Article: How PYSA and Lockbit are Dominating the Ransomware Landscape - published over 2 years ago.
Content: The cybercriminal landscape increases quickly with various kinds of ransomware variants and attacks. The NCC group’s report states, the number of ransomware attacks reported in November 2021 has been increased by 1.9% compared to October 2021. The Emergence of New Ransomware Groups NCC Group found a 50% increase in organizations targeted by a new ransomware...
Copy Link: https://cisomag.eccouncil.org/how-pysa-and-lockbit-are-dominating-the-ransomware-landscape/   
Published: 2021 12 23 10:25:52
Received: 2021 12 23 10:46:14
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: New Phishing Campaign Luring Users With Fake Surveys and Giveaways - published over 2 years ago.
Content: Security experts from Group-IB disclosed a new global cyberespionage phishing campaign targeting users in over 90 countries, including the U.S.,  Canada, South Korea, and Italy. It stated that that the campaign mimicked more than 120 global organizations. The scammers leveraged various tactics like fake surveys and brand impersonation to harvest users’ perso...
Copy Link: https://cisomag.eccouncil.org/new-phishing-campaign-luring-users-with-fake-surveys-and-giveaways/   
Published: 2021 12 22 13:00:54
Received: 2021 12 22 13:07:08
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Iranian Nation-State Adversaries Exploit Log4j Flaw Against Israeli Firms - published over 2 years ago.
Content: Ever since the Apache Log4j flaw (CVE-2021-44228) was disclosed, cybercriminals looked for opportunities to exploit it and bypass security protections. Security experts from Check Point recently revealed that an Iranian threat actor group, dubbed Charming Kitten, targeted multiple Israeli firms by exploiting the Log4Shell bugs. Check Point researchers claime...
Copy Link: https://cisomag.eccouncil.org/iranian-nation-state-adversaries-exploit-log4j-flaw-against-israeli-firms/   
Published: 2021 12 22 09:14:20
Received: 2021 12 22 10:06:44
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: New Zero Day in ManageEngine Desktop Central Servers Identified - published over 2 years ago.
Content: FBI issued an alert revealing that APT actors have been actively exploiting a zero-day vulnerability – CVE-2021-44515 – on ManageEngine Desktop Central servers. The APT actors compromised the Desktop Central servers to drop a webshell that overrides a genuine function of Desktop Central. “The actor then downloads post-exploitation tools, enumerating domain u...
Copy Link: https://cisomag.eccouncil.org/new-zero-day-in-manageengine-desktop-central-servers-identified/   
Published: 2021 12 21 14:00:39
Received: 2021 12 21 14:46:21
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Microsoft Warns of Active Directory Vulnerabilities - published over 2 years ago.
Content: Microsoft has urged organizations and users to immediately patch two Active Directory domain service privilege escalation security vulnerabilities. Tracked as CVE-2021-42287 and CVE-2021-42278, these vulnerabilities allow threat actors to takeover Windows domains. While the technology giant fixed these flaws during the November 2021 Patch Tuesday, a proof-of...
Copy Link: https://cisomag.eccouncil.org/microsoft-warns-of-active-directory-vulnerabilities/   
Published: 2021 12 21 13:17:47
Received: 2021 12 21 13:46:16
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Joker Malware Resurfaces; Over 500,000 Android Users Affected - published over 2 years ago.
Content: Breaking into users’ devices via malicious applications is one of the common tactics used by malware authors. Recently, security experts from Pradeo uncovered a malicious mobile app available for download on Google Play, which was installed by more than 500,000 Android users. The malicious app, dubbed Color Message, reportedly infects the targeted devices wi...
Copy Link: https://cisomag.eccouncil.org/joker-malware-resurfaces-over-500000-android-users-affected/   
Published: 2021 12 21 09:33:21
Received: 2021 12 21 10:26:20
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Facebook Issues Cease and Desist Warnings; Bans Seven Surveillance-for-Hire Groups - published over 2 years ago.
Content: Facebook, based on months of investigation, has banned seven cyber entities from their platform for manipulating and engaging in surveillance activity. Facebook revealed that the surveillance services were indiscriminately targeting human rights activists, critics of authoritarian regimes, journalists, opposition parties, and dissidents. “Today, as part of a...
