Uncertainty is the Most Common Driver of Noncompliance

/in

Most compliance leaders tend to focus on building an ethical culture in their organizations to improve employee behavior, but it has a limited impact on addressing uncertainty about how to be compliant, according to a survey by Gartner.

Cyware News – Latest Cyber News – ​Read More

GitHub Comments Abused to Push Malware via Microsoft Repository URLs

/in

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy.

Cyware News – Latest Cyber News – ​Read More

Majority of Businesses Worldwide are Implementing Zero Trust, Gartner Finds

/in

Almost two-thirds of organizations across the globe have either fully or partially implemented zero-trust strategies, according to a report released Monday by Gartner based on a survey of 303 security leaders.

Cyware News – Latest Cyber News – ​Read More

Cyber Insurance Gaps Stick Firms With Millions in Uncovered Losses

/in

The majority of companies, 4 in 5, have suffered a cyberattack that wasn’t fully covered under their cyber insurance policy, according to an analysis by cyber risk quantification firm CYE.

Cyware News – Latest Cyber News – ​Read More

Sharp Stealer: New Info-stealer Malware Targets Gamers, Crypto Enthusiasts

/in

The malware does not try to hide its presence in the system from antivirus programs and has not gained much popularity in the underground yet, indicating that it is a new player in the market.

Cyware News – Latest Cyber News – ​Read More

U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse

/in

The U.S. Department of State on Monday said it’s taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses.
“These individuals have facilitated or derived financial benefit from the misuse of this technology, which

The Hacker News – ​Read More

Researchers Warn Windows Defender Attack can Delete Databases

/in

Researchers at US-Israeli infosec outfit SafeBreach recently discussed flaws in Microsoft and Kaspersky endpoint security products that can potentially allow the remote deletion of files.

Cyware News – Latest Cyber News – ​Read More

Russia’s APT28 Exploited Windows Print Spooler Flaw to Deploy ‘GooseEgg’ Malware

/in

The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg.
The post-compromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a now-patched flaw that allowed for

The Hacker News – ​Read More

Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak

/in

The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark web.

Security Latest – ​Read More

Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros

/in

Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms — and in some cases, individual consultants — to obtain licenses to do business, but concerns remain.

darkreading – ​Read More