CISO Stature Rises, but Security Budgets Remain Tight

The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly gaining executive status and responsibilities.

darkreading – ​Read More

Cops in Germany Claim They’ve ID’d the Mysterious Trickbot Ransomware Kingpin

The elusive boss of the Trickbot and Conti cybercriminal groups has been known only as “Stern.” Now, German law enforcement has published his alleged identity—and it’s a familiar face.

Security Latest – ​Read More

Tenable to Acquire AI Security Startup Apex

Apex will enhance Tenable’s AI Aware tool by mitigating the threats of AI applications and tools not governed by organizations, while enforcing existing security policies.

darkreading – ​Read More

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

The China-linked threat actor behind the recent in-the-wild exploitation of a critical security flaw in SAP NetWeaver has been attributed to a broader set of attacks targeting organizations in Brazil, India, and Southeast Asia since 2023.
“The threat actor mainly targets the SQL injection vulnerabilities discovered on web applications to access the SQL servers of targeted organizations,” Trend

The Hacker News – ​Read More

Australian ransomware victims now must tell the government if they pay up

Australia is now the first country to require ransomware victims to report if they make any extortion payments to their attackers.

The Record from Recorded Future News – ​Read More

Victoria’s Secret US Website Restored After Security Incident

Victoria’s Secret website was down due to a ‘security incident’ impacting online and some in-store services. Get the…

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

ConnectWise Discloses Suspected State-Sponsored Hack

The IT software provider says ScreenConnect users were impacted by the attack, which exploited a high-severity ASP.NET vulnerability.

The post ConnectWise Discloses Suspected State-Sponsored Hack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Chinese Phishing Service Haozi Resurfaces, Fueling Criminal Profits

A Chinese-language PhaaS platform Haozi is making cybercrime easy with no tech skills needed. Discover how this plug-and-play service facilitated over $280,000 in illicit transactions.

Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – ​Read More

MITRE Publishes Post-Quantum Cryptography Migration Roadmap

The roadmap provides an overview of four key stages of the migration process, namely preparation, baseline understanding, planning and execution, and monitoring and evaluation.

The post MITRE Publishes Post-Quantum Cryptography Migration Roadmap appeared first on SecurityWeek.

SecurityWeek – ​Read More

U.S. Sanctions Funnull for $200M Romance Baiting Scams Tied to Crypto Fraud

The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against a Philippines-based company named Funnull Technology Inc. and its administrator Liu Lizhi for providing infrastructure to conduct romance baiting scams that led to massive cryptocurrency losses.
The Treasury accused the Taguig-headquartered company of enabling thousands of websites involved in

The Hacker News – ​Read More