Tag: vulnerability
AI-driven cybersecurity dominates RSA in San Francisco
Artificial Intelligence (AI)-driven cybersecurity is set to dominate RSA, the world’s largest cybersecurity event, which kicked off yesterday in San Francisco and runs from April 28 to May 1. Networking giant Cisco set the pace with an announcement that it is deepening its partnership with ServiceNow, a leading AI platform for business transformation. It is claimed that the combination of Cisco's infrastructure and security platforms and ServiceNow's AI-driven platform and security solutions will unlock mutual customers' ability to secure and scale their use of AI while decreasing risk and complexity. The first such integration will bring together Cisco's AI Defense capabilities with ServiceNow SecOps.
Cybersecurity has become an ongoing war
In our business, assessing risk is crucial. There is a constantly evolving threat landscape, and cybercriminals are constantly introducing new techniques and developing existing ones. And as online connectivity grows, so does every organization's overall attack surface. Unit 42 are constantly conducting research examining the full scope of the ever expanding attack surface and constantly testing existing defenses. They play the role of cybercriminals, acting as white-hat hackers, if you like, in order to detect potential weaknesses. This research is conducted across the board and also directed at each client specific attacks surface. And when there is a breach, Unit 42 is there to detect and control it. They effectively act as wartime consiglieres – remember that the ongoing Russia/Ukraine conflict started in cyberspace. They must also act immediately to mitigate any breach that does occur. Constant research and testing of defenses are vital. We have to be right every time, but the cybercriminal gangs only have to be right once to effect a breach and perform a successful attack.
Only a Global Force Can Combat Cybercrime
George Patsis is the founder and CEO of Obrela and has a proven track record in developing large-scale innovative security programs for major Global 500 companies. In an exclusive interview with Cyber Intelligence, he explains why a global approach is needed to fight cybercrime. This is a philosophical discussion shaped by the evolving changes in the human and society conditions. Ten years ago, digital communications and laptops were supplementary tools in people’s lives and perceived as an extension of our natural world. Today, we are witnessing the evolution of a full-scale digital transformation leading to an entirely new domain: cyberspace. Much like the air travel leading to partitioning of the skies, or the British Empire’s domination of the seas or the space quest. Whenever humankind discovers new domains and frontiers, the absence of clear leadership and authority often leads to conflict and crime. In the American Old West, every town had its own safe, and criminals tried to rob it. In the same way, the new digital frontier of cyberspace is driving demand for companies like OBRELA to protect their digital assets. But we need more than just individual Cybersecurity companies to protect us across the new threats in cyberspace. In the absence of a central cybersecurity authority, cybercriminals operate with near impunity—facing little resistance, no clear attribution, and a remarkably low risk of consequences.
Sperm Bank Heist
Another cyber breach as potentially damaging as that of the infamous hook-up site for married users, Ashley Madison, 15 years ago has recently come to light that could have equally serious consequences. According to a notification filed this month with the California Department of Justice, the sperm bank California Cryobank reports a breach that occurred last April. Stolen files include the names, social security numbers, driver's license numbers, financial accounts, and health insurance information of many of the sperm bank donors and their recipients.
Elon Musk Blames ‘Massive Cyberattack’ for Widespread X Outage – March 10th
Social media platform X suffered a major outage on March 10, with tens of thousands of users unable to access the site. Owner Elon Musk blamed the disruption on a "massive cyberattack," suggesting that a well-funded group or nation-state may have been involved. The outage, which peaked around 10 a.m. EST, affected both the X app and website, with intermittent service disruptions continuing throughout the day. As frustrated users flocked to alternative platforms like Threads and Bluesky, concerns grew over the security of X’s infrastructure.
Advanced Persistent Threats Rise by 74% in 2024 Report – March 6th
The frequency of Advanced Persistent Threats (APTs) has surged, with Kaspersky's latest report revealing a 74% increase in such attacks compared to last year. APTs were detected in 25% of organizations, accounting for 43% of high-severity security incidents, highlighting a sharp rise in sophisticated cyber threats. Kaspersky's analysis suggests attackers are refining their tactics to bypass security measures, leveraging human-operated techniques rather than automated exploits. The report underscores the growing persistence of APT actors, emphasizing the need for proactive defense strategies across industries.
60% of Cybersecurity Professionals Considering Job Change – March 5th
Cybersecurity professionals are restless, with over 60% planning to switch jobs in the next year. A new study by IANS Research and Artico Search highlights career stagnation as a major reason, while salaries remain high across the industry. The report finds senior professionals are the most eager to leave, frustrated by limited growth opportunities. Specialists in cloud security, application security, and threat intelligence, however, continue to command the highest salaries.
Three million Google Chrome users hacked
Over three million Google Chrome users have been issued a warning concerning 16 browser extensions that have been compromised by hackers. This alarming news comes hard on the heels of reports earlier this month that cybercriminals are also leveraging search engine giant Google’s new Gemini 2.0 (artificial intelligence) AI assistant. The list of Google’s hacked browser extensions includes: Emojis, Video Effects for YouTube, Audio Enhancer, Blipshot, Color Changer for YouTube, Themes for Chrome, and YouTube Picture in Pictures. Adblocker for Chrome, Adblock for You, Adblock for Chrome, Nimble Capture, KProxy and Page Refresh, Wistia Video Downloader have also been compromised.
Ransomware attacks on industrial systems double in one year
Ransomware attacks on the operational technology (OT) and industrial control systems (ICS) that run industrial facilities almost doubled in 2024. According to Washington DC-based industrial cybersecurity company Dragos, ransomware attacks on industrial organizations in 2024 increased by a staggering 87 percent over the previous year. The main industries targeted were: electricity and water; industrial manufacturing; telecommunications; oil and gas; food and beverage; chemical manufacturing; mining, transportation, and logistics. Manufacturing, which accounted for 69 percent of all ransomware attacks targeting 1,171 manufacturing entities, was by far the worst hit.
3.9 Billion Passwords Exposed in Infostealer Malware Surge – February 26th
Approximately 2,850 Ivanti Connect Secure VPN instances remain vulnerable to CVE-2025-22467, a critical stack buffer-overflow flaw, according to Shadowserver Foundation. Despite Ivanti patching the vulnerability on February 11, unpatched devices could allow remote authenticated attackers to execute code. The U.S. and Japan lead in exposure, with 852 and 384 vulnerable instances, respectively.
Microsoft 365 accounts are being compromised worldwide
A vast botnet of over 130,000 compromised devices is now attacking Microsoft 365 accounts worldwide. A botnet is a network of computing devices that have been surreptitiously taken over by hackers and are being controlled remotely without the owners’ knowledge. Microsoft 365 accounts are suffering from ‘password spray attacks’ by the botnet. This involves mass attempts to use large numbers of common passwords to infiltrate users’ Microsoft accounts, targeting basic authentication procedures and thereby bypassing multi-factor authentication.
Financial services see DDoS attacks double
Financial services companies worldwide saw the number of distributed denial-of-service (DDoS) attacks more than double in the second half of 2024. A DDoS attack is a malicious attempt to disrupt a service by overwhelming it with a flood of internet traffic. In the same period, the total number of DDoS attacks globally grew by 17 percent. According to global hosting and cloud services company Gcore, the financial services sector saw the most significant rise of any sector in the third and fourth quarters of 2024, with a rise of 117 percent. This marks a consistent overall increase in DDoS attacks quarter on quarter. While the third and fourth quarters of 2024 showed an increase of 17 percent, this represents a 56 percent rise over the same period in 2023.