Copy Link: https://cisomag.eccouncil.org/facebook-issues-cease-and-desist-warnings-bans-seven-surveillance-for-hire-groups/   
Published: 2021 12 20 13:49:37
Received: 2021 12 20 14:48:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Conti Ransomware Group Exploits Log4j Flaw to Compromise VMware Servers - published over 2 years ago.
Content: While organizations and security admins worldwide are immersed in mitigating the Log4j vulnerability effects, new exploits are being weaponized to entice more fear. Recently, security experts from AdvIntel revealed that Conti ransomware operators abused the Log4j flaw (CVE-2021-44228) to gain access to the internal VMware vCenter Server and encrypt vulnerabl...
Copy Link: https://cisomag.eccouncil.org/conti-ransomware-group-exploits-log4j-flaw-to-compromise-vmware-servers/   
Published: 2021 12 20 14:12:26
Received: 2021 12 20 14:48:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: China-based Tropic Trooper Actors Target Transportation and Government Sectors - published over 2 years ago.
Content: Security experts identified a new cyber espionage from the Chinese state-sponsored Advanced Persistent Threat (APT) group “Tropic Trooper”  targeting transportation, health care, and government sectors across Hong Kong, the Philippines, and Taiwan. Also known as Earth Centaur and KeyBoy, the Tropic Trooper operators have been active since 2011, conducting va...
Copy Link: https://cisomag.eccouncil.org/china-based-tropic-trooper-actors-target-transportation-and-government-sectors/   
Published: 2021 12 20 09:55:08
Received: 2021 12 20 10:48:01
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: 6 Things CISOs Must Do to Mitigate Risks from Log4j - published over 2 years ago.
Content: Log4j has been tagged by security vendor Tenable as the “single biggest, most critical vulnerability of the last decade.” MITRE rated the vulnerability as critical and assigned a CVSS score of 10/10. News about the Log4j () zero-day vulnerability (CVE-2021-44228, CVE-2021-45046) has been trending since early December. This remote code execution (RCE) vulnera...
Copy Link: https://cisomag.eccouncil.org/mitigate-risks-from-log4j/   
Published: 2021 12 18 05:30:08
Received: 2021 12 18 06:06:15
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: After Colonial, Gas Distributor Superior Plus Suffers Ransomware Attack - published over 2 years ago.
Content: Cyberthreats continue to target organizations in critical infrastructure sectors, causing severe damage to everyday routines. North American propane supplier Superior Plus is the latest victim to join the bandwagon of ransomware attacks. In an official release, Superior Plus confirmed that it sustained a ransomware incident that impacted its computer systems...
Copy Link: https://cisomag.eccouncil.org/after-colonial-gas-distributor-superior-plus-suffers-ransomware-attack/   
Published: 2021 12 16 14:02:22
Received: 2021 12 16 14:27:30
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Microsoft Fixes 6 Zero-day Flaws in December 2021 Patch Tuesday Update - published over 2 years ago.
Content: Microsoft released patches for 67 CVEs in its latest December 2021 Patch Tuesday update. Out of 67 vulnerabilities, 60 were deemed important, and seven were critical. Six zero-day vulnerabilities have also been fixed, which were being exploited in the wild. The December 2021 Patch Tuesday update resolved vulnerabilities affecting Microsoft Office, Microsoft ...
Copy Link: https://cisomag.eccouncil.org/microsoft-december-2021-patch-tuesday/   
Published: 2021 12 16 12:58:49
Received: 2021 12 16 13:27:34
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Threat Actors Exploit Log4j Vulnerability to Deploy Khonsari Ransomware - published over 2 years ago.
Content: Days after the disclosure of Log4Shell, a critical zero-day vulnerability CVE-2021-44228 in the Apache Log4j library, researchers have now identified threat actors exploiting the Log4Shell flaw to deploy a new ransomware variant Khonsari and a remote access Trojan Orcus. Threat actors allegedly exploited the flaw using botnets like Mirai and Muhstik against ...
Copy Link: https://cisomag.eccouncil.org/threat-actors-exploit-log4j-vulnerability-to-deploy-khonsari-ransomware/   
Published: 2021 12 16 10:27:23
Received: 2021 12 16 11:07:38
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Fear Fatigue Exploits Cybersecurity of Remote Employees - published over 2 years ago.
Content: The increasing hybrid workforce due to the global pandemic has severely impacted cybersecurity, bringing swift changes in the work environment. The latest report from Malwarebytes revealed that the ongoing pandemic and hybrid workforce is reshaping how organizations and employees secure data and their thoughts towards cyberattacks. The report, “Still Endurin...
