Featured

A recent cyber attack struck a significant blow to the Norwegian government, affecting a total of 12 government ministries. In response to this alarming situation, a crisis staff was promptly assembled. The government minister in charge of handling the response acknowledged the severity of the attack, deeming it "extremely serious." However, it was emphasized that despite the challenges posed by the attack, the government's day-to-day operations continue to function "as normal." "We identified a weakness...

Yesterday, Lookout, Inc., announced the discovery of sophisticated Android surveillanceware known as WyrmSpy and DragonEgg, which has been linked to the Chinese espionage group APT41 (AKA Double Dragon, BARIUM and Winnti). Despite being indicted on multiple charges by the U.S. government for its attacks on more than 100 private and public enterprises in the U.S. and around the world, APT41’s tactics have evolved to include mobile devices. APT41, also known as Double Dragon, BARIUM and...

Dragos, the global leader in cybersecurity for Operational Technology (OT), and Macnica Corporation (Headquarters: Yokohama City, Kanagawa Prefecture, President: Kazumasa Hara, hereinafter referred to as Macnica), have signed an agency agreement to provide Dragos’s OT cybersecurity solutions in Japan, and today have announced availability. Challenges and Background of OT Security Cyber risks are rapidly increasing in critical infrastructure and manufacturing, driven by the rise of threat groups targeting OT and the rise in ransomware attacks....

Cybersecurity firm Rootshell Security has had a busy month, earning recognition for its recent work that led to the identification of three significant vulnerabilities within Microsoft's suite of applications.   Its RedForce team, known for a persistent commitment to a safer digital world, has been instrumental in uncovering the vulnerabilities, officially known as Microsoft Outlook Spoofing Vulnerability (CVE-2023-33151), Microsoft OneNote Spoofing Vulnerability (CVE-2023-33140), and Microsoft Power Apps Spoofing Vulnerability (CVE-2023-32024). The flaws could have had...

Today, Armis and Honeywell have jointly disclosed Crit.IX, 9 new vulnerabilities that Armis researchers found in the Honeywell Experion® DCS platforms (7 of which are critical). These flaws could allow for unauthorised remote code execution on both legacy versions of the Honeywell server and controllers.   If exploited, this would allow an attacker to take over the devices and alter the operation of the DCS controller, whilst also hiding the alterations from the engineering workstation...

Yesterday, Lookout, Inc. announced Lookout China Connect, an extension of the Lookout Cloud Security Platform operating in mainland China. Lookout China Connect simplifies connectivity for remote workers in mainland China without the complexity of a private network, all while complying with China’s legal and regulatory requirements. Global enterprises operating in mainland China must provide local workers with the same application access, security and overall user experience as employees elsewhere. But providing consistent connectivity isn’t easy in...

Most successful breaches involve stolen or compromised credentials that are used to escalate privileges and move laterally across a network, something which privileged access management (PAM) offerings are ideally suited to protect against. Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets and connections, highlights S&P Market Intelligence data showing that just 43% of SMBs have deployed PAM, compared to other leading security technologies like network, email and endpoint security...

Eskenzi PR has today opened nominations for its eighth annual Security Serious Unsung Heroes Awards. The awards are all about celebrating the UK’s cybersecurity professionals, teachers, lecturers, leaders and those working to make the industry not only more secure, but also more diverse and healthier for employees. Key sponsors include KnowBe4 and Decipher Cyber, as well as Bora and the Zensory.    Whether educating the next generation of cyber talent or the public, fighting cybercrime...

Cato Networks, provider of the world’s leading single-vendor SASE platform, addressed mounting security concerns posed by insider threats. Over the past two years, incidents related to insider threats have grown 44%, according to the Ponemon Institute,1 with the cost per incident reaching $15.8 million. Essential to stopping insider threats is first ensuring users and IT administrators only have access to the necessary resources. To those ends, Cato became the first to extend ZTNA to users...

One of the largest healthcare providers in the US, HCA confirmed the breach on Monday 10 July. The data was taken from an external storage location exclusively used to automate the formatting of email messages. Taken from its statement, HCA confirmed that the stolen list contains information used for email messages, such as reminders that patients may wish to schedule an appointment and education on healthcare programs and services. It also confirmed the information taken...