RSS Trending Cyber News

  • Ransom-Demanding Gangs Target Fresh Victims: Patients
    Could ransomware shakedowns against healthcare entities be taking an even uglier turn? In a recent attack on a Florida-based plastic surgery practice, hackers exfiltrated patients' medical records and then demanded a ransom be paid by the clinic and some of its patients to avoid further exposure of the data.
  • Hacker-Attacke gegen Mitsubishi Electric
    . Hacker hatten weitreichenden Zugriff auf das Netzwerk von Mitsubishi Electronic. Die Stadt New Orleans ist Opfer einer Cyberattacke geworden. (Bild: dpa, Jens Büttner/zb/dpa) Erst nachdem Medien darüber berichtet haben, gesteht Mitsubishi Electric nun einen Sicherheitsvorfall aus dem vergangenen Jahr ein.
  • HMRC turns to analytics to crack down on crypto cybercriminals
    The UK's tax authority is looking at investing in "cryptoanalysis" technology that would enable it to scrutinise trading of bitcoin, Ether and other digital assets. A sum of 100,000 is on the table for the vendor who can provide such a service. HMRC had previously tried to address the use of....
  • 38% компаний стали жертвами криптомайнеров в 2019 году
    . Половина респондентов считают эффективным запрет на пользование личными смартфонами по работе. Специалисты из компании Check Point Software в отчете Cyber Security Report 2020 рассказали об основных инструментах, которые киберпреступники использовали для атак на компании по всему миру в прошлом году.
  • 33 тыс. компьютеров в парламенте Германии все еще работают на Windows 7
    14 января 2020 года компания Microsoft прекратила поддержку Windows 7, однако, как и следовало ожидать, к этой дате на более новую версию ОС перешли далеко не все. Что еще хуже, необновляемой операционной системой продолжают пользоваться там, где безопасность должна быть на наивысшем уровне.
  • GDPR: $126 Million in Fines and Counting
    From when GDPR went into full effect on May 25, 2018, until Friday, EU data protection authorities also imposed €114 million ($126 million) in fines under the privacy regulation for a wide variety of infringements, not all involving data breaches. "France, Germany and Austria topped the rankings for....
  • Evita infiltrados en tu red con estos consejos
    A la hora de navegar por la red son muchos los problemas de seguridad que nos podemos encontrar. Hay muchos tipos de amenazas que pueden poner en riesgo nuestros sistemas. Especialmente si hablamos de equipos conectados a la red, son claramente más vulnerables.
  • Security Compass CEO Sets DevSecOps Strategy
    Security Compass CEO Sets DevSecOps Strategy. Security Compass, a provider of tools for streamlining risk analysis, has appointed Rohit Sethi to be its CEO after receiving additional funding from FTV Capital. Security Compass founder and previous CEO Nish Balla will remain on the board of directors.
  • SafeGuard Cyber Expands Leadership Team to Support Growing Global Enterprise Customer Base - Yahoo Finance
    Tom Dukes brings more than 25 years of global cyber policy, strategic leadership, and operational experience to company. CHARLOTTESVILLE, Va. Jan. 21, 2020 /PRNewswire/ -- , a SaaS security platform that secures the technologies driving the digital economy, today announced the hiring of Thomas A. Dukes, Jr.
  • Cyber attack at Herefordshire school was 'mindless vandalism' - Hereford Times
    A PERSONAL data breach at a Herefordshire secondary school was "mindless" and has been labelled as vandalism. West Mercia Police has been investigating and taking the cyber attack "extremely seriously" after personal documents are believed to have been wiped from computer systems at John Kyrle High School and Sixth Form Centre in -on-Wye.

