SecurityWeek: Cybersecurity News.

"Cybersecurity News, Insights, & Analysis from 'SecurityWeek.com.'"

Views expressed in this cybersecurity, cyber crime update ar those of the reporters and correspondents.  Accessed on 06 October 2023, 2118 UTC.  Content provided by email subscription to "SecurityWeek.com.").

Source:  https://www.securityweek.com/ ("SecurityWeek.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST CYBERSECURITY NEWS

MGM Resorts Says Ransomware Hack Cost $110 Million

MGM Resorts said costs from a disruptive ransomware hack has exceeded $110 million, including $10 million in one-time consulting cleanup fees.

Android Devices With Backdoored Firmware Found in US Schools

A global cybercriminal operation called BadBox has infected the firmware of more than 70,000 Android smartphones, CTV boxes, and tablets with the Triada malware.

Microsoft Releases New Report on Cybercrime, State-Sponsored Cyber Operations

US, Ukraine, and Israel remain the most heavily attacked by cyberespionage and cybercrime threat actors, Microsoft says.

In Other News: Funding Increase, Abuse of Smartphone Location Data, Legal Matters

Noteworthy stories that might have slipped under the radar: cybersecurity funding increases, new laws, and government’s illegal use of smartphone location data.

Organizations Warned of Top 10 Cybersecurity Misconfigurations Seen by CISA, NSA

CISA and the NSA are urging network defenders and software developers to address the top ten cybersecurity misconfigurations.

Nonprofit Service Provider Blackbaud Settles Data Breach Case for $49.5M With States

The fundraising software company Blackbaud has agreed to pay $49.5 million to settle claims brought by the attorneys general of 49 states and Washington, D.C., related to a 2020 data breach.

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws

CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range.

Cisco Plugs Gaping Hole in Emergency Responder Software

Cisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted.

GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks

GitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services.

BlackBerry to Split Cybersecurity, IoT Business Units

BlackBerry plans to split its cybersecurity and IOT (Internet of Things) businesses and pursue an IPO for the IOT unit early next year.

Red Cross Publishes Rules of Engagement for Hacktivists During War

ICRC is telling hacktivists involved in conflict during war to avoid targeting civilian objectives and hospitals, or making threats of violence.

CISA, NSA Publish Guidance on IAM Challenges for Developers, Vendors

New US government guidance details the challenges that application developers and vendors face in identity and access management (IAM).

Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol

The Linux Foundation has announced OpenPubkey, an open source cryptographic protocol that should help boost supply chain security. 

Video conferencing vulnerabilities

CISA Reverses Course on Malicious Exploitation of Video Conferencing Device Flaws

CISA has removed from its KEV catalog five Owl Labs video conferencing flaws that require the attacker to be in Bluetooth range.

Sony hacked

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Qualcomm zero-day

Qualcomm Patches 3 Zero-Days Reported by Google

TOP CYBERSECURITY HEADLINES

MGM Resorts Says Ransomware Hack Cost $110 Million

MGM Resorts said costs from a disruptive ransomware hack has exceeded $110 million, including $10 million in one-time consulting cleanup fees.

Android Devices With Backdoored Firmware Found in US Schools

A global cybercriminal operation called BadBox has infected the firmware of more than 70,000 Android smartphones, CTV boxes, and tablets with the Triada malware.

Microsoft Releases New Report on Cybercrime, State-Sponsored Cyber Operations

US, Ukraine, and Israel remain the most heavily attacked by cyberespionage and cybercrime threat actors, Microsoft says.

In Other News: Funding Increase, Abuse of Smartphone Location Data, Legal Matters

Noteworthy stories that might have slipped under the radar: cybersecurity funding increases, new laws, and government’s illegal use of smartphone location data.

SECURITYWEEK INDUSTRY EXPERTS

Addressing the People Problem in Cybersecurity

Addressing the people problem with effective approaches and tools for users and security practitioners will enable us to work smarter, and force attackers into a position where they must work harder.

Read more

Network, Meet Cloud; Cloud, Meet Network

The widely believed notion that the network and the cloud are two different and distinct entities is not true.

Read more

Moving From Qualitative to Quantitative Cyber Risk Modeling

Migrating to a quantitative cyber risk model of analysis allows for more accurate data, which leads to more informed decision-making.

Read more

Every Network Is Now an OT Network. Can Your Security Keep Up?

Many previously isolated OT networks, like manufacturing, processing, distribution, and inventory management, have now been woven into larger IT networks.

Read more

Navigating the Digital Frontier in Cybersecurity Awareness Month 2023

ZTNA stands out as a solution that enables organizations to minimize their attack surface while ensuring the productivity and security of their remote workforce.

Read more

TRENDING

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Johnson Controls Ransomware Attack Could Impact DHS

Lyca Mobile Services Significantly Disrupted by Cyberattack

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

Companies Address Impact of Exploited Libwebp Vulnerability 

MGM Resorts Says Ransomware Hack Cost $110 Million

Cisco Plugs Gaping Hole in Emergency Responder Software

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

 

Webinar: Beyond VPN Replacement: Other ZTNA superpowers CISOs Should Know

 Tuesday, August 22, 2023

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Webinar: Scaling Software Supply Chain Security: Driving Actionable SBOM Management with the OpenSSF S2C2F OSS Specification

Thursday, September 7, 2023

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

SecurityWeek Briefing.

Image
"Microsoft offers up to $15,000 in New AI Bug Bounty Program." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 October 2023, 2020 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxdZHmrfcBkMDJSSNTtHlmhQX ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Friday, October 13, 2023 CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Juniper Networks Patches Over 30 Vulnerabilities in Junos OS In Other News : Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Researcher Co
Read more

Cyber War Newswire

Image
"Fears Russian 'space weapon' could be used for cyberwarfare and sabotage." Views expressed in this cybersecurity and cyberespionage update are those of the reporters and correspondents.  Accessed on 23 May 2024, 2016 UTC. Content and Source:  https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig/Cyber War News-EIN Presswire. Please scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). CYBER WAR NEWS MONITORING Get by    Email    •     RSS Published on  May 22, 2024 Fears Russian 'space weapon' could be used for cyberwarfare and sabotage The US has accused Russia of launching an anti-satellite weapon into space and placing it in the same orbit as an American probe, leading to fears of possible sabotage and cyber warfare. Pentagon spokesman Brigadier General Pat
Read more

SecurityWeek Briefing.

Image
"Health Care Solutions giant disrupted by Cyberattack." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 October 2023, 2033 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGwHLhdlHbpbQJXqhLLSvQbhdnC ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Thursday, October 19, 2023 Healthcare Solutions Giant Disrupted by Cyberattack Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program CipherStash Raises $3 Million for Encryption-in-Use Technology US Government Releases Anti-Phishing Guidance Google Play Protect Gets Real-Time Code Scanning Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,00
Read more