The City of Columbus is investigating the scope of a data breach resulting from a thwarted ransomware attack.
The post City of Columbus Says Data Compromised in Ransomware Attack appeared first on SecurityWeek.
CISA and FBI Release Joint PSA: Putting Potential DDoS Attacks During the 2024 Election Cycle in Context
Chrome 127 Improves Cookie Protection on Windows
Google has improved the security of cookies in Chrome on Windows and rolled out a Chrome 127 update to address critical- and high-severity vulnerabilities.
The post Chrome 127 Improves Cookie Protection on Windows appeared first on SecurityWeek.
Microsoft Says Azure Outage Caused by DDoS Attack Response
Microsoft’s response to a DDoS attack on Azure amplified the impact of the attack instead of mitigating it, causing outages.
The post Microsoft Says Azure Outage Caused by DDoS Attack Response appeared first on SecurityWeek.
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years.
Israeli cybersecurity company Cybereason is tracking the campaign under the name Cuckoo Spear,
Israeli cybersecurity company Cybereason is tracking the campaign under the name Cuckoo Spear,
How To Get the Most From Your Security Team’s Email Alert Budget
We’ll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses, and the never-ending cybersecurity talent gap means we’re all struggling to keep security teams fully staffed.
Given that reality, security teams need to be able to monitor and respond to threats
Given that reality, security teams need to be able to monitor and respond to threats
DigiCert Revoking Many Certificates Due to Verification Issue
DigiCert is immediately revoking many certificates due to a domain validation issue, which could cause disruption to sites, apps and services.
The post DigiCert Revoking Many Certificates Due to Verification Issue appeared first on SecurityWeek.
Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes
A new malicious campaign has been observed making use of malicious Android apps to steal users’ SMS messages since at least February 2022 as part of a large-scale campaign.
The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud.
“Of those 107,000 malware samples, over 99,000 of
The malicious apps, spanning over 107,000 unique samples, are designed to intercept one-time passwords (OTPs) used for online account verification to commit identity fraud.
“Of those 107,000 malware samples, over 99,000 of
Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova
Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy.
The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added.
XDSpy is a threat actor of indeterminate origin that was first
The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added.
XDSpy is a threat actor of indeterminate origin that was first
Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content
The US Senate has passed a bill to protect kids online and make tech companies accountable for harmful content.
The post Senate Passes Bill to Protect Kids Online and Make Tech Companies Accountable for Harmful Content appeared first on SecurityWeek.