WIRED Threat Level

JUNE 3, 2023

Plus: Amazon’s Ring was ordered to delete algorithms, North Korea’s failed spy satellite, and a rogue drone “attack” isn’t what it seems.

Scams 132

Scams Hacking 132

The Hacker News

JUNE 3, 2023

An analysis of the Linux variant of a new ransomware strain called BlackSuit has covered significant similarities with another ransomware family called Royal. Trend Micro, which examined an x64 VMware ESXi version targeting Linux machines, said it identified an "extremely high degree of similarity" between Royal and BlackSuit.

Ransomware 107

Ransomware 107

Security Affairs

JUNE 3, 2023

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.

Ransomware 96

Ransomware Encryption Cybersecurity Hacking 96

The Hacker News

JUNE 3, 2023

The U.S. Federal Trade Commission (FTC) has fined Amazon a cumulative $30.8 million over a series of privacy lapses regarding its Alexa assistant and Ring security cameras. This comprises a $25 million penalty for breaching children's privacy laws by retaining their Alexa voice recordings for indefinite time periods and preventing parents from exercising their deletion rights.

95

95

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Security Affairs

JUNE 3, 2023

North Korea-linked APT group Kimsuky is posing as journalists to gather intelligence, a joint advisory from NSA and FBI warns. A joint advisory from the FBI, the U.S. Department of State, the National Security Agency (NSA), South Korea’s National Intelligence Service (NIS), National Police Agency (NPA), and the Ministry of Foreign Affairs (MOFA), warns that North-Korea-linked Kimsuky APT group has been impersonating journalists and academics in a spear-phishing campaign aimed at individuals em

Phishing 93

Phishing Social Engineering Hacking Malware 93

Bleeping Computer

JUNE 3, 2023

Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs of exploitation. [.

Firewall 109

Firewall VPN 109

Bleeping Computer

JUNE 3, 2023

Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials for more damaging attacks. [.

Malware 104

Malware 104

The Hacker News

JUNE 3, 2023

A survey of global cybersecurity leaders through the 2023 Certified CISO Hall of Fame Report commissioned by the EC-Council identified 4 primary areas of grave concern: cloud security, data security, security governance, and lack of cybersecurity talent.

CISO 82

CISO Cybersecurity Information Security Government 82

Security Boulevard

JUNE 3, 2023

Key Points Bandit is a new information stealer that harvests stored credentials from web browsers, FTP clients, email clients, and targets cryptocurrency wallet applications. The malware sends stolen information to a command and control server via Telegram. Bandit implements numerous methods to detect and evade virtual machines and malware sandboxes.

Malware 62

Malware Cryptocurrency Computers and Electronics Data collection 62

Security Boulevard

JUNE 3, 2023

I've decided to share with everyone a recently released YouTube video demonstration in Bulgarian on the topic of OSINT and threat intelligence training. Here's a sample Table of Contents for the OSINT and the Threat Intelligence training in Bulgarian: Кой се интересува от индивидуално или групово обучение в сферата на OSINT анализ и превенция на кибер престъпления и анализ и обработка на кибер атаки известен още като практиката Threat Intelligence?

57

57

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk

Security Boulevard

JUNE 3, 2023

Our thanks to BSidesSF for publishing their presenter’s superlative BSidesSF 2023 content on the organizations’ YouTube channel. Permalink The post BSidesSF 2023 – Sanchay Jaipuriyar – Overwatch: A Serverless Approach To Orchestrating Your Security Automation appeared first on Security Boulevard.

InfoSec 57

InfoSec Cybersecurity Education 57

Security Boulevard

JUNE 3, 2023

I've decided to share with everyone a recently released YouTube video demonstration in Bulgarian on the topic of OSINT and threat intelligence training. Here's a sample Table of Contents for the OSINT and the Threat Intelligence training in Bulgarian: Кой се интересува от индивидуално или групово обучение в сферата на OSINT анализ и превенция на кибер престъпления и анализ и обработка на кибер атаки известен още като практиката Threat Intelligence?

52

52