Apple released patches Thursday to close three actively exploited vulnerabilities that researchers say commercial spyware maker Cytrox used to infect the iPhone of Egyptian politician Ahmed Eltantawy with Predator malware. The Citizen Lab attributes the attacks to the Egyptian government.
SentinelOne observed suspected cyberespionage actors of unknown origin using modular backdoors and highly stealthy tactics in August to target telecommunication companies in the Middle East, Western Europe and South Asia. The group, tracked as Sandman, is using the novel backdoor LuaJIT.
Federal authorities are warning of "significant risk" for potential attacks on healthcare and public health sector entities by the North Korean state-sponsored Lazarus Group involving exploitation of a critical vulnerability in 24 Zoho ManageEngine products.
Authorities are warning of threats posed by Akira, a ransomware group that surfaced in March and has been linked to dozens of attacks on small and midsized entities. The group is targeting many industries, including healthcare, and seems to favor entities that lack MFA on VPNs.
With the rapidly increasing number of advanced threats, prevention and detection tools are pushed to their limits which means balancing performance and security in these environments is causing security professionals to rethink the techniques used to secure their organizations.
This is where the integration of...
Multiple nation-state hacking groups have been exploiting known flaws in Zoho ManageEngine software and Fortinet firewalls to steal data, cybersecurity officials warn. A new alert details exploits of each vulnerability by separate groups that targeted the same aeronautical firm.
IronNet's board authorized the company to furlough nearly all its workers and substantially curtail business operations as the board evaluates seeking bankruptcy protection. The furlough and cessation of business operations constitute an event of default under the terms of the company's borrowing.
In the evolving threat landscape, small-time threat actors are entering the ransomware space and targeting small and medium-sized businesses. These organizations must adopt a defense-in-depth approach to defend themselves, said Nick Biasini, head of outreach at Cisco Talos.
The number of major health data breaches is decreasing, but a recent disturbing trend reflects the vulnerability of critical vendors and the tenacity of cybercriminals, say John Delano, a vice president of Christus Health, and Mike Hamilton, CISO and co-founder of security firm Critical Insight.
Public-private cybersecurity councils urged the healthcare industry to be more expansive in sharing signs of hacking, warning that traditional indicators aren't enough. Fending off hackers requires additional shared data, such as SIEM rules and automated response playbooks.
Cyberattacks are constantly evolving, and it's important to stay ahead of the curve.
Empower your users to disrupt the attack chain, equipped to identify and thwart cyber threats. This distinctive people-centric kit ensures education, arming users to counter real-world risks.
In honor of Cybersecurity Awareness...
Chen Burshan, the CEO of Skyhawk Security, wants to use the power of generative AI as part of the threat detection flow. Organizations with risk management tools in place and risk reduction occurring are still getting breached and therefore need to focus more on threat detection, he said.
Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category. Leading threat intelligence providers have expanded into adjacent use cases such as brand protection and vulnerability management.
Ransomware incidents are down, but the volume and impact of targeted attacks are on the rise. These are among the findings of the new Global Threat Landscape Report from Fortinet's FortiGuard Labs. Fortinet's Derek Manky shares analysis of this report and insights on the cybersecurity trends that will influence how we...
Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on entities in other industries.