Copy Link: https://cisomag.eccouncil.org/fear-fatigue-exploits-cybersecurity-of-remote-employees/   
Published: 2021 12 15 13:12:52
Received: 2021 12 15 13:47:13
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: U.S. Consumers Lost $148 million to Gift Card Scams in 2021 - published over 2 years ago.
Content: The holiday season is around the corner, and cybercriminals are already targeting users with fake shopping deals and scams. A report from the U.S. Federal Trade Commission (FTC) revealed that Americans lost $148 million to gift card scams during the first nine months of 2021, which is an increase compared to last year. The report stated that over 40,000 cons...
Copy Link: https://cisomag.eccouncil.org/u-s-consumers-lost-148-million-to-gift-card-scams-in-2021/   
Published: 2021 12 15 09:42:26
Received: 2021 12 15 10:25:54
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Kronos Private Cloud Customers Impacted by a Ransomware Attack - published over 2 years ago.
Content: The cybersecurity space is abuzz with service disruptions, stolen data, account hacks, scams, data breaches, and ransomware attacks. Some of these make headlines every day. No one is secure, be it Ikea, Volvo, the critical infrastructures, the crypto wallets, or even the Prime Minister of India, whose Twitter account was recently hacked. Both individuals and...
Copy Link: https://cisomag.eccouncil.org/kronos-private-cloud-customers-impacted-by-a-ransomware-attack/   
Published: 2021 12 14 13:17:25
Received: 2021 12 14 14:47:16
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Did Snatch Ransomware Snitch Volvo Cars’ R&D Data? - published over 2 years ago.
Content: As news of ransomware attacks continue to grow, Volvo Cars is another name that has found a place on the victim list. By Minu Sirsalewala, Editorial Consultant, CISO MAG In a recent notice, Volvo Cars confirmed that it was a victim of data breach by a third-party; its R&D file repository was illegally accessed and some data was stolen. Snatch ransomware ...
Copy Link: https://cisomag.eccouncil.org/did-snatch-ransomware-snitch-volvo-cars-rd-data/   
Published: 2021 12 13 15:30:33
Received: 2021 12 14 05:26:41
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Did Snatch Ransomware Snitch Volvo Cars R&D Data? - published over 2 years ago.
Content: As news of ransomware attacks continue to grow, Volvo Cars is another name that has found a place on the victim list. By Minu Sirsalewala, Editorial Consultant, CISO MAG In a recent notice, Volvo Cars confirmed that it was a victim of data breach by a third-party; its R&D file repository was illegally accessed and some data was stolen. Snatch ransomware ...
Copy Link: https://cisomag.eccouncil.org/did-snatch-ransomware-snitch-volvo-cars-rd-data/   
Published: 2021 12 13 15:30:33
Received: 2021 12 13 16:06:34
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Hackers Actively Exploit Log4Shell Flaw in Apache Log4j - published over 2 years ago.
Content: Log4Shell, a severe zero-day vulnerability in Apache Log4j library, sheds light on the risky practices of organizations relying on open-source code libraries to build enterprise-scale applications. The remote code execution (RCE) vulnerability CVE-2021-44228 reportedly allows remote hackers to execute arbitrary code and take full control of the vulnerable de...
Copy Link: https://cisomag.eccouncil.org/hackers-actively-exploit-log4shell-flaw-in-apache-log4j/   
Published: 2021 12 13 14:02:53
Received: 2021 12 13 15:06:45
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Hackers Compromise PM Modi’s Twitter Account To Publish a Bitcoin Post - published over 2 years ago.
Content: Not all cybercriminal activities are intended to steal credentials. Several threat actor groups often compromise/penetrate social media accounts of public figures such as political leaders, entrepreneurs, and movie actors to show their presence and hacking capabilities. Recently, threat actors compromised the Twitter handle of Indian Prime Minister Narendra ...
Copy Link: https://cisomag.eccouncil.org/hackers-compromise-pm-modis-twitter-account-to-publish-a-bitcoin-post/   
Published: 2021 12 13 10:45:12
Received: 2021 12 13 11:06:39
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Russia Blocks Tor Web Over Privacy Concerns - published over 2 years ago.
