cybersecurity Archives - Cyber Security Minute

Japan Runs Inaugural Cyber Defense Drills With Pacific Island Nations

Issued by: Dark Reading

Japan held cyber defense exercises with five Pacific island nations last month in an effort to shore up cybersecurity defenses in the region. The cybersecurity exercise event, held in Guam in mid-February, was a first for Japan. Japan’s Ministry of Internal Affairs and Communications led the event, which included government officials and network providers from…

Network Security

Experts Praise White House Port Cybersecurity Initiatives

Issued by: DataBreach Today

New Biden administration cybersecurity standards for U.S. maritime ports mark a crucial step toward addressing long-ignored vulnerabilities in IT and OT systems across the critical infrastructure sector, experts told Information Security Media Group. An executive order released Wednesday institutes mandatory requirements to report cyber incidents that could endanger “any vessel, harbor, port or waterfront facility.”…

Malware & Threats

A ransomware attack took 100 Romanian hospitals down

Issued by: Security Affairs

Authorities in Romania confirmed that a ransomware attack that targeted the Hipocrate Information System (HIS) has disrupted operations for at least 100 hospitals. Hipocrate Information System (HIS) is a software suite designed to manage the medical and administrative activities of hospitals and other healthcare institutions. The attack took place on February 11 and encrypted data…

Vulnerabilities

CISA adds Roundcube Webmail Persistent XSS bug to its Known Exploited Vulnerabilities catalog

Issued by: Security Affairs

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Roundcube Webmail Persistent Cross-Site Scripting (XSS) vulnerability, tracked as CVE-2023-43770, to its Known Exploited Vulnerabilities (KEV) catalog. Roundcube is an open-source web-based email client. It provides a user-friendly interface for accessing email accounts via a web browser. Users can send and receive emails, manage their…

Malware & Threats

More Ransomware Victims Are Declining to Pay Extortionists

Issued by: DataBreach Today

The number of victims who opt to pay a ransom appears to have declined to a record low. During the last three months of 2023, an average of 29% of organizations hit by ransomware paid a ransom, said ransomware incident response firm Coveware, based on thousands of cases on which it worked. In the same…

Vulnerabilities

CISA Orders Ivanti VPN Appliances Disconnected: What to Do

Issued by: Dark Reading

The United States Cybersecurity and Infrastructure Security Agency (CISA) has given Federal Civilian Executive Branch agencies 48 hours to rip out all Ivanti appliances in use on federal networks, over concerns that multiple threat actors are actively exploiting multiple security flaws in these systems. The order is part of the supplemental direction accompanying last week’s…

News

Cybersecurity Incident Shuts Down New Jersey Schools

Issued by: DataBreach Today

Thousands of students in New Jersey were unable to attend school Monday after a cybersecurity incident caused technical difficulties across the Freehold Township School District, administrators said. Superintendent of Schools Neal Dickstein sent an email to families late Sunday night announcing that classes were canceled for the entire district, which includes an early childhood learning…

Malware & Threats

Medusa group steps up ransomware activities

Issued by: CSO Online

A fast rising ransomware outfit is escalating its activities and has launched a new blog offering victims a variety of payoff options, according to a report released Thursday by Palo Alto Networks’ Unit 42. The new Medusa Blog is used by the group to post stolen data with the threat of exposing the data if…

News

EU Enhances Cybersecurity Requirements for Agencies

Issued by: DataBreach Today

The European Union adopted a regulation on mandatory cyber hygiene intended to beef up cybersecurity at EU government agencies amid concerns that trading bloc institutions have failed to keep pace with mounting digital threats. Proposed by the European Commission in 2022, the Cybersecurity Regulation lays down uniform cyber compliance requirements for EU institutions, bodies, offices…

Application Security

Dashlane ditching master passwords

Issued by: CSO Online

The password manager vendor totally embraces passwordless technology. A top-tier password manager maker is ditching the use of master passwords and offering its users a totally passwordless experience. Dashlane made the announcement Wednesday, saying the feature allows new users to create an account without having to set up and remember a master password. It added…