UK’s Critical Infrastructure Faces Rising Cyberattack Threats Amid Geopolitical Tensions
The UK’s critical infrastructure is increasingly vulnerable to cyberattacks, driven by the expansion of digital systems and geopolitical tensions, particularly the Russia-Ukraine conflict, highlighting the need for enhanced cybersecurity measures.
View full story…
Foreign Hacktivists Target 2024 US Presidential Election With Cyber Interference
Pro-Russian and pro-Palestinian hacktivists are expected to disrupt the electoral process through disinformation campaigns, doxing, and hack-and-leak operations, raising concerns about the integrity of the election.
View full story…
Ransomware Attack on Change Healthcare Exposes Data of 100 Million Americans
In February 2024, a ransomware attack by the ALPHV group on Change Healthcare resulted in the largest healthcare data breach in history, compromising the personal and healthcare information of approximately 100 million individuals.
View full story…
Latest Cybernews
UK Cyber Essentials Certification Scheme Enhances Cyber Resilience
The UK government’s Cyber Essentials Certification scheme has significantly improved cybersecurity practices among organizations, but faces challenges with low uptake and reliance on self-assessment for protection against evolving threats.
View full story…
Cisco Identifies Zero-Day Vulnerability CVE-2024-20481 in Remote Access VPN Services
Cisco has disclosed a zero-day vulnerability, CVE-2024-20481, affecting its Remote Access VPN service, which can be exploited by unauthenticated remote attackers to cause a denial-of-service condition.
View full story…
Critical Security Flaw in AWS CDK Could Allow Account Takeovers
A newly discovered vulnerability in the AWS Cloud Development Kit (CDK) could enable attackers to gain administrative access to AWS accounts by exploiting predictable naming patterns of S3 buckets during the bootstrapping process.
View full story…
Lazarus Group Exploits Chrome Zero-Day Vulnerability in “DeTankZone” Campaign
A sophisticated cyber-attack by the Lazarus Group exploited a critical zero-day vulnerability in Google Chrome, targeting cryptocurrency investors and resulting in significant thefts.
View full story…
Cybersecurity Teams Excluded from AI Policy Development
A recent study reveals that nearly 45% of organizations do not involve cybersecurity teams in the development and implementation of artificial intelligence policies, posing significant risks as reliance on AI technologies grows.
View full story…
Fortinet’s FortiManager Faces Critical Zero-Day Vulnerability CVE-2024-47575
A critical zero-day vulnerability, CVE-2024-47575, affecting Fortinet’s FortiManager is actively being exploited by remote attackers, allowing unauthorized access to sensitive data.
View full story…
White House Issues First National Security Memorandum on AI Development
The White House has released its inaugural National Security Memorandum focused on the safe and trustworthy development of artificial intelligence, aiming to enhance national security while upholding democratic values and human rights.
View full story…
Latest Cybernews
Deceptive Delight: New Adversarial Technique Exposes Vulnerabilities in Large Language Models
Palo Alto Networks Unit 42 has developed Deceptive Delight, a method that effectively circumvents safety protocols in large language models, achieving a 64.6% success rate in generating harmful content during interactive conversations.
View full story…
Grandoreiro Banking Trojan Resurfaces With Enhanced Evasion Tactics
The Grandoreiro banking trojan, initially identified in Brazil, has evolved with advanced capabilities, targeting over 1,700 financial institutions globally and generating significant fraudulent profits while continuing to evade detection despite law enforcement efforts.
View full story…
US Government Enhances Cyber Threat Information Sharing Through TLP
The United States federal government is improving its cyber threat information sharing capabilities with the cybersecurity community and private sector by utilizing the Traffic Light Protocol (TLP) to ensure secure and compliant dissemination of sensitive information.
View full story…