Content: Restrictions on internet usage and other online products are quite common in Russia. According to a report, the country banned the Tor web anonymity services and six virtual private network (VPN) operators for allowing citizens access to illegal content. The VPN services blocked included Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, and PrivateTun...
Copy Link: https://cisomag.eccouncil.org/russia-blocks-tor-web-over-privacy-concerns/   
Published: 2021 12 10 13:55:23
Received: 2021 12 10 15:06:42
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Around 300,000 MikroTik Devices Vulnerable to Hacker Intrusions - published over 2 years ago.
Content: Threat actors often prey on vulnerable devices to break into targeted networks. With most employees working remotely, cybercriminals increased their hacking attempts targeting vulnerable commercial IoT devices like Wi-Fi routers. Recently, a security research report from Eclypsium revealed that over 300,000 IP addresses related to MikroTik devices were expos...
Copy Link: https://cisomag.eccouncil.org/around-300000-mikrotik-devices-vulnerable-to-hacker-intrusions/   
Published: 2021 12 10 10:59:24
Received: 2021 12 10 12:06:58
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Organizations Losing Trust in Security Vendors Amid Rising Cyberattacks - published over 2 years ago.
Content: Organizations that use services of mainstream software providers continue to face trust issues amid the increase in supply chain and ransomware attacks, a recent report from CrowdStrike revealed. The 2021 CrowdStrike Global Security Attitude Survey report stated that nearly 63% of respondents lost trust in mainstream software suppliers due to security issues...
Copy Link: https://cisomag.eccouncil.org/organizations-losing-trust-in-security-vendors-amid-rising-cyberattacks/   
Published: 2021 12 09 14:32:33
Received: 2021 12 09 15:28:25
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Emotet Bypassing TrickBot to Drop Cobalt Strike Beacons - published over 2 years ago.
Content: Mid-November 2021 saw the Emotet botnet resurface and was widely reported. The botnet had been taken down by law enforcement agencies in January 2021 and had been inactive since then. In the latest update, it has been reported that Emotet is using the Cobalt Strike pentesting tool to launch its ransomware attacks. Threat actors leveraging Emotet were known t...
Copy Link: https://cisomag.eccouncil.org/emotet-bypassing-trickbot-to-drop-cobalt-strike-beacons/   
Published: 2021 12 09 13:34:06
Received: 2021 12 09 14:26:38
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: QNAP Warns About New Bitcoin Miner Targeting NAS Devices - published over 2 years ago.
Content: Hardware vendor QNAP released a security advisory warning its users about a new cryptomining malware targeting its network-attached storage (NAS) devices. The Taiwan-based company urged users to take necessary security measures to prevent the ongoing malware campaign. Once the malware infects a NAS device, the CPU usage becomes unusually high, where a proces...
Copy Link: https://cisomag.eccouncil.org/qnap-warns-about-new-bitcoin-miner-targeting-nas-devices/   
Published: 2021 12 08 14:32:24
Received: 2021 12 08 17:46:10
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Google Takes Legal Action Against Glupteba Botnet - published over 2 years ago.
Content: Google recently disrupted the malware activities of a sophisticated botnet – Glupteba. The search engine giant claimed the Glupteba botnet has been targeting Windows systems by protecting itself using blockchain technology. Google disrupted the key command and control infrastructure of the Glupteba to dissolve its operations completely. “Botnets are a real t...
Copy Link: https://cisomag.eccouncil.org/google-takes-legal-action-against-glupteba-botnet/   
Published: 2021 12 08 10:16:39
Received: 2021 12 08 10:26:30
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Microsoft Disrupts Chinese Threat Actor Group Nickel - published over 2 years ago.
Content: Microsoft announced that it had disrupted the operations of a Chinese cyberespionage group targeting organizations in the U.S. and 28 other countries. Tracked as Nickel, the advanced persistent threat (APT) group has been linked to various cyberattacks across the globe since 2012, under different names including APT15, Bronze Palace, Ke3Chang, Mirage, Playfu...
Copy Link: https://cisomag.eccouncil.org/microsoft-disrupts-chinese-threat-actor-group-nickel/   
Published: 2021 12 07 14:02:20
Received: 2021 12 07 14:06:53
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Nobelium’s Phishing Campaign Targets French Entities - published over 2 years ago.
Content: In a report, the ANSSI (French National Cybersecurity Agency) revealed that it has observed several phishing campaigns directed against French entities since February 2021. These compromised email accounts of French organizations were used to spread the malware and send malicious emails to foreign institutions and they have been ascribed to the Nobelium set....
