Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure. […]
CISO Communities – Cybersecurity’s Secret Weapon
Closed CISO communities act as an information exchange, advice center, pressure valve, and safe haven from critical oversight.
The post CISO Communities – Cybersecurity’s Secret Weapon appeared first on SecurityWeek.
700,000 Records Compromised in Askul Ransomware Attack
The e-commerce and logistics company was targeted by the RansomHouse ransomware group in October.
The post 700,000 Records Compromised in Askul Ransomware Attack appeared first on SecurityWeek.
Echo Raises $35 Million in Series A Funding
The fresh investment comes less than six months after the startup’s seed funding announcement.
The post Echo Raises $35 Million in Series A Funding appeared first on SecurityWeek.
Verisoul Raises $8.8 Million for Fraud Prevention
The company plans to accelerate product development, scale go-to-market efforts, and hire new talent.
The post Verisoul Raises $8.8 Million for Fraud Prevention appeared first on SecurityWeek.
Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks
After years of exploiting zero-day and n-day vulnerabilities, Russian state-sponsored threat actors are shifting to misconfigured devices.
The post Amazon: Russian Hackers Now Favor Misconfigurations in Critical Infrastructure Attacks appeared first on SecurityWeek.
Microsoft to block Exchange Online access for outdated mobile devices
Microsoft announced on Monday that it will soon block mobile devices running outdated email software from accessing Exchange Online services until they’re updated. […]
Amazon Exposes Years-Long GRU Cyber Campaign Targeting Energy and Cloud Infrastructure
Amazon’s threat intelligence team has disclosed details of a “years-long” Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025.
Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has
Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has
European authorities dismantle call center fraud ring in Ukraine
European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of more than 10 million euros. […]
JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover
The issue allows attackers to write arbitrary data to any file, or delete arbitrary files to obtain System privileges.
The post JumpCloud Remote Assist Vulnerability Can Expose Systems to Takeover appeared first on SecurityWeek.