Security News

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2...

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called...

Among Gartner's top predictions are the collapse of the cybersecurity skills gap and the reduction of employee-driven cybersecurity incidents through the adoption of generative AI. Two-thirds of global 100 organizations are expected to extend directors' and officers' insurance to cybersecurity leaders due to personal legal exposure. "As we start moving beyond what's possible with GenAI, solid opportunities are emerging to help solve a number of perennial issues plaguing cybersecurity, particularly the skills shortage and unsecure human behavior. The scope of the top predictions this year is clearly not on technology, as the human element continues to gain far more attention. Any CISO looking to build an effective and sustainable cybersecurity program must make this a priority," said Deepti Gopal, Director Analyst at Gartner.

The US government has recommended a series of steps that critical infrastructure operators should take to prevent distributed-denial-of-service attacks. The joint guide, entitled Understanding and Responding to Distributed Denial-Of-Service Attacks [PDF], distinguishes between denial-of-service and DDoS attacks.

The Cyber Crime Center of the U.S. Department of Defense says it has reached the milestone of processing its 50,000th vulnerability report submitted by 5,635 researchers since its inception in November 2016. The federal agency launched its Vulnerability Disclosure Program 7.5 years ago following a bug bounty event called 'Hack-the-Pentagon,' to engage crowd-sourced vulnerability reports that could help bolster its cyber defenses.

CISA, the NSA, the FBI, and several other agencies in the U.S. and worldwide warned critical infrastructure leaders to protect their systems against the Chinese Volt Typhoon hacking group. Together with the NSA, the FBI, other U.S. government agencies, and partner Five Eyes cybersecurity agencies, including cybersecurity agencies from Australia, Canada, the United Kingdom, and New Zealand, it also issued defense tips on detecting and defending against Volt Typhoon attacks.

SEMI, an industry association representing 3,000 chip vendors, would really appreciate it if the European Union would back off plans to impose export controls on China, arguing that they should only be used as a "Last resort" to protect national security. Restrictions on the export of chip tech have become a potent instrument in US efforts to stifle China's domestic semiconductor industry.

Roderich Kiesewetter, deputy chairman of the German parliament's oversight committee, said the Bundeswehr leak was possibly caused by a Russian agent inside the WebEx call or the Bundeswehr's implementation of it, but the country is still working on discovering how the intrusion took place. RT has since made a number of claims after publishing the call, including that the conversation provides proof that Germany was planning to help Ukraine to destroy the Kerch Bridge that connects Russia to the illegally annexed Crimea.

The Main Intelligence Directorate of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense and stole sensitive documents. Software used by the Russian Ministry of Defense for protecting and encrypting data.

The US Department of Justice has unsealed an indictment accusing an Iranian national of a years-long campaign that compromised hundreds of thousands of accounts and attempting to infiltrate US defense contractors and multiple government agencies. "Nasab participated in a cyber campaign using spear phishing and other hacking techniques to infect more than 200,000 victim devices, many of which contained sensitive or classified defense information," said Damian Williams, US Attorney for the Southern District of New York.