Tag: LEARN

How SSL Misconfigurations Impact Your Attack Surface
Summary: This content discusses the critical importance of properly configuring SSL certificates to mitigate cybersecurity risks, particularly focusing on the vulnerabilities presented by SSL misconfigurations. It highlights that many organizations fail to address these configurations properly, exposing themselves to various cyber threats. The article suggests that using a robust External Attack Surface Management (EASM) solution can significantly enhance an organization’s security posture.…
Read More
Helping Your Clients Achieve NIST Compliance: A Step by Step Guide for Service Providers
Summary: This guide outlines the importance of NIST compliance for service providers, highlighting how it enhances security, supports regulatory alignment, and differentiates market positioning. It addresses common challenges in achieving compliance and presents a structured step-by-step approach, emphasizing the role of automation in streamlining the process.…
Read More
Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log
Summary: A massive data breach has exposed 144GB of sensitive information from Royal Mail Group, including personally identifiable information and internal documents, linked to a previous compromise at a third-party service provider, Spectos. The breach, carried out by the threat actor “GHNA,” echoes a recent breach involving Samsung, highlighting a concerning trend in supply chain vulnerabilities exacerbated by AI technologies.…
Read More
Tomcat in the Crosshairs: New Research Reveals Ongoing Attacks
Aqua Nautilus researchers have identified a new malware campaign that exploits Apache Tomcat servers, capable of hijacking resources for cryptocurrency mining. The attackers leverage encrypted payloads to establish backdoors, steal SSH credentials, and execute arbitrary code. Rapid exploitation was noted, taking just 30 hours to weaponize the vulnerability, indicating the urgency for organizations to secure their Tomcat instances.…
Read More
European Commission takes aim at end-to-end encryption and proposes Europol become an EU FBI
Summary: The European Commission announced its ProtectEU strategy aimed at strengthening internal security and addressing the challenges posed by end-to-end encryption and lawful data access. While it outlines general goals like establishing a more operational Europol, it lacks detailed policy proposals, and highlights the need for enhanced intelligence-sharing among member states.…
Read More
Digital disruptions continue for Russian transportation, this time at state railway
Summary: Russia’s state-owned railway, RZD, experienced a cyberattack that temporarily disrupted its website and mobile application, following a similar incident with Moscow’s subway system. The attack was identified as a distributed denial-of-service (DDoS) event, though ticket sales continued at physical locations. The perpetrator remains unknown, and RZD is working to restore its online services promptly.…
Read More
FTC says 23andMe purchaser must uphold existing privacy policy for data handling
Summary: The FTC Chair Andrew Ferguson has cautioned DOJ bankruptcy regulators that any buyer of 23andMe must comply with the company’s privacy policies regarding consumer data, particularly genetic information. He emphasizes that users have control over their data, including the ability to delete it, and that 23andMe’s privacy commitments must be upheld even during bankruptcy.…
Read More
Latest gambit for Gamaredon: Fake Ukraine troop movement documents with malicious links
Summary: A long-running Russian hacking group, Gamaredon, is reportedly behind a campaign aimed at installing a surveillance tool on Ukrainian computers through phishing emails. This campaign has been active since at least November 2024 and leverages themes related to the Ukraine invasion to lure victims. The malicious tool deployed, Remcos, allows unauthorized access and data collection from infected systems.…
Read More
Inteset Secure Lockdown Multi Application Edition – Vulnerabilities and Hardening Measures
This article discusses vulnerabilities found in Inteset’s “Secure Lockdown — Multi Application Edition,” particularly in its kiosk mode. The author reports issues regarding inadequate security measures that allow unauthorized access to applications like Microsoft Edge, code execution via ClickOnce applications, and local file access vulnerabilities. The responsible disclosure attempts to the vendor were unproductive, leading to public disclosure in coordination with CERT/CC.…
Read More
French regulator fines Apple 2 million for anticompetitive use of privacy tool
Summary: Apple has been fined €150 million by French regulators for anticompetitive practices related to its App Tracking Transparency (ATT) tool. The French Competition Authority found that Apple’s implementation of ATT created an unfair market advantage, harming smaller app publishers dependent on third-party data collection. Despite the fine, which is minor compared to Apple’s revenues, the regulation did not require Apple to make changes to the tool.…
Read More
Moscow subway app and website disrupted in possible retaliation for Ukraine railway hack
Summary: The Moscow subway system faced service disruptions on Monday, which may be linked to a cyberattack, as suggested by a message displayed on its website that mimicked a prior incident with Ukraine’s railway operator. While the transport department cited technical maintenance as the cause, passengers struggled to recharge their subway cards and experienced app malfunctions.…
Read More