Cyber

CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List – The Hacker News

July 24, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed…

CSO Online Cyber

ICS malware FrostyGoop disrupted heating in Ukraine, remains threat to OT worldwide – CSO Online

July 23, 2024

Security researchers warn about a new malware threat designed to interact with industrial control systems (ICS) over the Modbus protocol. The malicious program was used in January in a cyberattack…

Cyber Dark Reading

Russia Adjusts Cyber Strategy for the Long Haul in War With Ukraine – Dark Reading

July 23, 2024

Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine’s military operations in myriad ways. – Read More

Cyber Krebs

Phish-Friendly Domain Registry “.top” Put on Notice – Krebs on Security

July 23, 2024

The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing…

Cyber Dark Reading

China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platforms – Dark Reading

July 23, 2024

The cohort’s variety of individual tools covers just about any operating system it could possibly wish to attack. – Read More

Cyber Dark Reading

Goodbye? Attackers Can Bypass ‘Windows Hello’ Strong Authentication – Dark Reading

July 23, 2024

Accenture researcher undercut WHfB’s default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework. – Read More

CSO Online Cyber

CrowdStrike failure: What you need to know – CSO Online

July 23, 2024

Cybersecurity vendor CrowdStrike initiated a series of computer system outages across the world on Friday, July 19, disrupting nearly every industry and sowing chaos at airports, financial institutions, and healthcare…

Cyber Dark Reading

Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps – Dark Reading

July 23, 2024

A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.…

Cyber Dark Reading

Attackers Exploit ‘EvilVideo’ Telegram Zero-Day to Hide Malware – Dark Reading

July 23, 2024

An exploit sold on an underground forum requires user action to download an unspecified malicious payload. – Read More

Cyber Dark Reading

Wanted: A SBOM Standard to Rule Them All – Dark Reading

July 23, 2024

A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security. – Read More

Cyber Dark Reading

Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs – Dark Reading

July 23, 2024

Here’s a dose of reality from those on the frontlines and how they’re coping. – Read More

Cyber Hacker News

Chinese Hackers Target Taiwan and US NGO with MgBot Malware – The Hacker News

July 23, 2024

Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools.…

CSO Online Cyber

Google abandons plans to drop third-party cookies in Chrome – CSO Online

July 23, 2024

As a major update to Chrome’s new cross-site tracking protection policy, Google announced that it is no longer considering dropping support for third-party cookies. Third-party cookies, which refer to the…

Cyber Hacker News

New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure – The Hacker News

July 23, 2024

Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack targeting an energy company in the…

CSO Online Cyber

Wiz shocks the tech world as it rejects Google’s $23 billion bid – CSO Online

July 23, 2024

In a surprising turn of events, Israeli cybersecurity startup Wiz has decided to end its acquisition talks with Google-parent Alphabet, which would have resulted in a $23 billion deal, the…

CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List – The Hacker News

ICS malware FrostyGoop disrupted heating in Ukraine, remains threat to OT worldwide – CSO Online

Russia Adjusts Cyber Strategy for the Long Haul in War With Ukraine – Dark Reading

Phish-Friendly Domain Registry “.top” Put on Notice – Krebs on Security

China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platforms – Dark Reading

Goodbye? Attackers Can Bypass ‘Windows Hello’ Strong Authentication – Dark Reading

CrowdStrike failure: What you need to know – CSO Online

Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gaps – Dark Reading

Attackers Exploit ‘EvilVideo’ Telegram Zero-Day to Hide Malware – Dark Reading

Wanted: A SBOM Standard to Rule Them All – Dark Reading

Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffs – Dark Reading

Chinese Hackers Target Taiwan and US NGO with MgBot Malware – The Hacker News

Google abandons plans to drop third-party cookies in Chrome – CSO Online

New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure – The Hacker News

Wiz shocks the tech world as it rejects Google’s $23 billion bid – CSO Online

You Missed

Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites – The Hacker News

How Ison Harrison is managing growth efficiently – Legal Futures

Slaughter and May calls time on dogs in the office – Legal Cheek

AI tools becoming hot commodities on ransomware marketplaces – CSO Online