Copy Link: https://cisomag.eccouncil.org/nobeliums-phishing-campaign-targets-french-entities/   
Published: 2021 12 07 13:05:20
Received: 2021 12 07 13:06:48
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Hackers Steal Cryptocurrency Worth $150 Mn From BitMart Exchange - published over 2 years ago.
Content: The evolution of cryptocurrencies has attracted cybercriminal groups globally.  Cryptocurrency exchanges and hot wallets continue to become a primary target for threat actors.  The recent victim to join the bandwagon of crypto hacks is the cryptocurrency trading platform BitMart. In an official statement, the company stated that it had sustained a large-scal...
Copy Link: https://cisomag.eccouncil.org/hackers-steal-cryptocurrency-worth-150-mn-from-bitmart-exchange/   
Published: 2021 12 06 14:02:58
Received: 2021 12 06 14:47:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Cuba Ransomware Infringed 49 Critical Infrastructure Entities - published over 2 years ago.
Content: In a flash alert, the Federal Bureau of Investigation (FBI), in coordination with DHS/CISA, identified that since early November 2021, Cuba ransomware had infiltrated around 49 entities; from the critical infrastructure sector such as financial, government, healthcare, manufacturing, and information technology in the country. Per the flash alert, Cuba ransom...
Copy Link: https://cisomag.eccouncil.org/fbi-flash-alert-cuba-ransomware-infringed-49-critical-infrastructure-entities/   
Published: 2021 12 06 12:38:00
Received: 2021 12 06 13:47:01
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Pakistani APT Group ‘SideCopy’ Targets Officials in India and Afghanistan - published over 2 years ago.
Content: Several threat actor groups have targeted public and private organizations in India lately, affecting critical infrastructures in the country. Recently, security experts from Malwarebytes revealed that a Pakistani APT group SideCopy has been targeting ministries in India and Afghanistan to pilfer Google, Twitter, and Facebook credentials and obtain access to...
Copy Link: https://cisomag.eccouncil.org/pakistani-apt-group-sidecopy-targets-officials-in-india-and-afghanistan/   
Published: 2021 12 06 09:54:19
Received: 2021 12 06 10:07:50
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: FBI and CISA Warn About Actively Exploited Vulnerability in Zoho - published over 2 years ago.
Content: The Cybersecurity and Infrastructure Security Agency (CISA) and FBI warned about the ongoing exploitation of the recently addressed vulnerability in Zoho’s ManageEngine ServiceDesk Plus product. Tracked as CVE-2021-44077, the unauthenticated remote code execution vulnerability affects all ServiceDesk Plus versions up to and including version 11305. Successfu...
Copy Link: https://cisomag.eccouncil.org/fbi-and-cisa-warn-about-actively-exploited-vulnerability-in-zoho/   
Published: 2021 12 03 14:02:46
Received: 2021 12 03 15:07:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: NHS U.K. Warns About Fake Omicron PCR Test Alerts - published over 2 years ago.
Content: Just when the world is trying to come to terms with the challenges unleashed by the COVID-19 virus, we have another variant, Omicron.  Threat actors are already eyeing the new variant to trick victims into phishing. The National Health Service (NHS) U.K. has issued a warning through its Twitter handle requesting the citizens to not fall prey to an email warr...
Copy Link: https://cisomag.eccouncil.org/nhs-uk-used-to-send-fake-omicron-pcr-test-alerts-by-threat-vectors/   
Published: 2021 12 03 12:57:14
Received: 2021 12 03 13:06:28
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Finland Warns About ‘Flubot’ Malware Spread Via SMS - published over 2 years ago.
Content: FluBot – an infamous banking malware that affected thousands of users across Australia and the U.K. – is now active in Finland. In an official alert, Finland’s National Cyber Security Centre (NCSC-FI) warned about a massive FluBot malware campaign targeting Android users in the country since June 2021. The Finnish Transport and Communications Agency has repo...
Copy Link: https://cisomag.eccouncil.org/finland-warns-about-flubot-malware-spread-via-sms/   
Published: 2021 12 03 09:41:11
Received: 2021 12 03 10:07:53
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Threat Actors Leverage Smishing to Target Iran Citizens - published over 2 years ago.
