-
Europe’s transport sector terrorised by ransomware, data theft, and denial-of-service attacks
PRIVACY PRIVACY A new report from ENISA, the European Union Agency for Cybersecurity, looking at cyberattacks targeting the European transport network over a period of almost two years, has identified that ransomware has become the prominent threat. Read more in my article on the Tripwire State of Security blog. Read More
-
Security at the core of Intel’s new vPro platform
PRIVACY PRIVACY Intel has introduced its 13th Generation Core processor line, which the company claims is the first to build threat detection into hardware. In combination with endpoint detection and response (EDR) platforms from Intel partners, the new vPro processors promise a 70% reduction in attack surface compared to four-year-old PCs. Windows 11 systems can…
-
New Post-Exploitation Attack Method Found Affecting Okta Passwords
PRIVACY PRIVACY The flaw derives from the way the Okta system records failed login attempts to instances Read More
-
Fake GPT Chrome extension steals Facebook session cookies, breaks into accounts
PRIVACY PRIVACY The world has gone ChatGPT bonkers. Which makes it an effective lure for cybercriminals who may want to break into accounts… Read More
-
Critical flaw in AI testing framework MLflow can lead to server and data compromise
PRIVACY PRIVACY MLflow, an open-source framework that’s used by many organizations to manage their machine-learning tests and record results, received a patch for a critical vulnerability that could allow attackers to extract sensitive information from servers such as SSH keys and AWS credentials. The attacks can be executed remotely without authentication because MLflow doesn’t implement…
-
New vulnerabilities found in industrial control systems of major vendors
PRIVACY PRIVACY The US Cybersecurity and Infrastructure Security Agency (CISA) has issued advisories on 49 vulnerabilities in eight industrial control systems (ICS) this week, which are used across multiple critical infrastructure sectors. The vulnerabilities identified by CISA were tracked in products from ICS providers including Siemens, Hitachi, Rockwell, Delta Electronics, VISAM, and Keysight. To read…
-
Mass Ransomware Attack
PRIVACY PRIVACY A vulnerability in a popular data transfer tool has resulted in a mass ransomware attack: TechCrunch has learned of dozens of organizations that used the affected GoAnywhere file transfer software at the time of the ransomware attack, suggesting more victims are likely to come forward. However, while the number of victims of the…
-
UK Government Sets Out Vision for NHS Cybersecurity
PRIVACY PRIVACY Plans to boost cyber-resilience in the health service by 2030 Read More
-
BlackGuard stealer extends its capabilities in new variant
PRIVACY PRIVACY AT&T Alien Labs researchers have discovered a new variant of BlackGuard stealer in the wild, infecting using spear phishing attacks. The malware evolved since its previous variant and now arrives with new capabilities. Key takeaways: BlackGuard steals user sensitive information from a wide range of applications and browsers. The malware can hijack crypto…
-
Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts
PRIVACY PRIVACY Software was unwittingly downloaded thousands of times Read More