Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and its subsidiary Mandiant reported that in 2023 97 zero-day vulnerabilities were exploited in attacks, while in 2022 the actively exploited zero-day flaws were 62. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 108

Government Ransomware Libraries Access 108

Security Affairs

MAY 26, 2022

Italy announced its National Cybersecurity Strategy for 2022/26, a crucial document to address cyber threats and increase the resilience of the country. The threat landscape rapidly changes and urges the government to review its strategy and propose a series of objectives to achieve in the next four years.

Cybersecurity 138

Cybersecurity IT Risk Government 138

Security Affairs

MAY 26, 2022

Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. The virtualization giant recently warned that a threat actor can exploit the CVE-2022-22972 flaw (CVSSv3 base score of 9.8) using CVE-2022-22972. states VMware.

Authentication 136

Authentication Cybersecurity Access Education 136

Security Affairs

APRIL 25, 2024

CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

IT 116

IT Education Cybersecurity Risk 116

IT Governance

JANUARY 9, 2023

Welcome to our review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly lists of data breaches and cyber attacks. IT Governance discovered 1,063 security incidents in 2022, which accounted for 480,014,323 breached records. How security incidents occurred.

Data breaches 126

Data breaches Ransomware Government Passwords 126

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. The experts warn of ransomware attacks against government organizations. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022.

Ransomware 138

Ransomware Government Sales Cybersecurity 138

IT Governance

OCTOBER 19, 2022

Welcome to our third quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance identified 285 publicly disclosed security incidents between July and September 2022, which accounted for 232,266,148 compromised records.

Data breaches 116

Data breaches Ransomware Phishing Government 116

Security Affairs

OCTOBER 16, 2022

Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352 , in the Zimbra Collaboration Suite. reported Rapid7. “We

Archiving 116

Archiving Government Ransomware IT 116

Everteam

DECEMBER 27, 2022

Analyzing , Archiving , Governing , Information Governance , Records Management. 2022 Retrospective. 27 December 2022. Why not start this year 2023, going back for a few seconds to 2022. Here is our 2022 retrospective, 1 year of work, good times, and fun spent creating content for you. Anne-Claire Girard.

Records Management 52

Records Management Information governance Archiving Government 52

Security Affairs

MARCH 19, 2024

The campaign seems active since at least early 2022 and focuses primarily on government organizations. The group often exploited access to government infrastructure to target other government entities. “Earth Krahang abuses the trust between governments to conduct their attacks.

Government 79

Government Phishing Access Passwords 79

eSecurity Planet

JUNE 21, 2022

An IT security certification can provide a key boost for your career, but with so many different certifications available (and so many organizations more than happy to take your money for training and testing), it’s important to make sure that the time and investment are well spent. How to Choose a Security Certification.

Cybersecurity 119

Cybersecurity Systems administration Information Security Compliance 119

IT Governance

JULY 11, 2022

Welcome to our second quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 237 security incidents between April and June 2022, which accounted for 99,019,967 breached records.

Data breaches 105

Data breaches Ransomware Phishing Government 105

Security Affairs

SEPTEMBER 25, 2023

A stealthy APT group tracked as Gelsemium was observed targeting a Southeast Asian government between 2022 and 2023. Palo Alto Unit42 researchers an APT group tracked as Gelsemium targeting a Southeast Asian government. appeared first on Security Affairs. OwlProxy is a unique and custom tool used by the group.

Government 102

Government Manufacturing Education Access 102

IT Governance

MARCH 20, 2024

In the UK, cyber security has been dropping down the board’s list of priorities. A 2022 Proofpoint study found that 76% of UK board members believed their organisation to be at risk of a material cyber attack in the next 12 months – higher than the global average of 65%. Specifically, a 13.4% drop for charities (from 72% to 62%).

Security 116

Security Data breaches Government Insurance 116

IT Governance

APRIL 12, 2022

Welcome to our first quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 266 security incidents between January and March 2022, which accounted for 75,099,482 breached records.

Data breaches 115

Data breaches Ransomware Government Retail 115

Data Matters

FEBRUARY 25, 2022

Join us from February 28 – March 3 for DPFS Week 2022 , a series of webinars looking at the impacts of data privacy across the financial sector. How to deal with and manage the key issues for 2022, such as AI, data governance, and international transfers. Securities and Exchange Commission.

Financial Services 103

Financial Services Privacy Data Privacy Cybersecurity 103

Security Affairs

JANUARY 12, 2023

Recently patched Fortinet FortiOS SSL-VPN zero-day exploited in attacks against government organizations and government-related targets. The CVE-2022-42475 flaw is a heap-based buffer overflow issue that resides in FortiOS sslvpnd. “A reads the advisory published by the security vendor. Pierluigi Paganini.

Government 89

Government Marketing Security Cybersecurity 89

Security Affairs

MARCH 7, 2023

Researchers discovered a new info stealer dubbed SYS01 stealer targeting critical government infrastructure and manufacturing firms. ” The experts reported that the campaign was first uncovered in May 2022 that Zscaler researchers linked to the Ducktail operation by Zscaler. ” reads the analysis published by Morphisec.

