Application Security

Issued by: Dark Reading

Like a member of any profession, a chief information security officer (CISO) grows into their role. They exhibit a maturity curve that can be roughly split into five attitudes: Protection: When a CISO first steps into their role, they look to perfect the basics and build a fortress for themselves in the form of firewalls,…

Malware & Threats

Issued by: DataBreach Today

Ukraine’s domestic intelligence agency revealed earlier this week that it successfully blocked more than 4,500 cyberattacks in 2022. The Security Service of Ukraine, which protects Ukraine’s information and digital security in wartime conditions, says the number of cyberattacks has tripled since last year and increased fivefold since 2020, when only 800 cyberattacks were documented. The…

Software Security

Issued by: Security Affairs

BTC.com is a website that provides services for managing and transferring Bitcoin, it offers a digital wallet for storing Bitcoin, a trading interface for exchanging Bitcoin with other cryptocurrencies and fiat currencies, and a mining platform for participating in the extraction of new Bitcoin coins. BTC.com is one of the largest platforms for transferring Bitcoin…

Application Security

Issued by: DataBreach Today

The U.S. Department of Justice is reportedly investigating the theft of nearly $400 million from FTX. The crypto exchange disclosed in November the day after it filed for bankruptcy that “unauthorized access” had led to the theft. The criminal investigation is separate from the fraud case Justice is pursuing against company co-founder Sam Bankman-Fried, Bloomberg…

Malware & Threats

Issued by: The Hacker News

The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors. “This ransomware variant, dubbed ‘PolyVice,’ implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms,” SentinelOne researcher Antonio Cocomazzi said in an analysis. Vice Society, which is tracked by Microsoft under the…

Application Security

Issued by: Security Affairs

In August password management software firm LastPass disclosed a security breach, threat actors had access to portions of the company development environment through a single compromised developer account and stole portions of source code and some proprietary technical information. In response to the incident, the company deployed containment and mitigation measures and implemented additional enhanced…

Malware & Threats

Issued by: The Hacker News

France’s privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft’s Ireland subsidiary for dropping advertising cookies in users’ computers without their explicit consent in violation of data protection laws in the European Union. The Commission nationale de l’informatique et des libertés (CNIL) noted that users visiting the home page of its Bing…

Network Security

Issued by: Security Week

“The target is that 100 percent of the most important health facilities have undergone these new exercises by May 2023,” the interior, health and digital services ministers announced in a joint statement. Further effort will be made to spread best-practice throughout French hospitals in “the reactions and practices to adopt in case of a cyber…