Content: Security researchers from Check Point found ongoing malware campaigns targeting Iran citizens. The campaign reportedly uses socially engineered SMS messages to infect tens of thousands of victims’ devices. The researchers stated that attackers leveraged specially crafted messages to impersonate officials from the Iranian government to trick victims into down...
Copy Link: https://cisomag.eccouncil.org/threat-actors-leverage-smishing-to-target-iran-citizens/   
Published: 2021 12 02 14:02:58
Received: 2021 12 02 14:46:05
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: India in the Top 5 Countries for Access to Corporate Networks: Report - published over 2 years ago.
Content: Group-IB, a global cybersecurity leader based in Singapore, presented its research into global cyberthreats titled “Hi-Tech Crime Trends 2021/2022” at its annual threat hunting and intelligence CyberCrimeCon’21 conference. As part of the report, which explores cybercrime developments in H2 2020 — H1 2021, Group-IB researchers analyze the increasing complexit...
Copy Link: https://cisomag.eccouncil.org/india-in-the-top-5-countries-for-access-to-corporate-networks-report/   
Published: 2021 12 02 12:14:51
Received: 2021 12 02 12:46:26
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Over 4 Mn Payment Card Details Hawked on Dark Web - published over 2 years ago.
Content: Financial information like credit/debit card and bank account numbers continue to be peddled on underground dark web markets. Threat actor groups and other cybercriminal affiliates often rely on the darknet markets to obtain sensitive financial data and exploit it later. A new analysis from NordVPN found over 4 million (4,481,379) payment card details, belon...
Copy Link: https://cisomag.eccouncil.org/over-4-mn-payment-card-details-hawked-on-dark-web/   
Published: 2021 12 02 10:10:18
Received: 2021 12 02 10:46:20
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: U.K. Govt. Fines Clearview $22.6 Mn Over Privacy Violations - published over 2 years ago.
Content: From bringing up PSIT Bill to strengthen the IoT devices security to collaborating with other countries to boost cybersecurity, the U.K. government is in full action to thwart growing security incidents in the country. Recently, the Information Commissioner’s Office (ICO) in the U.K. imposed a potential fine of £17 million ($22.6m) on Clearview AI Inc for vi...
Copy Link: https://cisomag.eccouncil.org/u-k-govt-fines-clearview-22-6-mn-over-privacy-violations/   
Published: 2021 12 01 14:02:51
Received: 2021 12 01 14:26:10
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Panasonic Concurs Breach Due to Third-Party Access to its File Server - published over 2 years ago.
Content: Panasonic Corporation, a Japanese consumer electronics giant has concurred that a third-party accessed its file server on its network on November 11, 2021. A global press release states that through an internal investigation, it was established that some data on a file server had been accessed by a third-party during the intrusion. After detecting the unauth...
Copy Link: https://cisomag.eccouncil.org/panasonic-concurs-breach-due-to-third-party-access-to-its-file-server/   
Published: 2021 12 01 12:30:00
Received: 2021 12 01 13:26:23
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Security Vulnerabilities Discovered in HP’s 150 Multi-function Printers - published over 2 years ago.
Content: Adversaries exploiting unpatched vulnerabilities become a constant security concern for organizations. Cybersecurity researchers from F-Secure recently discovered multiple critical vulnerabilities in 150 multifunction printers (MFPs) manufactured by Hewlett Packard (HP).  The researchers stated the security flaws CVE-2021-39237 and CVE-2021-39238 could enabl...
Copy Link: https://cisomag.eccouncil.org/security-vulnerabilities-discovered-in-hps-150-multi-function-printers/   
Published: 2021 12 01 10:43:06
Received: 2021 12 01 11:26:30
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Over 300,000 Users Affected by 4 Android Banking Trojans - published over 2 years ago.
Content: Security researchers from Threatfabric uncovered four different Android banking Trojans distributed via the Google Play Store between August and November 2021. The Trojans reportedly made over 300,000 infections via different kinds of dropper apps disguised as legitimate smartphone applications. The Four Android Banking Trojans include:  Anatsa (also known ...
Copy Link: https://cisomag.eccouncil.org/over-300000-users-affected-by-4-android-banking-trojans/   
Published: 2021 11 30 14:38:56
Received: 2021 11 30 15:06:41
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: IKEA Becomes Victim to Email Reply-Chain Attack - published over 2 years ago.
