Ragnar Locker ransomware gang targeted the municipality of Zwijndrecht but instead hacked a local Belgian police unit, releasing sensitive police data, including investigation reports and criminal records.
UK MSPs will be brought under the same cybersecurity laws that govern essential services, such as critical infrastructure and health care. The move stems in large part from an increasing focus on MSPs by the most advanced nation-state security actors.
The battle against Log4Shell is proceeding very slowly due to a confluence of factors. It remains buried in a number of assets, particularly legacy systems that are tougher to address. But it also continues to affect organizations via new devices.
Cyber leadership is currently based on individual best effort, with no agreement on what ‘good’ looks like, with Chief Information Security Officers (CISOs) typically blinkered on the implementation of controls rather than understanding the risks to the business and driving cultural change accordingly.
The time is now for business leaders to implement zero-trust protocols to address cloud misconfigurations beyond the identity layer and into the SaaS app ecosystem, as doing so has become critical for organizations to be able to maintain a good security posture. Zero Trust Data Access (ZTDA) does just that.
A spyware vendor in Spain has been linked to a zero-day exploitation framework that impacted Windows, as well as the Chrome and Firefox browsers, from 2018 to 2021. Google researchers present markers found in its code including a script that is signed by the company.
Criminal hackers look eagerly toward the holidays because it's a time for vacations, general absences, and fewer eyes on the organization's passwords. There is a 30% increase in the average number of ransomware attacks over the holiday period compared to the monthly average.
From a sample base of over 17 million referrals from Twitter collected over the past three quarters from American websites, an average of 8.55% of all traffic originating from Twitter was invalid. Organic traffic showed an invalid rate of 10.43%, nearly twice that of paid which averaged 5.13% invalid, just barely missing Twitter’s own mDAU reporting of 5%.
Password manager LastPass notified its customers of a second security breach in 2022, with the threat actor accessing customer data stored on a shared cloud service.
INTERPOL’s arrested nearly 1,000 cybercriminals, recovered $130 million from 2,800 accounts linked to proceeds of crime, and closed 1,600 cases in Operation HAECHI III.