Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere where it shouldn’t have been – Microsoft’s corporate environment. The theft of a Microsoft signing key In […]
Continue ReadingMITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT). The first Caldera for OT extensions were developed in partnership between the Homeland Security Systems Engineering and Development Institute (HSSEDI), […]
Continue ReadingThe Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software. Arranging a widespread Qakbot removal The Qakbot administrators use a system of tiered servers (Tier 1, Tier 2, and Tier 3) to control the Qakbot malware […]
Continue ReadingThe Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic to and through servers controlled by […]
Continue ReadingBy Waqas A concerning trend is emerging on the global stage: a rise in cyberattacks targeting government agencies. This is a post from HackRead.com Read the original post: Cyberattacks Targeting Government Agencies on the Rise
Continue ReadingNorth Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT, downloaded from an IP address previously associated with the Lazarus hacking group (aka APT38). QuiteRAT CVE-2022-47966 has been patched in […]
Continue ReadingWhile H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels, according to Critical Insight. Notably, the report revealed a decrease in total breaches but an increase in […]
Continue ReadingThe TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against cyber-attacks. In this Help Net Security video, Chris Warner, OT Senior Security Consultant at GuidePoint Security, discusses how these newly introduced provisions mandate pipeline owners and operators to proactively enhance […]
Continue ReadingFederal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to Swimlane. The research investigated the confidence level of these agencies in meeting the memorandum’s requirements and the tools leveraged to overcome challenges in adopting the key components of a […]
Continue ReadingRepresentatives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI recently convened at the White House for a meeting with President Biden with the stated mission of “ensuring the responsible development and distribution of artificial intelligence (AI) technologies”. The climate surrounding the summit The White House summit was undoubtedly a welcome change of pace for […]
Continue Reading