Content: CISO Mag has been writing about increasing cyberattacks given the onset of the festive season and how to be vigilant and safeguard against these threat actors. Reports on breaches and attacks continue to trickle in with renewed cyberattack techniques. The latest is the email reply-chain attack that was used to launch a phishing campaign. IKEA a global furnit...
Copy Link: https://cisomag.eccouncil.org/ikea-a-victim-of-email-reply-chain-attack/   
Published: 2021 11 30 11:37:20
Received: 2021 11 30 13:06:41
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: These are the Most Common Passwords of 2021 - published over 2 years ago.
Content: We cannot ignore the significance of strong passwords while talking about cybersecurity. Most internet users still use easy-to-guess credentials or reuse passwords, making a hacker’s jobs easy. Adversaries often steal credentials or crack passwords to break into users’ online accounts. Poor password management could result in serious data security issues for...
Copy Link: https://cisomag.eccouncil.org/these-are-the-most-common-passwords-of-2021/   
Published: 2021 11 29 14:32:11
Received: 2021 11 29 15:26:47
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Israel Cuts Off 65 Countries from Cyber Export List Citing Misuse of Hacking Tools - published over 2 years ago.
Content: Apple has sued Israel-based NSO Group for state-sponsored surveillance, and now Israel has limited the number of countries that can buy the hacking and surveillance tools from the region. According to reports, Israel has come down stringently on the local companies that are authorized to sell cybersecurity tools and pruned the list from 102 to 37 countries. ...
Copy Link: https://cisomag.eccouncil.org/israel-cuts-off-65-countries-from-cyber-export-list-citing-misuse-of-hacking-tools/   
Published: 2021 11 29 14:06:06
Received: 2021 11 29 14:26:46
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Italy’s Antitrust Regulator Fines Google and Apple for Poor Data Practices - published over 2 years ago.
Content: Sensitive data is a goldmine for adversaries. Recently, the Italian Antitrust Authority fined Google Ireland Ltd. and Apple Distribution International Ltd. €10 million ($11.26 million) each, citing aggressive data practices. The agency stated that both companies had violated the Consumer Code practices during customers’ data acquisition and commercial use. B...
Copy Link: https://cisomag.eccouncil.org/italys-antitrust-regulator-fines-google-and-apple-for-poor-data-practices/   
Published: 2021 11 29 09:31:07
Received: 2021 11 29 10:26:44
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: GoDaddy Discloses Security Breach; Data of 1.2 Mn WordPress Users Exposed - published over 2 years ago.
Content: GoDaddy, a domain name registrar and web hosting company, disclosed a data breach incident which exposed the data of 1.2 million customers. A disclosure published by the company notified that in an incident discovered on November 17, 2021, an unauthorized third party had accessed the company’s Managed WordPress hosting environment.  The unauthorized access w...
Copy Link: https://cisomag.eccouncil.org/godaddy-discloses-security-breach-data-of-1-2-mn-wordpress-users-exposed/   
Published: 2021 11 23 13:56:18
Received: 2021 11 29 10:07:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: E-Skimmers Prey on Online Shoppers Amid Black Friday and Cyber Monday - published over 2 years ago.
Content: While online shoppers are excited to grab the lightning deals, opportunistic cybercriminals are preying on exploits to compromise websites and steal data. The U.K. government has recently warned about Magecart actors targeting online businesses via e-skimming attacks. The National Cyber Security Centre (NCSC) in the U.K. stated that cybercriminals exploit un...
Copy Link: https://cisomag.eccouncil.org/e-skimmers-prey-on-online-shoppers-amid-black-friday-and-cyber-monday/   
Published: 2021 11 24 09:54:19
Received: 2021 11 29 10:07:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Apple Files Lawsuit Against NSO Group for State-sponsored Surveillance - published over 2 years ago.
Content: Israel’s cyber intelligence and surveillance company NSO Group is once again in a legal row. On November 23, 2021, Apple stated that the company has filed a lawsuit against NSO Group and its parent company to hold it accountable for the surveillance and targeting of Apple users. “The complaint provides new information on how NSO Group infected victims’ devic...
Copy Link: https://cisomag.eccouncil.org/apple-files-a-lawsuit-against-nso-group-for-state-sponsored-surveillance/   
Published: 2021 11 24 12:06:52
Received: 2021 11 29 10:07:04
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: New Trojan ‘‘Android.Cynos.7.origin’’ Infects 9Mn Android Devices - published over 2 years ago.
