Cybercrime
-
US Government Agrees to Continue Funding CVE Program Amid Concerns
In a crucial move for the cybersecurity sector, the US government has agreed to extend funding for the Common Vulnerabilities and Exposures (CVE) program amid concerns over its future. Following MITRE’s announcement that federal support was about to end, this extension ensures the continuity of CVE services, which are pivotal in identifying and managing technology…
-
End of CVE Program Sparks Concerns Among Cybersecurity Experts
The Department of Homeland Security’s decision to let its contract with MITRE expire could jeopardize the future of the Common Vulnerabilities and Exposures (CVE) program, raising alarms among cybersecurity experts about the potential disruption to vulnerability tracking and management.
-
Russian APT29 Launches New Phishing Campaign Targeting Embassies with Sophisticated Malware
Russian state-sponsored group Midnight Blizzard, also known as APT29, has launched a highly targeted phishing campaign against European embassies, utilizing a new malware loader named GrapeLoader and an evolved version of the WineLoader backdoor. Experts from Check Point Research warn that these developments require advanced multi-layered defenses to counteract the increased sophistication of this cyber…
-
AI Presentation Tool Exploited in Phishing Scams, Experts Warn
Research from Abnormal Security reveals that the AI presentation tool Gamma is being exploited in phishing attacks to trick users into revealing their credentials via counterfeit communications.
-
Tech Giants Lead Push for Shorter Digital Certificate Lifespans
Tech giants Apple and Google are leading a significant initiative to reduce the maximum lifespans of digital certificates, aiming to strengthen cybersecurity and mitigate risks associated with long-term certificates. The proposal suggests a maximum validity of 90 days from Google and 47 days from Apple, potentially revolutionizing internet safety standards.
-
Organizations Struggle to Address Cyber Vulnerabilities, Despite Increased Pentesting Efforts
A recent report reveals that organizations are addressing less than half of exploitable vulnerabilities, particularly in Generative AI applications, underscoring the need for improved security measures despite widespread recognition of the importance of pentesting.
-
Cyber Attacks: Shutting Down Systems Can Exacerbate Damage
As cyber attacks become an increasing reality for businesses, experts caution against the instinct to shut down systems during an incident, urging a focus on preparedness, controlled containment strategies, and effective communication.
-
New ResolverRAT Malware Targets Global Healthcare and Pharmaceutical Sectors
ResolverRAT, a new remote access trojan, poses a significant threat to healthcare and pharmaceutical organizations globally through sophisticated phishing tactics and stealthy operations, according to security researchers.
-
Human Element Critical in Combating Rising Cyber Threats, Experts Warn
As cyber threats evolve, experts stress the critical role of human intervention in enhancing cybersecurity resilience. Over half of UK businesses face projected cyber breaches in 2024, emphasizing the need for employee training and awareness within organizations.
-
China Acknowledges Cyberattacks on U.S. Infrastructure Amid Growing Tensions
A recent report reveals that Chinese officials acknowledged their country’s involvement in cyberattacks on U.S. infrastructure during a meeting with U.S. officials. The admission comes amid rising tensions over Taiwan and highlights China’s cyber operations strategy. In related news, Alibaba Cloud expands overseas while India implements a significant subsidy scheme for electronics manufacturing.