RSS Vulnerabilities

  • Citrix publica los parches para CVE-2019-19781 que afecta a ADC y Gateway
    Finalmente, Citrix ha liberado la actualización para mitigar la vulnerabilidad crítica, asignada al código CVE-2019-19781, que fue publicada a principios de este mes. Desde entonces, dado el lapso de tiempo transcurrido, puede estimarse en cientos el número de dispositivos expuestos a internet que han sido vulnerados aprovechando este fallo.
  • Serious security breach in Internet Explorer: Microsoft warns against use
    Sorin Mustaca's IT Security news and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches. Serious security breach in Internet Explorer: Microsoft warns against use. A critical vulnerability in Internet Explorer has been published by Microsoft.
  • Citrix ships patches as vulnerable servers come under attack
    Citrix has issued its first set of patches fixing a nasty vulnerability that’s been hanging over some of its biggest products. The flaw, identified as CVE-2019-19781 on 17 December 2019, affected Citrix’s Application Delivery Controller (ADC) load and application balancer, and the Citrix Gateway....
  • Serious security breach in Internet Explorer: Microsoft warns against use
    A critical vulnerability in Internet Explorer, with the identifier CVE-2020-0674 has been published by Microsoft. It allows attackers to remotely execute code using the JScript.dll library. A security patch is currently being created. On the first patch Tuesday of 2020, Microsoft released 49....
  • Viime vuonna paljastettua Citrixin kriittistä aukkoa käytettiin jo hyväksi: nyt tuli paikkaus
    Etäyhteyksiin ja virtualisointiin erikoistunut ohjelmistoyhtiö Citrix on paikannut kriittisen haavoittuvuuden Application Delivery Controller (ADC) -tuotteestaan. mukaan Citrixin haavoittuvuutta hyväksikäyttämällä tunnistautumattoman hyökkääjän on mahdollista suorittaa kohdejärjestelmässä mielivaltaista ohjelmakoodia, uutisoi.
  • Microsoft предупреждает об эксплойтах нулевого дня в Internet Explorer
    Microsoft предупреждает об эксплойтах нулевого дня в Internet Explorer. Microsoft заявляет, что готовит патч для исправления ошибки во многих версиях Internet Explorer, которой могут воспользоваться злоумышленники. В сообщении безопасности, выпущенном в пятницу, Microsoft говорит, что уязвимость,....
  • Orange Cyberdéfense préfère les micros SOC au zero trust
    Lors de son événement Live qui s'est déroulé à Paris ce lundi 20 janvier 2020, le directeur général d'Orange Cyberdéfense Michel Van Den Berghe a fait un point sur l'activité et la stratégie du groupe. Porté par un contexte marché favorable et des acquisitions judicieuses, le groupe mise sur l'essor de micros SOC par activité.
  • 포티넷의 SIEM에서 하드코드...
    설치될 때마다 생성되는 tunneluser...이 계정의 SSH 공공 키가 이미지에 저장돼 공격자가 이를 취득하게 되면 슈퍼바이저로도 접근 가능...디도스 공격 등 가능 [보안뉴스 문가용 기자] 보안 업체 포티넷(Fortinet)의 SIEM인 포티시엠(FortiSIEM) 내에서 하드코드 된 SSH 공공 키가 발견됐다. 이를 남용할 경우 포티시엠 슈퍼바이저(FortiSIEM Supervisor)에 접근할 수 있게 된다고 한다. 하드코드 된 SSH 키는 tunneluser라는 사용자를 위한 것으로, 포티시엠이 […]
  • MS의 인터넷 익스플로러에서 발견된 제로데이, 다크호텔이 활용 중
    소규모 표적 공격에 이미 활용되고 있는 제로데이 취약점...다크호텔 연관돼 있어 MS는 곧 패치 발표한다면서 ‘정기 패치’ 언급해...빠르게 패치 나올 것 같지 않아 [보안뉴스 문가용 기자] 마이크로소프트가 인터넷 익스플로러에서 발견된 제로데이 취약점에 대한 패치를 개발하고 있다고 발표했다. 이 제로데이 취약점은 다크호텔(DarkHotel)이라는 해킹 단체가 실시하고 있는 표적 공격에 활발히 이용되고 있다고 한다. 문제의 제로데이 취약점에는 현재 CVE-2020-0674라는 […]
  • 지난해 12월 가장 많이 탐지된 멀웨어는 ‘HTML/ScrInject’
    ESET, 2019년 12월 Top 10 위협 발표 [보안뉴스 원병철 기자] 지난 2019년 12월 가장 많이 탐지된 멀웨어는 ‘HTML/ScrInject’였다고 ESET(이셋)의 국내법인 이셋코리아가 밝혔다. 이셋코리아는 정교한 악성 코드 리포팅 및 추적 시스템인 ESET LiveGrid®의 분석에 따른 2019년 12월 전 세계 Top 10 위협을 발표했다. 1. HTML/ScrInject 이전 순위: 1 탐지 비율: 9.27 % HTML/ScrInject는 악성 소프트웨어가 호스팅되는 […]

