News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Category: Short News

AI models and software supply chains in sight
March 18, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

One area that requires particular caution is the development of AI/ML models. We are seeing an increasing threat of malicious code at this critical point, allowing threat actors to find new ways to break into companies and software supply chains and steal data. While AI/ML has been an integral part of many software deliveries for many years, the rise of Large Language Models (LLMs) has made it much easier to embed AI/ML into many applications. Developers are expected to deploy AI/ML models along with software updates and new implementations, but often do not have the resources to implement security measures...

Read more

Campaigns by cybercriminal group TA4903
March 17, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Cybersecurity experts have identified new campaigns by cybercriminal group TA4903, which specializes in phishing and business email compromise (BEC, also known as CEO fraud). The group is a group of financially motivated cyber criminals who have recently made a name for themselves through large-scale email campaigns. US organizations in particular find themselves in the crosshairs of attackers, and occasionally companies from other parts of the world too. Proofpoint's key takeaways from TA4903: TA4903 has two main goals: credential phishing and BEC. The group regularly runs campaigns where they present themselves as…

Read more

DarkGate threat
March 16, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

In the ever-evolving cyber threat landscape, law enforcement agencies have seen progress in uncovering DarkGate, malware developers, threat actors and forum managers. At the same time, they have increasingly taken control of command-and-control servers, disrupting malware distribution networks. In this dynamic environment, the emergence of new players and the adaptation of existing players is no coincidence. A recent example of this evolution is the emergence of morphing malware, which shows threat actors changing names and modifying malware families. Following the dismantling of the Qbot infrastructure, the spread of DarkGate has increased significantly, reflecting the continued evolution of cyber threats…

Read more

The Terminator tool is coming back
March 15, 2024
| No comments
| Short news, Sophos
SophosNews

BYOVD (Bring Your Own Vulnerable Driver) are still very popular among threat actors as EDR killers. One reason is that this raises the prospect of a kernel-level attack, which gives cybercriminals a wide range of options - from hiding malware to spying on login credentials to attempting to disable EDR solutions. Sophos security specialists Andreas Klopsch and Matt Wixey have closely examined what has been happening with Terminator tools over the last six months and published the report “It'll be back: Attackers still abusing Terminator...

Read more

Danger when surfing through browser-based attacks
March 14, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The threat situation in the digital space is becoming increasingly complex and sophisticated. According to a recent study, in the second half of 2023 there was a 198 percent increase in browser-based phishing attacks and a 206 percent increase in evasive attacks. During the same period, over 31.000 specially designed threats were identified that were designed to evade detection by security solutions. The most common attack techniques are phishing, social engineering, smishing and deepfakes. These tactics aim to exploit human weakness for manipulation, which then allows cybercriminals to gain access to sensitive data...

Read more

The True Cost of Ransomware
March 13, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

A cybersecurity solutions provider announced the results of its third annual ransomware study. The research carried out is intended to provide information about the costs and effects of ransomware on companies. What it turns out: Ransomware attacks are becoming more and more frequent, more effective and more sophisticated - but paying ransoms is definitely not worth it for companies: 63% of the companies surveyed in Germany were affected by more than one ransomware attack in the last 24 months. 31% of German companies that were attacked did not have a backup copy of their files and therefore paid the ransom. Almost 80%...

Read more

Unlawful official requests for information at mailbox.org
March 12, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The email service mailbox.org from Berlin, which specializes in data protection and data security, has published its annual transparency report on official requests for information for 2023 and is taking stock. The total number of government information requests to mailbox.org rose sharply last year, to a total of 133 compared to 55 the previous year. And the number of requests rejected by mailbox.org due to illegality also rose sharply, from 14 in 2022 to 45 in 2023. This means that around a third (33,8 percent) of all government requests made to mailbox.org were rejected because they contained errors or…

Read more

Phishing attacks: In 2023, almost every company was affected
March 11, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Phishing attacks have continued to increase over the last year and are one of the biggest cyber risks for companies. The loss of data leads to high costs and can sometimes even result in the closure of the company. Phishing remains one of the biggest cybersecurity threats and poses significant risk to virtually all organizations and businesses. Cyber ​​attacks are not only becoming more sophisticated every day, but also more numerous: According to a study by Egress, 94 percent of companies were affected by phishing attacks in 2023. Additionally, 91 percent had…

Read more

Critical security vulnerabilities in VMware
March 10, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Security vulnerabilities have been discovered in some VMware products. The BSI classifies these vulnerabilities as critical. Among other things, the USB controllers in various devices are affected. A local attacker can exploit multiple vulnerabilities in VMware ESXi, VMware Workstation, VMware Fusion and VMware Cloud Foundation to execute arbitrary code, bypass security measures or disclose information, warns the BSI and recommends using updates as they become available. CVSS vulnerability scores range from 7,1 to 9,3. They are all classified as critical because they allow attackers to bypass virtual machines and access the…

Read more

New cryptomining malware discovered
March 9, 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Security researchers have discovered a new cryptomining campaign called Lucifer that targets Apache and in particular the software libraries Hadoop and Druid, which are popular with many users. To do this, the attackers exploit existing misconfigurations and vulnerabilities. The active campaign uses a new variant of a well-known DDoS botnet focused on vulnerable Linux systems. The malware is known as “Lucifer” and, once compromised, uses infected Apache servers to mine the cryptocurrency Monero. The cybercriminals behind Lucifer focus on the Apache libraries Hadoop and Druid, which are very popular with developers, and...

Read more

© 2024 MedPressIT GbR
Cookie Settings