Category: Uncategorized
-
Eric Goldstein Leaving CISA for Private Sector Role SecurityWeek News
CISA executive assistant director for cybersecurity Eric Goldstein is leaving the agency after more than three years. The post Eric Goldstein Leaving CISA for Private Sector Role appeared first on SecurityWeek. Read More
-

Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal [email protected] (The Hacker News)
Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. “This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands,” Check Point said in a technical report. “This exploit has been…
-
2.4 Million Impacted by WebTPA Data Breach Ionut Arghire
Health insurance firm WebTPA says the personal information of 2.4 million individuals was compromised in a data breach. The post 2.4 Million Impacted by WebTPA Data Breach appeared first on SecurityWeek. Read More
-
Cybersecurity M&A Roundup for First Half of May 2024 Eduard Kovacs
Roundup of the cybersecurity-related merger and acquisition (M&A) deals announced in the first half of May 2024. The post Cybersecurity M&A Roundup for First Half of May 2024 appeared first on SecurityWeek. Read More
-
Start-Ups: 10 Tips for Navigating the Headwinds Against High-Growth Jennifer Leggio
These strategies can help cybersecurity startups navigate the current market dynamics, focusing on modern buyer behavior, updated KPIs, brand awareness, and effective sales and marketing alignment. The post Start-Ups: 10 Tips for Navigating the Headwinds Against High-Growth appeared first on SecurityWeek. Read More
-

Defending Your Commits From Known CVEs With GitGuardian SCA And Git Hooks [email protected] (The Hacker News)
All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into their applications. Unfortunately, developers are not writing their own code for the most part these days. 96% of all software contains some open-source components, and open-source components…
-
MediSecure Data Breach Impacts Patient and Healthcare Provider Information Ionut Arghire
MediSecure says data related to prescriptions distributed until November 2023 was compromised in a ransomware attack. The post MediSecure Data Breach Impacts Patient and Healthcare Provider Information appeared first on SecurityWeek. Read More
-
American Radio Relay League Hit by Cyberattack Eduard Kovacs
The American Radio Relay League (ARRL) has been targeted in a cyberattack that resulted in disruption and possibly a data breach. The post American Radio Relay League Hit by Cyberattack appeared first on SecurityWeek. Read More
-

Cyber Criminals Exploit GitHub and FileZilla to Deliver Cocktail Malware [email protected] (The Hacker News)
A “multi-faceted campaign” has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro. “The presence of multiple malware variants suggests a broad cross-platform…
-

Latrodectus Malware Loader Emerges as IcedID’s Successor in Phishing Campaigns [email protected] (The Hacker News)
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. “These campaigns typically involve a recognizable infection chain involving oversized JavaScript files that utilize WMI’s ability to invoke msiexec.exe and install a remotely-hosted MSIRead More
