A nation-state threat actor known as ‘Charming Kitten’ (Phosphorus, TA453, APT35/42) has been observed deploying a previously unknown backdoor malware named ‘Sponsor’ against 34 companies around the globe. One of the notable features of the Sponsor backdoor is that it hides its otherwise innocuous configuration files on the victim’s disk so they can be discreetly […]

July 2023 saw record levels of ransomware attacks carried out, with 502 observed by NCC Group’s Global Threat Intelligence team throughout the month. The findings mark a 154% increase year-on-year (198 attacks in July 2022), and a 16% rise on the previous month (434 attacks in June 2023).  Cl0p continues to dominate following MOVEit exploitation 

Microsoft Internet Information Services (IIS) is a web server software package designed for Windows Server. Organizations commonly use Microsoft IIS servers to host websites, files, and other content on the web. Threat actors increasingly target these Internet-facing resources as low-hanging fruit for finding and exploiting vulnerabilities that facilitate access to IT environments. Recently, a slew

Claroty’s 2023 Global Healthcare Cybersecurity Study Exposes Widespread Vulnerabilities and Impact By   ISBuzz Team Writer , Information Security Buzz | Aug 31, 2023 06:49 am PST Claroty, in its 2023 Global Healthcare Cybersecurity Study, unveils unsettling revelations about the state of cybersecurity within the healthcare sector. This independent, global survey involves 1,100 professionals in various roles

The recent adoption of cybersecurity disclosure rules by the Securities and Exchange Commission (SEC) ushers in a transformative era for public companies. Under the updated regulations, the latest revision to Form 8-K emphasizes the importance of collaboration between a company’s internal and external stakeholders. This amendment requires the prompt disclosure of “material cybersecurity incidents” through

For small and medium-sized enterprises (SMEs), the major shift to remote and hybrid working has significantly raised the cybersecurity stakes. Now more than ever, small IT teams must often wear multiple hats, tasked with ensuring networks and IT systems to perform without problems while keeping data safe from a broadening range of complex cyber threats.  Adding

Head over to our on-demand library to view sessions from VB Transform 2023. Register Here The manufacturing sector is rife with unprotected Internet of Things (IoT) sensors and devices, many of them integrated into enterprises’ mission-critical systems. The resulting gaps make operations technology (OT) and information technology (IT) networks vulnerable to devastating cyberattacks. Visibility is

Cybersecurity has become a crucial concern for businesses of all sizes and sectors in today’s digital era. Cyber attacks are becoming more frequent and intricate, making it difficult for companies to safeguard themselves against data breaches, malware infections, and other malicious activities. Small and medium-sized enterprises (SMEs) are especially susceptible as they usually lack the

CyberArk, the identity security company, has announced its new Artificial Intelligence Center of Excellence details. “Drawing upon years of utilising artificial intelligence (AI) and machine learning (ML) technology across the CyberArk Identity Security Platform, CyberArk is expanding R&D and product development resources to advance the use of generative AI to improve security for its more

Cybersecurity remains a top concern for organizations, given the growing frequency and sophistication of cyber threats. Google Cloud is taking unprecedented steps to confront these challenges head-on, unveiling innovations that leverage artificial intelligence (AI) for enhanced security. These announcements were made at the recent Google Cloud Next event. Leveraging AI to Tackle Security Challenges Google