In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most important acronyms
Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks
A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain.
“The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,”
“The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,”
Cisco takes DevHub portal offline after hacker publishes stolen data
Cisco confirmed today that it took its public DevHub portal offline after a threat actor leaked “non-public” data, but it continues to state that there is no evidence that its systems were breached. […]
ESET partner breached to send data wipers to Israeli orgs
Hackers breached ESET’s exclusive partner in Israel to send phishing emails to Israeli businesses that pushed data wipers disguised as antivirus software for destructive attacks. […]
Tech giant Nidec confirms data breach following ransomware attack
Nidec Corporation is informing that hackers behind a ransomware attack is suffered earlier this year stole data and leaked it on the dark web. […]
Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass
The latest generations of Intel processors, including Xeon chips, and AMD’s older Zen 1, Zen 1+, and Zen 2 microarchitectures on Linux are vulnerable to new speculative execution attacks that bypass existing ‘Spectre’ mitigations. […]
How to leverage $200 million FCC program boosting K-12 cybersecurity
In 2024, the Federal Communications Commission (FCC) launched the K-12 Cybersecurity Pilot Program, a groundbreaking initiative backed by $200 million in funding. Learn more from Cynet about how schools and libraries can apply to this program. […]
North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data
North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks.
“In some instances, fraudulent workers demanded ransom payments from their former employers after gaining
“In some instances, fraudulent workers demanded ransom payments from their former employers after gaining
Microsoft: macOS Vulnerability Potentially Exploited in Adware Attacks
The Adload macOS adware potentially exploits a privacy bypass vulnerability resolved in Sequoia 15 last month.
The post Microsoft: macOS Vulnerability Potentially Exploited in Adware Attacks appeared first on SecurityWeek.
In Other News: China Making Big Claims, ConfusedPilot AI Attack, Microsoft Security Log Issues
Noteworthy stories that might have slipped under the radar: China making claims about encryption cracking and Intel backdoors, ConfusedPilot AI attack, Microsoft loses security logs.
The post In Other News: China Making Big Claims, ConfusedPilot AI Attack, Microsoft Security Log Issues appeared first on SecurityWeek.