Cequence Security found that cyberattacks against the travel industry surge during holidays, with 91% of severe vulnerabilities in the top 10 travel and hospitality sites enabling man-in-the-middle attacks.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 17:06:352024-08-30 17:06:35Cybercriminals Capitalize on Travel Industry’s Peak Season
Organizations in both private and public sectors are moving to adopt artificial intelligence, but doing so for the latter heightens the importance of security fundamentals.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 17:06:352024-08-30 17:06:35Governments need to beef up cyberdefense for the AI era – which means going back to the basics
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 17:06:342024-08-30 17:06:34‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 17:06:342024-08-30 17:06:34Commercial Spyware Vendors Have a Copycat in Top Russian APT
The software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission critical software. Cybersecurity is now part of the evaluation.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 16:07:252024-08-30 16:07:25NASA Focuses on Cybersecurity of its Mission-Critical Software
U.S. cybersecurity leaders are focusing on preparing for the potential risks posed by quantum cryptography tools that could threaten critical infrastructure and national security.
The FBI investigation revealed that the suspect, Daniel Rhyne, had accessed the company’s systems without authorization and changed passwords for various accounts. Rhyne’s actions were intended to deny the company access to its systems and data.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 15:06:392024-08-30 15:06:39Employee Arrested for Locking Windows Admins Out of 254 Servers in Extortion Plot
Third-party risk management is a critical issue in the wake of the CrowdStrike IT outage, revealing vulnerabilities within financial institutions related to supply chain resilience, especially in vital sectors like financial services.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 15:06:392024-08-30 15:06:39Third-Party Risk Management is Under the Spotlight
Identity management sits with IT for good reason, but now that identity is the common denominator in every attack, it’s time identity security was owned by a leader with a security background, like the CISO.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 14:07:272024-08-30 14:07:27Why Identity Teams Need to Start Reporting to the CISO
More than 150 people filed complaints to the Information Commissioner’s Office (ICO) regarding the delay in responding to subject access requests (SARs) after the cyberattack in October 2021.
https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png00https://www.backbox.org/wp-content/uploads/2018/09/website_backbox_text_black.png2024-08-30 14:07:272024-08-30 14:07:27UK Labour Party Reprimanded Over Cyberattack Backlog by Privacy Regulator
BackBox.org offers a range of Penetration Testing services to simulate an attack on your network or application. If you are interested in our services, please contact us and we will provide you with further information as well as an initial consultation.
Cybercriminals Capitalize on Travel Industry’s Peak Season
/in General NewsCequence Security found that cyberattacks against the travel industry surge during holidays, with 91% of severe vulnerabilities in the top 10 travel and hospitality sites enabling man-in-the-middle attacks.
Cyware News – Latest Cyber News – Read More
Governments need to beef up cyberdefense for the AI era – which means going back to the basics
/in General NewsOrganizations in both private and public sectors are moving to adopt artificial intelligence, but doing so for the latter heightens the importance of security fundamentals.
Latest stories for ZDNET in Security – Read More
‘Voldemort’ Malware Curses Orgs Using Global Tax Authorities
/in General NewsThe global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.
darkreading – Read More
Commercial Spyware Vendors Have a Copycat in Top Russian APT
/in General NewsRussia’s Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.
darkreading – Read More
NASA Focuses on Cybersecurity of its Mission-Critical Software
/in General NewsThe software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission critical software. Cybersecurity is now part of the evaluation.
darkreading – Read More
‘Store Now, Decrypt Later’: US Leaders Prep for Quantum Cryptography Concerns
/in General NewsU.S. cybersecurity leaders are focusing on preparing for the potential risks posed by quantum cryptography tools that could threaten critical infrastructure and national security.
Cyware News – Latest Cyber News – Read More
Employee Arrested for Locking Windows Admins Out of 254 Servers in Extortion Plot
/in General NewsThe FBI investigation revealed that the suspect, Daniel Rhyne, had accessed the company’s systems without authorization and changed passwords for various accounts. Rhyne’s actions were intended to deny the company access to its systems and data.
Cyware News – Latest Cyber News – Read More
Third-Party Risk Management is Under the Spotlight
/in General NewsThird-party risk management is a critical issue in the wake of the CrowdStrike IT outage, revealing vulnerabilities within financial institutions related to supply chain resilience, especially in vital sectors like financial services.
Cyware News – Latest Cyber News – Read More
Why Identity Teams Need to Start Reporting to the CISO
/in General NewsIdentity management sits with IT for good reason, but now that identity is the common denominator in every attack, it’s time identity security was owned by a leader with a security background, like the CISO.
darkreading – Read More
UK Labour Party Reprimanded Over Cyberattack Backlog by Privacy Regulator
/in General NewsMore than 150 people filed complaints to the Information Commissioner’s Office (ICO) regarding the delay in responding to subject access requests (SARs) after the cyberattack in October 2021.
Cyware News – Latest Cyber News – Read More