Vendor email compromise: The silent $300M threat CISOs can’t ignore
Vendor email compromise (VEC) attacks are bypassing traditional defenses by exploiting human trust rather than technical vulnerabilities, according to a new report by Abnormal AI. The data in the...
View ArticleHackers use Vishing to breach Salesforce customers and swipe data
In an active campaign, a financially motivated threat actor is voice phishing (Vishing) Salesforce customers to compromise their organizational data and carry out subsequent extortion. Tracked as...
View ArticleClik here to view.
Cyber Resilience in Zeiten geopolitischer Unsicherheit
Cyberbedrohungen existieren längst nicht mehr im luftleeren Raum – sie entstehen im Spannungsfeld von Geopolitik, regulatorischer Zersplitterung und einer stetig wachsenden digitalen...
View ArticleGet out of the audit committee: Why CISOs need dedicated board time
Adequate time with the board is in short supply for CISOs and this restricted engagement is leaving organizations unprepared to fully understand and manage enterprise risk. Time for the cybersecurity...
View ArticleClik here to view.
Hackerangriff auf deutschen Pappspezialist Wellteam
126822068 Olivier Le Moal – shutterstock.com Laut einem Bericht der Regionalzeitung Westfalen-Blatt bemerkte die IT von Wellteam bereits am 23. Mai, dass Hacker in das System eingedrungen waren....
View ArticleData hoarding can have financial and security consequences
End-of-life data management, be it deletion of what is no longer required, or data removal from hardware before it’s decommissioned, may not get the attention that data loss through breaches...
View ArticleSupply chain attack hits RubyGems to steal Telegram API data
An ongoing supply chain attack is targeting the RubyGems ecosystem to publish malicious packages intended to steal sensitive Telegram data. Published by a threat actor using multiple accounts under...
View ArticleMicrosoft launches European Security Program to counter nation-state threats
Microsoft (Nasdaq:MSFT) has announced a comprehensive cybersecurity program that will provide free AI-powered defense tools to European governments facing increasing attacks from Russian, Chinese,...
View ArticleClik here to view.
Outdoor-Shop Unterwegs von Cyberattacke betroffen
Der Händler für Outdoor-Ausrüstung Unterwegs wurde gehackt. Dabei sind möglicherweise Kundendaten abgeflossen.ORIONF – shutterstock.com Der Unterwegs Outdoor Shop wurde nach eigenen Angaben Ende Mai...
View ArticleClik here to view.
Hacker erbeuten Salesforce-Daten mit Vishing
Salesforce-User in mehreren Branchen wurden Opfer einer gezielten Vishing-Attacke.JHVEPhoto – shutterstock.com Eine neue Welle von Cyberangriffen auf Salesforce-Kunden erfasst aktuell Unternehmen...
View ArticleCISOs beware: genAI use is outpacing security controls
Employees in every organization use an average of 6.6 high-risk generative AI applications – including some unknown to CISOs — says Palo Alto Networks in a new study. But, an expert says, that...
View ArticleTop US cyber officials face divergent paths after Senate confirmation
Since the start of the Trump administration, the US federal government’s two top cybersecurity leadership positions have been vacant, but those roles are finally on the path to being filled. The first...
View ArticleCISA asks CISOs: Does that asset really have to be on the internet?
The US Cybersecurity and Infrastructure Security Agency (CISA) this week issued guidance to infosec pros on ways they can find insecure IT and OT systems, including servers, databases, sensors,...
View ArticleClik here to view.
Cybersecurity in der Lieferkette: Wie Sie Ihre Software-Supply-Chain schützen
Um Ihre Software-Lieferkette zu schützen, kann Generative AI sehr hilfreich sein.NTPY -Shutterstock.com Es klingt wie ein Agentenkrimi: Unbekannten Drahtziehern ist es gelungen, eine Hintertür in der...
View ArticleCISOs urged to push vendors for roadmaps on post-quantum cryptography readiness
CISOs have been urged to demand clear post-quantum cryptography (PQC) readiness roadmaps from vendors and partners to combat the looming threat of cryptographically relevant quantum computers. Quantum...
View ArticleClik here to view.
Diese Unternehmen hat es schon erwischt
Lesen Sie, welche Unternehmen in Deutschland aktuell von Cyberangriffen betroffen sind.Roman Samborskyi | shutterstock.com Sie denken, Ihre Sicherheitsmaßnahmen können Sie langfristig vor...
View ArticleDon’t give hacktivists what they really want
Recently, several important Swedish services have been hit by distributed denial-of-service attacks: a few weeks ago it was Swish, before that it was Bank-id, and when the tax return period started in...
View ArticleColossal breach exposes 4B Chinese user records in surveillance-grade database
A colossal data breach has reportedly exposed approximately four billion records containing personal information of hundreds of millions of users, primarily from China. The 631-gigabyte database was...
View ArticleNew phishing campaign hijacks clipboard via fake CAPTCHA for malware delivery
A new wave of browser-based phishing tricks unsuspecting users into copy-pasting malicious commands into their systems, all while believing they’re completing a legitimate CAPTCHA verification....
View ArticleClik here to view.
Microsoft startet neues europäisches Sicherheitsprogramm
Microsoft will die Cybersicherheit in Europa stärken.MeshCube – shutterstock.com Microsoft warnt davor, dass sich Ransomware-Gruppen und staatlich geförderte Akteure aus Russland, China, dem Iran und...
View Article