Tag: LEARN

Biotech firm settles class action lawsuit over ransomware attack for .5 million
Summary: Enzo Biochem, a large biotech company, has settled a class action lawsuit for $7.5 million following a ransomware attack that compromised the personal data of approximately 2.5 million individuals. The attack revealed sensitive information, including names and Social Security numbers, and highlighted significant cybersecurity vulnerabilities within the company.…
Read More
German defense and foreign ministries suspend activity on Elon Musk’s platform
Summary: Germany’s armed forces and ministries have suspended their accounts on Elon Musk’s platform, X, citing challenges in maintaining fact-based discussions. The defense ministry plans to use Meta’s WhatsApp for communications, while the foreign ministry will transition to Bluesky. This decision follows concerns over Musk’s endorsement of the far-right AfD party and his controversial remarks about German politicians.…
Read More
MFA Failures – The Worst is Yet to Come
Summary: The article discusses the increasing ineffectiveness of legacy Multi-Factor Authentication (MFA) systems in the face of sophisticated cyber threats, particularly phishing and ransomware attacks. It highlights the role of generative AI in enhancing these attacks and emphasizes the urgent need for organizations to adopt next-generation MFA solutions that do not rely on user vigilance.…
Read More
UK’s porn age checks to arrive in July, raising fears over security and privacy
Summary: The UK’s communications regulator Ofcom has mandated that online pornography sites must verify users’ ages by July to prevent minors from accessing adult content. Concerns have been raised by civil liberties groups about the potential cybersecurity risks associated with age verification methods. Non-compliance could lead to severe penalties, including fines and website blocking by internet service providers.…
Read More
Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action
Summary: The digital landscape is rapidly evolving, with an explosion of IoT devices and tightening compliance requirements. Traditional trust management systems are inadequate for today’s hybrid environments, necessitating a more efficient solution. DigiCert ONE offers a platform designed to simplify and automate trust management, making it easier to navigate the complexities of modern digital operations.…
Read More
The Cyber Threat Responsible for the Biggest Breaches of 2024
Summary: Stolen credential-based attacks have surged, becoming the leading cyber threat in 2023/24, with a staggering 80% of web app attacks originating from this breach vector. Despite increased cybersecurity budgets, vulnerabilities remain due to inadequate MFA adoption and the rise of infostealer malware. This article explores the factors contributing to the rise in account compromises and offers recommendations for security teams to combat these threats.…
Read More
Securonix Threat Labs 2024 Annual Autonomous Threat Sweeper Intelligence Insights
The 2024 Annual Cyber Threat Report reveals a significant increase in cyber threats, including advanced persistent threats (APTs) and evolving tactics used by attackers. Key incidents include the resurgence of LockBit ransomware, exploitation of vulnerabilities in widely-used technologies, and notable data breaches affecting major organizations. Affected: Ivanti Connect Secure, GlobalProtect, CrowdStrike, Snowflake, Palo Alto Networks

Keypoints :

Emerging threats exploit vulnerabilities in Ivanti Connect Secure and GlobalProtect VPN.…
Read More
OneBlood reports data breach to state regulators after ransomware attack
Summary: OneBlood, a nonprofit blood donation organization, suffered a ransomware attack that resulted in the theft of names and Social Security numbers. The incident, which was reported to regulators, forced the organization to operate at reduced capacity, impacting blood supply to hospitals across several states. OneBlood is offering victims credit monitoring services but has not disclosed the total number of individuals affected.…
Read More
Easterly: SEC vs. CIRCIA a ‘recipe for dysfunction’ after private sector complaints
Summary: Private sector companies are struggling to navigate the complexities of two new cyber incident reporting rules: the SEC’s regime and the CIRCIA requirements. Jen Easterly, former director of CISA, highlighted the confusion this dual reporting obligation creates for critical infrastructure organizations. She emphasized the need for harmonization of cyber rules to simplify compliance and enhance collective cyber defense efforts.…
Read More
No new funding in EU plan to tackle ransomware attacks against hospitals
Summary: The European Commission has unveiled an action plan aimed at bolstering the cybersecurity of the healthcare sector, which has been the most targeted by cyberattacks in Europe over the past four years. The plan includes guidance for healthcare entities and emphasizes the need for national-level implementation of existing cybersecurity directives, despite the lack of new funding.…
Read More
University of Oklahoma isolates systems after ‘unusual activity’ on IT network
Summary: The University of Oklahoma is investigating unusual cyber activity on its network after being targeted by a ransomware gang known as Fog, which claims to have stolen 91 GB of sensitive data. The institution has taken measures to isolate affected systems and enhance security. This incident highlights the ongoing threat of ransomware attacks in the education sector, particularly during periods of reduced IT staffing.…
Read More
Russian espionage and financial theft campaigns have ramped up, Ukraine cyber agency says
Summary: Ukrainian cyber agencies report a rise in sophisticated cyberattacks primarily attributed to three Russia-linked hacker groups targeting government and critical services. The attacks have focused on espionage, financial theft, and psychological warfare, with the most active group being UAC-0010, also known as Gamaredon. Over the past year, Ukraine’s cybersecurity incident response center has addressed over 1,000 incidents, indicating a significant threat to national security.…
Read More
Kimsuky Hacking Group’s Malware Attack on the Korean Defense Industry Association – Defense Industry Digital Innovation Seminar (Planned) (2025.1.12)
This article discusses the malicious activities of the North Korean hacking group Kimsuky, which targets the Korea Association of Defense Industry Studies. The group is known for its various espionage missions, including the distribution of malware disguised as a seminar invitation. The malware is delivered via email and executes harmful scripts upon opening an attached document.…
Read More