Security News

Olympic Destroyer was unleashed at Seoul in 2018. It could happen again, cybersecurity expert says.

HackTheBox announces Academy for Business, a new interactive skill development course for corporate IT and security teams. Businesses can train and upskill their staff using practical and theoretical material from the Academy for Business, preparing employees for the challenges of modern cybersecurity threats.

Avanan announced the release of a report which analyzes today's threat landscape, phishing vectors, and industry-based attacks, exposing healthcare and manufacturing as two of the top targets for cyberattacks in the first half of the year. IT saw over 9,000 phishing emails in a one month span, out of an average of 376,914 total emails; healthcare saw over 6,000 phishing emails out of an average of 451,792 total emails; and manufacturing saw just under 6,000 phishing emails out of an average of 331,184 total emails.

A set of high-severity privilege-escalation vulnerabilities affecting Business Process Automation application and Cisco's Web Security Appliance and could allow authenticated, remote attackers to access sensitive data or take over a targeted system. The first two bugs exist in the web-based management interface of the Cisco Business Process Automation, which is used to streamline various IT processes.

ADVA launched an optical transport solution secured by post-quantum cryptography. The FSP 3000 ConnectGuard optical encryption solution now protects data against cyberattacks from quantum computers that could break today's cryptographic algorithms.

Armis released new data uncovering the lack of knowledge and general awareness of major cyberattacks on critical infrastructure and an understanding of security hygiene. The survey of over 2,000 respondents from across the United States found that end users are not paying attention to the major attacks plaguing operational technology and critical infrastructure across the country, signaling the importance of businesses prioritizing a focus on security as employees return to the office.

Most of one of Sweden's leading supermarket chains' 800 shops remained closed on Monday, three days after they were indirectly affected by the cyberattack targeting US company Kaseya. On Friday, a hacking attack indirectly hit the supermarket chain, paralysing all its cash registers and forcing the company to temporarily close nearly all its shops across the country.

Qurium Media Foundation has reported a campaign of DDoS attacks on Filipino media outlets and human rights organisations that appear to be coming from the country's Department of Science and Technology and Army. "During the past month, Qurium has received brief but frequent denial attacks against the Philippine alternative media outlets Bulatlat and AlterMidya, as well as the human rights group Karapatan," said the Swedish digital rights, data protection, and internet security NGO in its online report.

The transition to EHRs has made ransomware and data-theft attacks far more costly and damaging for healthcare institutions. Researchers have found that Ryuk ransomware is increasingly targeting RDPs, particularly in the healthcare sector.

No sensitive information was compromised in a ransomware attack last month on the state agency that provides ferry service between mainland Massachusetts and the islands of Martha's Vineyard and Nantucket. "After a rigorous evaluation of our systems, this investigation has now concluded and the cybersecurity investigators have confirmed that no sensitive information, including customer data or payment information, was viewed or downloaded during this incident," the Woods Hole, Martha's Vineyard and Nantucket Steamship Authority announced in a statement Wednesday.