Government 93

Government Manufacturing Authentication Cybersecurity 93

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government 113

Government Authentication Phishing IT 113

Security Affairs

JANUARY 11, 2023

US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

IT 92

IT Ransomware Cloud Cybersecurity 92

IT Governance

MAY 24, 2022

Organisations must always look for cost-effective ways to address the cyber security risks they face. With more than 1,200 publicly disclosed data breaches last year , and organisations spending almost £3 million on average responding to security incidents , effective risk management is a top priority.

Insurance 137

Insurance Data breaches GDPR Ransomware 137

Thales Cloud Protection & Licensing

JANUARY 5, 2022

Trends and Predictions for 2022 – More of the Same? Wed, 01/05/2022 - 05:12. What will 2022 bring for cybersecurity? What are the key security challenges for 2022? This conundrum makes enterprises more vulnerable when it comes to their overall security posture. What technologies are expected to rise?

Phishing 127

Phishing Digital transformation Communications Cybersecurity 127

KnowBe4

JANUARY 5, 2023

The UK’s National Cyber Security Centre (NCSC) has outlined the top six most impersonated UK government agencies in 2022. The most impersonated entity was the National Health Service (NHS), followed by TV Licensing, HM Revenue & Customs, Gov.uk, DVLA, and Ofgem.

Government 84

Government Phishing Security 84

IT Governance

OCTOBER 27, 2022

A new version of ISO 27001 was published this week, introducing several significant changes in the way organisations are expected to manage information security. The good news for organisations is that ISO 27001:2022 doesn’t drastically overhaul their compliance requirements. What’s changing?

IT 119

IT Information Security Compliance Security 119

Security Affairs

AUGUST 3, 2023

CISA, the FBI, and NSA, along with Five Eyes cybersecurity agencies published a list of the 12 most exploited vulnerabilities of 2022. CISA, the NSA, and the FBI, in collaboration with cybersecurity authorities from Australia, Canada, New Zealand, and the United Kingdom, have published a list of the 12 most exploited vulnerabilities of 2022.

Authentication 83

Authentication Cybersecurity Access Risk 83

IT Governance

SEPTEMBER 7, 2023

This week, we discuss security issues at the Electoral Commission, Meta’s appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi. Transcript: Hello and welcome to the IT Governance podcast for Friday, 8 September 2023.

Government 115

Government IT Personal data GDPR 115

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. ” reads the report. Pierluigi Paganini.

Ransomware 84

Ransomware Financial Services Manufacturing Phishing 84

Thales Cloud Protection & Licensing

APRIL 12, 2022

Identity Management Day 2022: Identity Security Is Our Responsibility. Tue, 04/12/2022 - 09:41. As the lines between our personal and professional lives continue to blur, protecting our digital identities as consumers, employees, or partners is essential to security.

Security 71

Security Authentication Digital transformation Data breaches 71

Data Protection Report

JANUARY 9, 2023

With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022. . in damages to its customer over data leak.

Cybersecurity 112

Cybersecurity Personal data Data breaches Ransomware 112

Data Matters

MARCH 3, 2022

CISA has also suggested lowering reporting thresholds and empowering organizations’ chief information security officers to be involved in the decision-making process in light of the heightened threat environment. Government Issues Warning of Threat Against U.S. See the “Shields Up” warning for additional details and recommendations.

Government 141

Government Cybersecurity Authentication Information Security 141

eSecurity Planet

MARCH 27, 2023

Enterprise IT, network and security product vulnerabilities were among those actively exploited in zero-day attacks last year, according to a recent Mandiant report. Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. firewalls, IPS/IDS appliances, etc.),” the researchers wrote.

Cloud 89

Cloud Ransomware Risk Access 89

Security Affairs

JANUARY 14, 2022

Threat actors defaced multiple Ukrainian government websites after talks between Ukrainian, US, and Russian officials hit a dead this week. Threat actors have defaced multiple websites of the Ukrainian government on the night between January 13 and January 14. — Oleg Nikolenko (@OlegNikolenko_) January 14, 2022.

Government 96

Government CMS Personal data Education 96

eSecurity Planet

JANUARY 11, 2022

As we enter 2022, the shortage of cybersecurity pros hasn’t gotten better. The move to remote work in response to the COVID-19 pandemic increased the workloads for skilled IT professionals, and combined with the rising rate of ransomware attacks , many security pros are suffering from burnout. Government Initiatives.

Cybersecurity 138

Cybersecurity Government Digital transformation Communications 138

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. Cyber security and intelligence experts believe that attacks aimed at the cryptocurrency industry will continue to increase next year. trillion won ($1.2 billion) in cryptocurrency and other virtual assets in the past five years.

Military 125

Military Government Ransomware Security 125

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. A graphic depicting how 0ktapus leveraged one victim to attack another.

Passwords 308

Passwords Phishing Access Encryption 308

Security Affairs

AUGUST 29, 2023

China-linked threat actors breached government organizations worldwide with attacks exploiting Barracuda ESG zero-day. The vulnerability, tracked as CVE-2023-2868 , resides in the module for email attachment screening, the issue was discovered on May 19 and the company fixed it with the release of two security patches on May 20 and 21.

Government 103

Government Access Security Cybersecurity 103

Collibra

OCTOBER 25, 2023

In November 2022, generative AI exploded into public awareness, surging in popularity with the introduction of ChatGPT. That’s why AI governance is crucial in mitigating risks and ensuring your AI initiatives are transparent, ethical and trustworthy. AI models and governance An AI model is, at its core, a mathematical construct.

Government 96

Government IT Data science Compliance 96