Security News
A notorious British hacker was arraigned on Wednesday by the U.S. Department of Justice for allegedly running the now defunct 'The Real Deal" dark web marketplace. [...]
Get six training courses for just eight dollars each with The Complete 2022 PenTest & Ethical Hacking Bundle. The post Here’s how you can become a highly-paid ethical hacker appeared first on TechRepublic.
A 26-year-old Ukrainian national has been charged in the U.S. for his alleged role in the Raccoon Stealer malware-as-a-service (MaaS) operation. Mark Sokolovsky, who was arrested by Dutch law...
The North Korean espionage-focused actor known as Kimsuky has been observed using three different Android malware strains to target users located in its southern counterpart. That's according to findings from South Korean cybersecurity company S2W, which named the malware families FastFire, FastViewer, and FastSpy.
Australian insurance firm Medibank has confirmed that hackers accessed all of its customers' personal data and a large amount of health claims data during a recent ransomware attack. [...]
A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors. "Shifting ransomware payloads over time from BlackCat, Quantum Locker, and Zeppelin, DEV-0832's latest payload is a Zeppelin variant that includes Vice Society-specific file extensions, such as.v-s0ciety,.v-society, and, most recently,.locked," the tech giant's cybersecurity division said.
Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for Windows. Tracked as CVE-2020-3153 and CVE-2020-3433, the vulnerabilities could enable local authenticated attackers to perform DLL hijacking and copy arbitrary files to system directories with elevated privileges.
The Dutch police have arrested a 19-year-old man in western Netherlands, suspected of breaching the systems of a healthcare software vendor in the country, and stealing tens of thousands of documents. These documents might contain sensitive personal and medical data of patients of healthcare providers using the company's systems.
The Hive ransomware-as-a-service group has claimed responsibility for a cyber attack against Tata Power that was disclosed by the company less than two weeks ago. The threat actor has also been observed leaking stolen data exfiltrated prior to encrypting the network as part of its double extortion scheme.
Each of these "Bricks" is itself the product of a long supply chain, making the software supply chain a concept that encompasses every facet of IT: from hardware, to source code written by developers, to third-party tools and platforms, but also data storage and all the infrastructures put in place to develop, test and distribute the software. Software supply chains have many grey areas that are not addressed by traditional security methods.