SecurityWeek Briefing

Chines UEFI Rootkit found on Gigabyte and Asus mother boards.

Views expressed in this cybersecurity, cyber crime, and cyber espionage update are those of the reporters and correspondents.

Accessed on 26 July 2022, 2000 UTC.

Content supplied by "SecurityWeek Briefing."


Please click link or scroll down to read your selections.

Thanks for joining us today.

Russ Roberts (machine learning, artificial intelligence, IoT, and information security)

Tuesday, July 26, 2022

Netography Atomized Network

Security for the Atomized Network

Need to discover and secure your Atomized Network? Netography has pioneered an approach to help you do just that. It’s all in our latest paper.

Read Now

The Pendulum Effect and Security Automation
With an approach that is data-driven and flexible, you can get as simple or as advanced as the detection and response demands.
Read the Full Column
 by Marc Solomon

As Cybercriminals Recycle Ransomware, They're Getting Faster
Organizations can strengthen their security posture by getting detailed information on current attack techniques and keeping their employees’ cyber hygiene training up to date.
Read the Full Column
 by Derek Manky

Is an Infrastructure War on the Horizon?
The adoption of IoT technology used to connect SCADA systems to the internet either directly or indirectly dramatically increases the risk of a successful exploit.
Read the Full Column
 by Gordon Lawson

RSAC22 and Infosecurity Europe, Three Weeks, Two Events
It was great to be back in-person at security events, and I enjoyed meeting with people and discussing our solutions face-to-face.
Read the Full Column
 by Laurence Pitt

Cyber-Physical Security: Benchmarking to Advance Your Journey
Over the last few years, the pandemic and work from home paradigm shift have accelerated the convergence of IT and OT networks and necessitated a consolidated strategy to address cyber risks across cyber-physical systems (CPS).
Read the Full Column
 by Galina Antova

Netography Atomized Network

Security for the Atomized Network

Need to discover and secure your Atomized Network? Netography has pioneered an approach to help you do just that. It’s all in our latest paper.

Read Now

See All Recent Articles at SecurityWeek.Com
Netography Atomized Network

Chinese UEFI Rootkit Found on Gigabyte and Asus Motherboards: The CosmicStrand rootkit is located in the firmware images of motherboards using the H81 chipset. Read More

Data Stolen in Breach at Security Company Entrust: Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files. Read More

Data Security Firm Sotero Raises $8 Million in Seed Funding: Data-focused security platform provider Sotero has raised $8 million in an extended seed funding round led by OurCrowd. Read More

New Ducktail Infostealer Targets Facebook Business Accounts via LinkedIn: Marketing and HR professionals have been targeted with Ducktail malware through LinkedIn spear phishing campaigns to hijack Facebook business accounts. Read More

PrestaShop Confirms Zero Day Attacks Hitting eCommerce Servers: A major security vulnerability in the open source PrestaShop software is being exploited in the wild and approximately 300,000 merchant shops are at risk. Read More

Senators Introduce Bipartisan Quantum Computing Cybersecurity Bill: US Senators Rob Portman (R-OH) and Maggie Hassan (D-NH) have introduced a bipartisan bill to strengthen defenses against quantum-computing-enabled data breaches. Read More

Uber Settles With Federal Investigators Over 2016 Data Breach Coverup: Uber has entered a non-prosecution agreement to resolve a criminal investigation into a 2016 data breach that the company tried to cover up. Read More

1,000 Organizations Exposed to Remote Attacks by FileWave MDM Vulnerabilities: Researchers discovered critical vulnerabilities in the FileWave MDM product that could have been exploited to hack over 1,000 organizations. Read More

Updated TSA Pipeline Cybersecurity Requirements Offer More Flexibility: Following complaints from the industry, the TSA has updated its pipeline cybersecurity requirements to provide more flexibility in achieving goals. Read More

Atlassian Expects Confluence App Exploitation After Hardcoded Password Leak: Atlassian warns of the potential exploitation of a recent Questions for Confluence vulnerability after a third-party posts a hardcoded password on Twitter. Read More

T-Mobile Settles to Pay $350M to Customers in Data Breach: T-Mobile has agreed to pay $350 million to customers affected by a class action lawsuit filed after the company disclosed in August 2021. Read More

SonicWall Warns of Critical GMS SQL Injection Vulnerability: SonicWall ships urgent patches for a critical flaw in its Global Management System (GMS) software, warning that the defect exposes businesses to remote hacker attacks. Read More

Chrome Flaw Exploited by Israeli Spyware Firm Also Impacts Edge, Safari: The Chrome vulnerability CVE-2022-2294 that has been exploited by an Israeli spyware company also impacts Microsoft’s Edge and Apple’s Safari web browsers. Read More

Intezer Documents Powerful 'Lightning Framework' Linux Malware: Researchers at Intezer are documenting the intricacies of Lightning Framework, an undetected Swiss Army Knife-like Linux malware capable of installing rootkits. Read More

New Default Account Lockout Policy in Windows 11 Blocks Brute Force Attacks: In the latest Windows 11 insider preview builds, Microsoft has enabled by default an account lockout policy to mitigate RDP and other brute force attacks. Read More

Netography Atomized Network


Popular posts from this blog

SecurityWeek Briefing.

Cyber War Newswire

SecurityWeek Briefing.