RSS Threats and Incidents

  • Citrix publica los parches para CVE-2019-19781 que afecta a ADC y Gateway
    Finalmente, Citrix ha liberado la actualización para mitigar la vulnerabilidad crítica, asignada al código CVE-2019-19781, que fue publicada a principios de este mes. Desde entonces, dado el lapso de tiempo transcurrido, puede estimarse en cientos el número de dispositivos expuestos a internet que han sido vulnerados aprovechando este fallo.
  • Serious security breach in Internet Explorer: Microsoft warns against use
    Sorin Mustaca's IT Security news and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches. Serious security breach in Internet Explorer: Microsoft warns against use. A critical vulnerability in Internet Explorer has been published by Microsoft.
  • Citrix ships patches as vulnerable servers come under attack
    Citrix has issued its first set of patches fixing a nasty vulnerability that’s been hanging over some of its biggest products. The flaw, identified as CVE-2019-19781 on 17 December 2019, affected Citrix’s Application Delivery Controller (ADC) load and application balancer, and the Citrix Gateway....
  • Serious security breach in Internet Explorer: Microsoft warns against use
    A critical vulnerability in Internet Explorer, with the identifier CVE-2020-0674 has been published by Microsoft. It allows attackers to remotely execute code using the JScript.dll library. A security patch is currently being created. On the first patch Tuesday of 2020, Microsoft released 49....
  • Viime vuonna paljastettua Citrixin kriittistä aukkoa käytettiin jo hyväksi: nyt tuli paikkaus
    Etäyhteyksiin ja virtualisointiin erikoistunut ohjelmistoyhtiö Citrix on paikannut kriittisen haavoittuvuuden Application Delivery Controller (ADC) -tuotteestaan. mukaan Citrixin haavoittuvuutta hyväksikäyttämällä tunnistautumattoman hyökkääjän on mahdollista suorittaa kohdejärjestelmässä mielivaltaista ohjelmakoodia, uutisoi.
  • Microsoft предупреждает об эксплойтах нулевого дня в Internet Explorer
    Microsoft предупреждает об эксплойтах нулевого дня в Internet Explorer. Microsoft заявляет, что готовит патч для исправления ошибки во многих версиях Internet Explorer, которой могут воспользоваться злоумышленники. В сообщении безопасности, выпущенном в пятницу, Microsoft говорит, что уязвимость,....
  • Orange Cyberdéfense préfère les micros SOC au zero trust
    Lors de son événement Live qui s'est déroulé à Paris ce lundi 20 janvier 2020, le directeur général d'Orange Cyberdéfense Michel Van Den Berghe a fait un point sur l'activité et la stratégie du groupe. Porté par un contexte marché favorable et des acquisitions judicieuses, le groupe mise sur l'essor de micros SOC par activité.
  • 포티넷의 SIEM에서 하드코드...
    설치될 때마다 생성되는 tunneluser...이 계정의 SSH 공공 키가 이미지에 저장돼 공격자가 이를 취득하게 되면 슈퍼바이저로도 접근 가능...디도스 공격 등 가능 [보안뉴스 문가용 기자] 보안 업체 포티넷(Fortinet)의 SIEM인 포티시엠(FortiSIEM) 내에서 하드코드 된 SSH 공공 키가 발견됐다. 이를 남용할 경우 포티시엠 슈퍼바이저(FortiSIEM Supervisor)에 접근할 수 있게 된다고 한다. 하드코드 된 SSH 키는 tunneluser라는 사용자를 위한 것으로, 포티시엠이 […]
  • MS의 인터넷 익스플로러에서 발견된 제로데이, 다크호텔이 활용 중
    소규모 표적 공격에 이미 활용되고 있는 제로데이 취약점...다크호텔 연관돼 있어 MS는 곧 패치 발표한다면서 ‘정기 패치’ 언급해...빠르게 패치 나올 것 같지 않아 [보안뉴스 문가용 기자] 마이크로소프트가 인터넷 익스플로러에서 발견된 제로데이 취약점에 대한 패치를 개발하고 있다고 발표했다. 이 제로데이 취약점은 다크호텔(DarkHotel)이라는 해킹 단체가 실시하고 있는 표적 공격에 활발히 이용되고 있다고 한다. 문제의 제로데이 취약점에는 현재 CVE-2020-0674라는 […]
  • 지난해 12월 가장 많이 탐지된 멀웨어는 ‘HTML/ScrInject’
    ESET, 2019년 12월 Top 10 위협 발표 [보안뉴스 원병철 기자] 지난 2019년 12월 가장 많이 탐지된 멀웨어는 ‘HTML/ScrInject’였다고 ESET(이셋)의 국내법인 이셋코리아가 밝혔다. 이셋코리아는 정교한 악성 코드 리포팅 및 추적 시스템인 ESET LiveGrid®의 분석에 따른 2019년 12월 전 세계 Top 10 위협을 발표했다. 1. HTML/ScrInject 이전 순위: 1 탐지 비율: 9.27 % HTML/ScrInject는 악성 소프트웨어가 호스팅되는 […]

