Security News

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. The malware is mainly designed to single out Unix-like platforms running x86, x64 and ARM architectures, with GoBruteforcer attempting to obtain access via a brute-force attack using a list of credentials hard-coded into the binary.

The impact a data breach can have on individuals can be devasting; getting back to something that vaguely resembles normality is very challenging. There are obviously huge differences between individuals and organizations regarding security.

Cyber attack risks faced by businesses across states and reported data breaches are relative to the respective state governments' cybersecurity investment, according to Network Assured. While expectedly, California, with its high concentration of businesses in technology and healthcare recorded the highest number of data breaches at 1,338, the relatively small state of Maryland ranked 5th worst in the nation with 343 breaches.

In this Help Net Security video, Caroline Wong, Chief Strategy Officer at Cobalt, offers valuable insight into what leaders can do to instill stronger cybersecurity practices from the bottom up...

The number of data breaches affecting healthcare providers declined in the second half of 2022, consistent with a downward trend over the past two years, according to Critical Insight. Healthcare industry sees a decrease in data breaches.

Subsequently, the first attacker group monetized the first attack not only through the ransom they obtained, but also by selling the company's network information to the second ransomware group. In the 13 months between the two attacks, the victim changed its network and removed servers, but the new attackers were not aware of these architectural modifications.

Toyota's Global Supplier Preparation Information Management System was breached by a security researcher who responsibly reported the issue to the company. The issues were responsibly disclosed to Toyota on November 3, 2022, and the Japanese car maker confirmed they had been fixed by November 23, 2022.

Despite growing attention and budgets for cybersecurity in recent years, attacks have only become more common and more severe. It's easy to assume that the solution to the cybersecurity problem is money- to hire more security experts, to invest in more tools and technology.

DOUG. OK, we've got some tips if you are affected by this, starting with: Don't click "Helpful" links in emails or other messages. Apple patches are out - old iPhones get an old zero-day fix at last!

SMBs are aware of increasing cyber threats and allocating resources and investing in areas such as network and cloud security, according to Datto. 69% of SMBs currently have cyber insurance and 34% of those without cyber insurance are highly likely to get it in the next year.