cybersecurity Archives - Page 15 of 108

US Agencies Issue Guidance on Responding to DDoS Attacks

Issued by: Security Week

A type of cyberattack targeting applications or websites, denial-of-service (DoS) attacks aim to exhaust the target system’s resources to render it inaccessible to legitimate users. DDoS attacks may target server vulnerabilities to overload network resources or to consume these resources through the reflection of a high volume of network traffic to the target, or may…

Application Security, Software Security

Manufacturing Cybersecurity: Trends & Survey Response

Issued by: Trend Micro Blog

Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, we will discuss the characteristics of each industry, the motivations and…

Vulnerabilities

Australia Flags New Corporate Penalties for Privacy Breaches

Issued by: Security Week

The penalties for serious breaches of the Privacy Act would increase from 2.2 million Australian dollars ($1.4 million) now to AU$50 million ($32 million) under amendments to be introduced to Parliament next week, Attorney-General Mark Dreyfus said. A company could also be fined the value of 30% of its revenues over a defined period if…

Malware & Threats

FBI Warns of Iranian Cyber Firm’s Hack-and-Leak Operations

Issued by: Security Week

Previously known as Eeleyanet Gostar and Net Peygard Samavat, Emennet Pasargad is an organization that often changes its name to avoid US sanctions, and which is known for providing cybersecurity services to government entities in Iran. In November 2020, the US warned that Iranian hackers exploited known vulnerabilities to access voter registration data, and in…

Vulnerabilities

CISA Tells Organizations to Patch Linux Kernel Vulnerability Exploited by Malware

Issued by: Security Week

The vulnerability is tracked as CVE-2021-3493 and it’s related to the OverlayFS file system implementation in the Linux kernel. It allows an unprivileged local user to gain root privileges, but it only appears to affect Ubuntu. CVE-2021-3493 has been exploited in the wild by a stealthy Linux malware named Shikitega, which researchers at AT&T Alien…

Network Security

Cybersecurity Awareness Month: 5 Actionable Tips

Issued by: Security Week

Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month, is in its 19th year. Launched under the guidance of the U.S. Department of Homeland Security and the National Cyber Security Alliance (NCSA), it aims to help Americans stay safe and secure online. This year’s campaign theme – See Yourself in Cyber –…

Malware & Threats

Keystone Health Data Breach Impacts 235,000 Patients

Issued by: Security Week

In a data breach notification published on its website, Keystone is disclosing a cybersecurity incident identified on August 19 and which has resulted in the disruption of some systems. The healthcare provider says it immediately launched an investigation into the incident, which discovered that certain patient information might have been compromised. “Our investigation found that…

Application Security

Cybersecurity Investment Remains Strong, M&A Activity Heads Toward New Annual Record

Issued by: Security Week

Strong areas of interest to investors included blockchain security, IAM, and privacy, while interest in DevSecOps and the need to embed security throughout the software development life cycle is growing. Two very large deals were announced during Q3. On August 29, 2022, OpenText announced an agreement to purchase Micro Focus for a total of $6.7…

Vulnerabilities

Intel Confirms UEFI Source Code Leak as Security Experts Raise Concerns

Issued by: Security Week

Last week, someone announced leaking source code associated with the Alder Lake BIOS — Alder Lake is Intel’s codename for its 12th generation Core processors. The files total nearly 6 Gb and they were made public on GitHub and other websites. Mark Ermolov, a security researcher who specializes in Intel products, analyzed the leaked code…

Vulnerabilities

Personal Information of 123K Individuals Exposed in City of Tucson Data Breach

Issued by: Security Week

The incident was identified at the end of May 2022, but the city concluded its investigation only last month. In a data breach notice on its website, the city says that the incident was the result of compromised network account credentials that allowed the attackers to access files containing the personal information of some individuals….