Security News

In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet...

An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it available to other actors at no extra cost. Written in C# and compatible with...

Supply chain attacks are often used, as those attacks allow a threat actor to hit multiple targets easily. No matter the motivation for a cybersecurity attack, identity-based and social engineering attacks are still taking center stage.

As the frequency and sophistication of cyber threats continue to escalate, the need for robust cybersecurity regulations has never been more critical. In this Help Net Security round-up, we present segments from previously recorded videos in which cybersecurity experts underscore the importance of proactive cybersecurity measures in the face of evolving regulations.

In nearly 85% of attacks on critical sectors, compromise could have been mitigated with patching, MFA, or least-privilege principals - indicating that what the security industry historically described as "Basic security" may be harder to achieve than portrayed. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure.

"The SonicWall report reveals that the threat landscape continues to grow in complexity and depth as threat actors adopt new tactics and platforms," said SonicWall CEO Bob VanKirk. The data illustrates the tenacious and evolving state of cyber threats, underscoring the need for businesses to adapt their security strategies continually, and serves as a call for organizations to lean on MSPs to help identify and remediate threats quickly.

President Biden has empowered the US Coast Guard to get a tighter grip on cybersecurity at American ports - including authorizing yet another incident reporting rule. Port Captains, USCG officers responsible for laying down the law in US ports, can now declare "Security zones," inside of which they'll have broad authority to prevent "Access of persons, articles, or things, including any data, information, network, program, system, or other digital infrastructure, to vessels, or waterfront facilities."

On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired....

State and county officials have been urged to use paper ballots wherever possible over electronic ones, and ensure all election offices have procedures in place to handle potentially lethal substances, specifically fentanyl, anthrax, and ricin. On election threats, "We anticipate AI being leveraged for deception campaigns," said Michelle Alvarez, strategic threat analysis manager for IBM X-Force.

Considering that 2024 is a historic year for elections - with an estimated half of the world's population taking part in democratic votes - this high threat of cyber interference has significant implications for global free society, threatening to undermine confidence in voting processes or - at worst - even alter electoral outcomes, according to Tidal Cyber. A concerning 27% of countries with 2024 national elections face the highest threat levels, facing multiple priority adversary groups and many state-backed groups associated with priority adversary countries.