Sicurezza – News ENG
News da fonti internazionali (DARK Reading, The Hacker News, Threatpost)
- Feds Warn on Russian Actors Targeting Critical Infrastructureby Dark Reading Staff (darkreading) on 6 Settembre 2024 at 7:48 pm
In the past, Putin’s Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.
- CISA Flags ICS Bugs in Baxter, Mitsubishi Productsby Jai Vijayan, Contributing Writer (darkreading) on 6 Settembre 2024 at 7:44 pm
The vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.
- Commercial Spyware Use Roars Back Despite Sanctionsby Becky Bracken, Senior Editor, Dark Reading (darkreading) on 6 Settembre 2024 at 7:25 pm
Vendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.
- Cybersecurity Talent Shortage Prompts White House Actionby Nathan Eddy, Contributing Writer (darkreading) on 6 Settembre 2024 at 4:34 pm
The Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed.
- Using Transparency & Sharing to Defend Critical Infrastructureby Travis Galloway (darkreading) on 6 Settembre 2024 at 2:00 pm
No organization can single-handedly defend against sophisticated attacks. Governments and private sector entities need to collaborate, share information, and develop defenses against cyber threats
- What Is the Shared Fate Model?by Edge Editors (darkreading) on 5 Settembre 2024 at 11:11 pm
New threats, an overburdened workforce, and regulatory pressures mean cloud service providers need a more resilient model than the shared responsibility framework. That’s where “shared fate” comes in.
- HackerOne Appoints Kara Sprague As CEOby (darkreading) on 5 Settembre 2024 at 9:22 pm
- Kiteworks Bolsters Its Secure Data Collection Capabilities With 123FormBuilder Acquisitionby (darkreading) on 5 Settembre 2024 at 9:15 pm
- Palo Alto Networks® Closes Acquisition of IBM’s QRadar SaaS Assetsby (darkreading) on 5 Settembre 2024 at 9:09 pm
- Malvertising Campaign Builds a Phish for Lowe’s Employeesby Nate Nelson, Contributing Writer (darkreading) on 5 Settembre 2024 at 8:56 pm
Retail employees are being duped into divulging their credentials by typosquatting malvertisements.
- Chinese ‘Tropic Trooper’ APT Targets Mideast Governmentsby Dark Reading Staff (darkreading) on 5 Settembre 2024 at 8:39 pm
In the past, the group has targeted different sectors in East and Southeast Asia, but recently has pivoted its focus to the Middle East, specifically to entities that publish human rights studies.
- China’s ‘Earth Lusca’ Propagates Multiplatform Backdoorby Elizabeth Montalbano, Contributing Writer (darkreading) on 5 Settembre 2024 at 8:15 pm
The malware, KTLVdoor, has already been found on more than 50 command-and-control servers and enables full control of any environment it compromises.
- Biden Admin Files Charges Against Election Meddlers From Russiaby Kristina Beek, Associate Editor, Dark Reading (darkreading) on 5 Settembre 2024 at 7:39 pm
Working with the Treasury and Justice departments, the president has sanctioned anti-democratic Russian adversaries.
- The Role of Trust Anchors in Modern IT Securityby Rohan Pinto (darkreading) on 5 Settembre 2024 at 2:00 pm
To fully realize the benefits trust anchors provide, organizations need to implement processes and technologies that maintain the privacy and security of trust anchors and the personal data they contain.
- Indian Army Propaganda Spread by 1.4K AI-Powered Social Media Accountsby Nate Nelson, Contributing Writer (darkreading) on 5 Settembre 2024 at 4:01 am
For three years now, more than a thousand social media accounts have been reposting the same pro-India, anti-Pakistan content on Facebook and X.
- White House Unveils Road Map to Fix BGPby Dark Reading Staff (darkreading) on 4 Settembre 2024 at 9:34 pm
The White House Office of the National Cyber Director released a plan outlining steps network operators and service providers need to take to secure BGP from abuse and configuration errors.
- ‘Revival Hijack’ on PyPI Disguises Malware With Legitimate File Namesby Jai Vijayan, Contributing Writer (darkreading) on 4 Settembre 2024 at 8:18 pm
Adversaries reusing abandoned package names sneak malware into organizations in a sort of software shell game.
- Open Source Tool Allows Voters to Verify Election Resultsby Robert Lemos, Contributing Writer (darkreading) on 4 Settembre 2024 at 5:00 pm
The ElectionGuard project allows anyone — voters, campaign staffers, and election officials — to cryptographically verify ballots, a promise which may bolster faith in election integrity.
- FBI: North Korean Actors Readying Aggressive Cyberattack Waveby Elizabeth Montalbano, Contributing Writer (darkreading) on 4 Settembre 2024 at 4:57 pm
Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.
- How CISOs Can Effectively Communicate Cyber-Riskby Levi Gundert (darkreading) on 4 Settembre 2024 at 2:00 pm
A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs to tell a complex story in a single visualization.
- CEO’s Arrest Will Likely Not Dampen Cybercriminal Interest in Telegramby Jai Vijayan, Contributing Writer (darkreading) on 4 Settembre 2024 at 1:00 pm
In recent years, the platform has become a go-to tool for executing almost all conceivable cybercriminal activity.
- California Approves Privacy Bill Requiring Opt-Out Toolsby Jennifer Lawinski, Contributing Writer (darkreading) on 3 Settembre 2024 at 10:39 pm
This bill requires Web browsers to have an easy-to-find (and use) setting for consumers to send an opt-out preference signal by default to every site and app they interact with.
- North Korea’s ‘Citrine Sleet’ APT Exploits Zero-Day Chromium Bugby Nate Nelson, Contributing Writer (darkreading) on 3 Settembre 2024 at 9:33 pm
Microsoft warned that the DPRK’s latest innovative tack chains together previously unknown browser issues, then adds a rootkit to the mix to gain deep system access and steal crypto.
- City of Columbus Sues Researcher After Ransomware Attackby Dark Reading Staff (darkreading) on 3 Settembre 2024 at 9:18 pm
The Ohio city filed for a restraining order, claiming the researcher was working in tandem with the ransomware attackers.
- Cyberattackers Spoof Palo Alto VPNs to Spread WikiLoader Variantby Dark Reading Staff (darkreading) on 3 Settembre 2024 at 6:25 pm
The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.
- Halliburton Data Stolen in Oil-Sector Cyberattackby Tara Seals, Managing Editor, News, Dark Reading (darkreading) on 3 Settembre 2024 at 4:09 pm
The energy kahuna said that operations were disrupted after an attack on its supporting business applications.
- Evolving npm Package Campaign Targets Roblox Devs, for Yearsby Elizabeth Montalbano, Contributing Writer (darkreading) on 3 Settembre 2024 at 4:08 pm
Attackers have added aggressive social engineering to their arsenal, along with a novel Windows-manipulating persistence mechanism that demands developer vigilance.
- BlackCat Spin-off ‘Cicada3301’ Uses Stolen Creds on the Fly, Skirts EDRby Nate Nelson, Contributing Writer (darkreading) on 3 Settembre 2024 at 2:19 pm
Malware authors have iterated on one of the premier encryptors on the market, building something even bigger and better.
- Improved Software Supply Chain Resilience Equals Increased Securityby Josh Lemos (darkreading) on 3 Settembre 2024 at 2:00 pm
Understanding through visibility, managing through governance, and anticipating through continuous deployment will better prepare organizations for the next supply chain attack.
- Name That Edge Toon: Bug Offby John Klossner, Cartoonist (darkreading) on 3 Settembre 2024 at 12:33 pm
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.