be a significant learning curve for digital health companies, which are not subject to HIPAA, to adjust to new legal requirements.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

The Silent Threat of APIs: What the New Data Reveals About Unknown Risk

The key problem that stands out in the study's findings is the issue of unknown risk.

Despite the rise in API breaches, 40% of organizations continually test only a fraction of their APIs for vulnerabilities.

This potential oversight leads to a confidence level of just 26% in preventing attacks, while a mere 21% of API attacks are detectable and containable.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

AI, Cybersecurity, And The Economy: Three Predictions For The Last Few Months of 2023

Expect CLDs to adopt easy and effective ways to vet law firms for their security postures.

Cybersecurity audit tools, for example, let CLDs send surveys and questionnaires to law firms to get a full picture of their cybersecurity capabilities.

They should also prioritize site visits to their top firms to ensure that they are maintaining high-security standards.

These visits should be performed no less than twice a year.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

CAPTCHAs Easy for Humans, Hard for Bots

Proton CAPTCHA consists of three levels of discernment: computational proof-of-work tasks, visual challenges, and bot detection that the company says preserves user privacy.

The system presents proof-of-work challenges for the user's device to solve in the background, without bothering the user.

Meanwhile, it also runs detection tests to look for botlike identifiers.

Friendly Captcha and mCAPTCHA also perform those two steps.

What Proton CAPTCHA adds is a visual puzzle to solve, akin to the original CAPTCHA.

The combination of the three actions makes it more expensive for automated account creation and abuse, Proton says.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

FBI Warns Organizations of Dual Ransomware, Wiper Attacks

The FBI says it observed different ransomware combinations being deployed in these attacks, leading to a mixture of data encryption, exfiltration, and financial losses associated with ransom payments.

The federal agency also notes that various ransomware attacks observed in 2022 were characterized by custom data theft tools, wipers, and malware, designed to pressure victims to negotiate with the attackers.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

4 Pillars for Building a Responsible Cybersecurity Disclosure Program

Having experienced the trust placed in us by users reporting vulnerabilities, we appreciate the importance of defining and abiding by a responsible disclosure program.

Responsible disclosure must strike a delicate balance between meeting the immediate need to protect users at risk with the broader security implications for the entire community.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Hackers Are Spoofing Themselves as GitHub's Dependabot to Steal User Passwords

The latest attack, investigated by researchers at Checkmarx, showed threat actors mimicking Dependabot by changing the account alias to ‘dependabot[bot]’, along with a blank avatar.

Researchers said this was likely enough to convince most users that a commit had been legitimately made by Dependabot and that it didn’t warrant a second look.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Microsoft Adding New Security Features to Windows 11

The latest Windows 11 update expands support for passkeys, which are replacing passwords to offer enhanced security.

Users will be able to use and secure passkeys via their phone or Windows Hello (including Hello for Business), enabling them to sign in to a website or application using a device PIN, their face or their fingerprint.

@Cyber_Security_Channel

Читать полностью…
Subscribe to a channel