Aggregator

美国中央情报局（CIA）和其他美国的情报机构，如美国国家安全局（NSA）和美国联邦调查局（FBI），确实有时会

To date, most technology solutions focused on vulnerability management have focused on the prioritization of risks. That usually took the shape of some risk-ranking structure displayed in a table with links out to the CVEs and other advisory or threat intelligence information. This is a necessary step, but it’s insufficient. While knowing which vulnerabilities are the most pressing is nice, the desired outcome is ensuring those vulnerabilities are addressed and mitigated as quickly as possible. … More →

The post Vulnerability prioritization is only the beginning appeared first on Help Net Security.

In the first six months of 2024, Hiya flagged nearly 20 billion calls as suspected spam – more than 107 million spam calls everyday. The data showed spam flag rates of more than 20% of unknown calls (calls coming from outside of someone’s address book) in 25 out of the 42 countries – with some spam flag rates above 50%. The first half of 2024 also saw an increase in AI deepfake scams, which use … More →

The post Fraud tactics and the growing prevalence of AI scams appeared first on Help Net Security.

Group Claims a NY Surgical Center and a Nevada Medical Center Among Recent Victims
U.S. authorities are warning healthcare sector entities of incidents involving Everest, a Russian-speaking ransomware group and initial access broker, which claims to have stolen sensitive patient information in recent attacks, including on two medical care providers in New York and Nevada.

Logging Best Practices Guidance Aims to Enhance Global Detection and Response
The Australian Signals Directorate's Australian Cyber Security Center released joint guidance with a cohort of international cyber agencies that aims to provide baseline standards for event logging and threat detection, amid a wave of high-profile attacks employing "living off the land" techniques.

Kimsuky, or a Related Group, Deploys XenoRAT Variant
A North Korean hacking team hastily pivoted from using publicly available cloud computing storage to its own infrastructure after security researchers unmasked a malware campaign. The group shifted from using cloud service including Google Drive, OneDrive, and Dropbox to systems under its control.

Also: Dangers of Malicious Code Embedded in ML Models; Is Ransomware in Decline?
AI's influence on social engineering and election security has become a focal point at Black Hat. ISMG editors discuss how advanced technologies are making it easier to manipulate people and compromise security systems and offer key insights on machine learning vulnerabilities.

间谍行动的威胁常常来自于内部人员，一个单位和组织内部哪些人容易成为内鬼？

After peaking in late 2023, the ransomware industry is beginning to stabilize in productivity, with notable developments in ransomware targets, and industry dynamics, according to WithSecure. Sectors impacted by ransomware (Source: WithSecure) While ransomware productivity has shown signs of leveling off in 2024, the frequency of attacks and ransom payments collected remained higher in the first half of 2024 than in 2022 and 2023. “There has been a marked shift towards targeting small and medium-sized … More →

The post The changing dynamics of ransomware as law enforcement strikes appeared first on Help Net Security.

SolarWinds 在其 Web Help Desk 产品中留下了硬编码凭证，可供远程、未经身份验证的攻击者使用，登录易受攻击的实例、访问内部功能并修改敏感数据 该软件制造商称这是一个严重的疏忽，目前已发布更新修复；制造商鼓励用户安装修复程序，该修复程序会删除内置的硬编码凭证。 该安全漏洞编号为CVE-2024-28987，CVSS 严重性评级为 9.1（满分 10）。 它影响 Web Help Desk 12.8.3 HF1 及所有先前版本，并已在 12.8.3 HF2 中修复。昨天发布的修补程序必须手动安装。 WHD 是 SolarWinds 的 IT 帮助台票务和资产管理软件，其网站拥有来自政府、教育、医疗保健、非营利组织和电信领域客户的推荐。   转自军哥网络安全读报，原文链接：https://mp.weixin.qq.com/s/Z9feIKhNS9VrRE__XM6xsA 封面来源于网络，如有侵权请联系删除