First-ever Linux UEFI bootkit turns out to be student project
Bootkitty, a recently discovered boot-level UEFI rootkit for Linux, was evidently created by students participating in a cybersecurity training program at the South Korean Information Technology...
View ArticleClik here to view.
BlackBerry Highlights Rising Software Supply Chain Risks in Malaysia
In 2024, BlackBerry unveiled new proprietary research, underscoring the vulnerability of software supply chains in Malaysia and around the world. According to the study, 79% of Malaysian organizations...
View ArticleClik here to view.
Security-KPIs und -KRIs: So messen Sie Cybersicherheit
Cybersicherheit zu messen, ist kein Kinderspiel. Foto: Ultraskrip – shutterstock.comEine wichtige Säule jedes ausgereiften Cyberrisk-Programms ist die Fähigkeit, die Performance der IT-Security und...
View ArticleClik here to view.
“Crimenetwork” ausgehoben
“Crimenetwork” war für die Betreiber über Jahre ein einträgliches Geschäft. Die finale Abrechnung übernehmen nun die Strafverfolgungsbehörden.Zubkov Igor | shutterstock.com Wie das Bundeskriminalamt...
View ArticleTalent overlooked: embracing neurodiversity in cybersecurity
In cybersecurity, diverse perspectives help in addressing complex, emerging threats. Increasingly, there’s a push to recognize that neurodiversity brings significant value to cybersecurity. However,...
View Article63% of companies plan to pass data breach costs to customers
Consumers may be more on the hook for paying for the rising costs of data breaches than they realize, as companies increasingly turn to price hikes as part of their post-breach cost-recovery...
View ArticleClik here to view.
Erstes Linux-UEFI-Bootkit ist Studentenprojekt
Bootkits sind kein Windows-exklusives “Feature” mehr.isarisphotography | shutterstock.com Forscher des Sicherheitsanbieters ESET hatten Ende November 2024 darüber berichtet, das erste UEFI-Bootkit für...
View ArticleVeeam issues patch for critical RCE bug
Veeam is warning its customers of two vulnerabilities, of which one is a critical RCE bug, affecting the Service Provider Console (VSPC), a web-based management platform for managed service providers...
View ArticleClik here to view.
Russland knöpft sich Exil-Wodka vor
Russische Behörden und Hacker treiben Die unliebsame Exil-Firma in den Ruin.Alex Alaks/shutterstock.com Die US-Unternehmen der Stoli Group, zu denen unter anderem die Wodka-Marken Stoli und Elit...
View ArticleClik here to view.
Neue AWS-KI-Rezepte gegen Cloud-Bedrohungen
Amazon Web Services erweitert seine Cloud-Security-Angebote um KI- und ML-Funktionalitäten.Gorodenkoff / Shutterstock Wenn zunehmend komplexe Cloud-Umgebungen und wachsende Cyberbedrohungen...
View ArticleSecurity teams should act now to counter Chinese threat, says CISA
Security teams and individuals across the US need to take immediate precautions to counter the surveillance threat posed by Chinese ‘Salt Typhoon’ hackers, who have burrowed deep into telecoms...
View ArticleFortinet offers integrated cloud app security service
Fortinet has melded some of its previously available services into an integrated cloud package aimed at helping customers secure applications. The new service, FortiAppSec Cloud, brings web and API...
View ArticleEuropean law enforcement breaks high-end encryption app used by suspects
A group of European law enforcement agencies were able to crack a high-level encryption app that a group of suspects created to avoid law enforcement monitoring, according to a statement issued...
View ArticleIs the tide turning on macOS security?
The Apple ecosystem has been recognized for years by users and cybersecurity experts as among the most secure, offering flagship security features and a high level of user privacy protection. But...
View ArticleDear CEO: It’s time to rethink security leadership and empower your CISO
As a CISO, I’ve spent years navigating the delicate balance of responsibility and authority, accountability, and autonomy. After writing “The CISO Paradox,” I was struck by how deeply the article...
View ArticleSolana SDK backdoored to steal secrets, private keys
The JavaScript-based software development kit (SDK) that allows developers to interact with the Solana Blockchain has suffered a supply chain attack aimed at crypto theft. Solana Web3.js library,...
View ArticleClik here to view.
Black Basta erpresst Beko Technologies
Die Ransomware-Bande Black Basta erpresst den deutschen Druckluftspezialisten Beko Technologies mit 700 Gigabyte gestohlenen Daten.PeopleImages.com – Yuri A – Shutterstock.com Beko Technologies wurde...
View ArticleUS may plan legislation to contain Chinese cyber espionage
US senators were briefed behind closed doors this week on the scale of “Salt Typhoon,” an alleged Chinese cyber-espionage campaign targeting the nation’s telecommunications networks. The FBI, CISA,...
View ArticleClik here to view.
Nato befürchtet neue schwere Sabotageakte und Cyberangriffe
Die Anzahl der Angriffe auf das Bündnisgebiet der Nato steigen kontinuierlich weiter an.PX Media – Shutterstock.com Die Nato befürchtet neue schwere Sabotageakte und Cyberangriffe auf das...
View ArticleClik here to view.
FBI-Tipps zum persönlichen Schutz vor KI-Angriffen
KI-Kriminalität nimmt zu. Deswegen veröffentlicht die US-Sicherheitsbehörde Ratschläge, wie man sich dagegen wappnet. Ralf Liebhold/shutterstock.com Die digitale Neuauflage des Enkeltricks,...
View Article