RSS Cyber Crime

  • Ransom-Demanding Gangs Target Fresh Victims: Patients
    Could ransomware shakedowns against healthcare entities be taking an even uglier turn? In a recent attack on a Florida-based plastic surgery practice, hackers exfiltrated patients' medical records and then demanded a ransom be paid by the clinic and some of its patients to avoid further exposure of the data.
  • Hacker-Attacke gegen Mitsubishi Electric
    . Hacker hatten weitreichenden Zugriff auf das Netzwerk von Mitsubishi Electronic. Die Stadt New Orleans ist Opfer einer Cyberattacke geworden. (Bild: dpa, Jens Büttner/zb/dpa) Erst nachdem Medien darüber berichtet haben, gesteht Mitsubishi Electric nun einen Sicherheitsvorfall aus dem vergangenen Jahr ein.
  • HMRC turns to analytics to crack down on crypto cybercriminals
    The UK's tax authority is looking at investing in "cryptoanalysis" technology that would enable it to scrutinise trading of bitcoin, Ether and other digital assets. A sum of 100,000 is on the table for the vendor who can provide such a service. HMRC had previously tried to address the use of....
  • Security Compass CEO Sets DevSecOps Strategy
    Security Compass CEO Sets DevSecOps Strategy. Security Compass, a provider of tools for streamlining risk analysis, has appointed Rohit Sethi to be its CEO after receiving additional funding from FTV Capital. Security Compass founder and previous CEO Nish Balla will remain on the board of directors.
  • SafeGuard Cyber Expands Leadership Team to Support Growing Global Enterprise Customer Base - Yahoo Finance
    Tom Dukes brings more than 25 years of global cyber policy, strategic leadership, and operational experience to company. CHARLOTTESVILLE, Va. Jan. 21, 2020 /PRNewswire/ -- , a SaaS security platform that secures the technologies driving the digital economy, today announced the hiring of Thomas A. Dukes, Jr.
  • Cyber attack at Herefordshire school was 'mindless vandalism' - Hereford Times
    A PERSONAL data breach at a Herefordshire secondary school was "mindless" and has been labelled as vandalism. West Mercia Police has been investigating and taking the cyber attack "extremely seriously" after personal documents are believed to have been wiped from computer systems at John Kyrle High School and Sixth Form Centre in -on-Wye.
  • Virginia House Committee Tackles Consumer Protections, Cybersecurity - Insurance Journal
    In one of the more modern meeting rooms at the over two centuries old State Capitol, 22 lawmakers gather on Mondays to confront the increasing cybersecurity threats looming over Virginia residents. This session the House Committee on Communications, Technology and Innovation will consider a variety....
  • Effective Communication Mitigates Risk In A Cybersecurity World - Forbes
    Post written by. Kim Plyler. Author and an accomplished Communications and PR Executive with success in public affairs, crisis strategy, and media relations. The office of personnel management gets hacked, and sensitive data is stolen. Equifax has its data stolen. Credit card information is stolen .
  • Four Ancient Chinese Military Philosophies That Can Help Guide Cybersecurity Today - Forbes
    When Sun Tzu wrote his landmark military treatise The Art of War , he certainly didn’t have cybersecurity in mind. The 13 chapters devoted to military tactics remain one of the most important texts in human history. Though traditional warfare continues on land across the globe, it is now....
  • Ransomware Infects Main Server of Large Insurance Company in Oman
    A ransomware attack has hit Oman United Insurance Company SAOG, one of the largest insurers in Oman, but operations apparently remain unaffected. Finance is one of the sectors most targeted by hackers, including banks, fintech firms, or insurance companies.
Digitpol to attend the The 2nd Europol-ENISA IoT Security Conference, the conference focuses on the...
Digitpol’s CEO Mr Martin Coyne attends the INTERPOL General Assembly in Beijing China Launch Tech...
CARPOL’s plenary meeting took place at Europol in The Hague, held under  the current Dutch Presidency of the Council of the EU. CARPOL is the network of EU law enforcement contact points for tackling cross-border vehicle crime, established based on the Council Decision 919/2004 of 17 December 2004. 
IAATI UK will play host to the National Vehicle Crime Seminar at the Holywell Park Conference Centre at Loughborough LE11 3GR, on Wednesday the 31st May & 1st June 2017; a day and a half event attracting senior practitioners, opinion formers, law enforcement, intuitive projects, vehicle examiners and a healthy cross section of key players from the plant, agricultural, haulage, leisure, salvage, I.T., insurance and motor manufacturer industries. Digitpol vehicle experts, partners and IAATI members attended the important event.