Content: Security researchers from Doctor Web have discovered a new Trojan that has infected over 9.3 million Android devices. The Trojan, dubbed “Android.Cynos.7.origin,” is a new kind of malware that disguises itself as various mobile games on Huawei’s AppGallery marketplace. Android.Cynos.7.origin Explained Android.Cynos.7.origin steals information from a victim’...
Copy Link: https://cisomag.eccouncil.org/new-trojan-android-cynos-7-origin-infects-9mn-android-devices/   
Published: 2021 11 24 14:03:36
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Iranian Threat Actors Leverage PowerShortShell to Exploit Microsoft Flaw - published over 2 years ago.
Content: Security experts from SafeBreach Labs identified a new Iranian threat actor group exploiting a Microsoft MSHTML Remote Code Execution (RCE) flaw – CVE-2021-40444. The group reportedly used a new PowerShell stealer code, dubbed PowerShortShell, to target social media accounts of Farsi-speaking users since mid-September 2021. PowerShortShell Explained SafeBre...
Copy Link: https://cisomag.eccouncil.org/iranian-threat-actors-leverage-powershortshell-to-exploit-microsoft-flaw/   
Published: 2021 11 25 09:19:28
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: CISA, FBI Ask Critical Infrastructure Partners to be Vigilant This Festive Season - published over 2 years ago.
Content: With the onset of the holiday season, employees, especially in the West, take off on the much-awaited annual leave and head home for family vacations. It is also the time when threat actors wait for their annual bounty. With holiday fever at its peak and organizations in “out of office” mode, cybercriminals continue to be in “active mode.” See also: How to S...
Copy Link: https://cisomag.eccouncil.org/cisa-fbi-ask-critical-infrastructure-partners-to-be-vigilant-this-holiday-season/   
Published: 2021 11 25 13:04:04
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Vulnerabilities in MediaTek Chips Found in 37% of Smartphones Worldwide - published over 2 years ago.
Content: Security experts from Check Point discovered multiple security flaws in smartphone chips developed by MediaTek, which could have led attackers to spy on Android Users. In its report, Check Point identified multiple vulnerabilities inside the chip’s audio processor embedded in 37% of smartphones worldwide. Taiwan-based MediaTek is one of the largest chipset v...
Copy Link: https://cisomag.eccouncil.org/vulnerabilities-in-mediatek-chips-found-in-37-of-smartphones-worldwide/   
Published: 2021 11 25 14:00:39
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: U.K. Government Introduces PSTI Bill to Strengthen IoT Security - published over 2 years ago.
Content: The U.K. government has introduced the Product Security and Telecommunications Infrastructure (PSTI) Bill in Parliament to strengthen consumers’ Internet of Things (IoT) against rising hacker intrusions. The new legislation requires IoT manufacturers, importers, and distributors to meet certain cybersecurity standards. The Bill supports the introduction of g...
Copy Link: https://cisomag.eccouncil.org/u-k-government-introduces-psti-bill-to-strengthen-iot-security/   
Published: 2021 11 26 09:53:45
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: Exposed Services Commonly Observed in Public Clouds - published over 2 years ago.
Content: Cloud misconfigurations become one of the major reasons for unauthorized intrusions and accidental data breaches. Threat actors often target unsecured or poorly configured cloud infrastructures to compromise and steal classified information. Recently, security experts from Palo Alto Network’s Unit 42 performed a honeypot experiment to determine how fast cybe...
Copy Link: https://cisomag.eccouncil.org/exposed-services-commonly-observed-in-public-clouds/   
Published: 2021 11 26 13:49:41
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security

Article: CyberCrimeCon 2021: Top-tier Cybersecurity Gathering to Go Live on December 2 - published over 2 years ago.
Content: Group-IB, one of the global cybersecurity leaders, will stream its annual signature event CyberCrimeCon on December 2, 2021. The 10th edition of CyberCrimeCon, a global threat hunting and intelligence conference, will assemble more than 5,000 cybersecurity pros from around the world and reveal research findings and investigation insights into the recent oper...
Copy Link: https://cisomag.eccouncil.org/cybercrimecon-2021-top-tier-cybersecurity-gathering-to-go-live-on-december-2/   
Published: 2021 11 29 05:30:27
Received: 2021 11 29 10:07:03
Feed: CISO Mag - News
Source: CISO Mag
Category: News
Topic: Cyber Security