CISA Unveils Ransomware Notification Initiative
Provides businesses with early warnings to evict threat actors before they can encrypt data
WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
The vulnerability could allow an unauthenticated attacker to gain admin privileges and take over a website
GitHub Updates Security Protocol For Operations Over SSH
The move reportedly did not stem from a compromise of GitHub systems or customer information
Now UK Parliament Bans TikTok from its Network and Devices
Further blow for Chinese social media app
IRS Phishing Emails Used to Distribute Emotet
Monster 500MB attachment hides a nasty surprise
Fifth of Execs Admit Security Flaws Cost Them New Biz
Business leaders still underestimate importance of security to growth
China-Aligned “Operation Tainted Love” Targets Middle East Telecom Providers
The deployment of custom credential theft malware is the main novelty of the new campaign
SharePoint Phishing Scam Targets 1600 Across US, Europe
Cyber-criminals used the scam to steal the credentials for various email accounts
New Post-Exploitation Attack Method Found Affecting Okta Passwords
The flaw derives from the way the Okta system records failed login attempts to instances
UK Government Sets Out Vision for NHS Cybersecurity
Plans to boost cyber-resilience in the health service by 2030
Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts
Software was unwittingly downloaded thousands of times
Irish Food Giant Dole Admits Employee Data Breach
Incident was linked to previously disclosed ransomware attack
BreachForums Shuts Down After Admin's Arrest
The forum's admin said the move might be temporary and that they will set up a new Telegram group
New Android Banking Trojan 'Nexus' Promoted As MaaS
Nexus offers overlay attacks and keylogging activities designed to steal victims' credentials
CISA and NSA Enhance Security Framework With New IAM Guide
Guidance includes best practices for identity governance, environmental hardening, SSO, MFA and IAM auditing