Security News

President Joe Biden warned that cyberattacks leading to severe security breaches could lead to a "Real shooting war" with another major world power. "You know, we've seen how cyber threats, including ransomware attacks, increasingly are able to cause damage and disruption to the real world," Biden said during a speech at the National Counterterrorism Center of the Office of the Director of National Intelligence.

A cyberattack that crippled the computer systems of a hospital network affecting six hospitals in Vermont and New York last fall happened after an employee opened a personal email on a company laptop while on vacation, a University of Vermont Health Network official said Tuesday. The email was from legitimate local business that had been hacked, Doug Gentile, network chief medical information officer told The Associated Press.

One key way that cybercriminals compromise organizations and users is by exploiting known security vulnerabilities. Of course, one key way that organizations can protect themselves is by patching known security vulnerabilities.

Kubernetes clusters are being attacked via misconfigured Argo Workflows instances, security researchers are warning. Argo Workflows is an open-source, container-native workflow engine for orchestrating parallel jobs on Kubernetes - to speed up processing time for compute-intensive jobs like machine learning and big-data processing.

Stellar Cyber introduced a realistic XDR Kill Chain to serve as a new model, addressing the current realities of cyberattacks and focus efforts to stop an attack early and quickly. The XDR Kill Chain serves as a blueprint for "Killing" or stopping an attack, rather than just as model to portray single-dimensional attack progression.

More details on the cyberattack on Iran's railroad system emerged over the weekend. According to Iran International, "The number might belong either to the office of President Hassan Rouhani or Supreme Leader Ali Khamenei. It is not clear if hackers have posted the information or the authorities." It would be reasonable to assume that the attack was at least partly designed to embarrass the incoming new hardline president, Ebrahim Raisi, before he takes over from the moderate Hassan Rouhani next month.

Virginia Tech says it was targeted in two recent cyberattacks but feels confident no data was stolen. Virginia Tech spokesman Mark Owczarski told the Roanoke Times Friday a few university units used Kaseya, a U.S. software company exploited in early July in a massive ransomware attack that snarled businesses around the world.

Moldova's "Court of Accounts" has suffered a cyberattack leading to the agency's public databases and audits being destroyed. Court of Accounts of Moldova is a government authority that performs audits of public financial resources and government agencies to comply with international standards.

The US is offering a $10m reward to anyone who dobs in digital outlaws responsible for foreign government-backed cyberattacks on critical national infrastructure such as pipelines, power grids, and communication networks. The cash incentive is part of the US State Department's Rewards for Justice programme and the ongoing war on cybercrime that has in recent months crippled fuel pipelines and meat production.

A tailored approach to digital executive protection allows security teams to maximize resources and identify threats without relying on 24x7 physical executive protection. Executive protection teams face threats from many sources including social media, telephone, email, and event in-person physical threats.