Tag: international

It pays to know how your cybersecurity stacks up

Feb 4, 2025 10:12 PM

Tags: advisory, attack, breach, business, ceo, ciso, cloud, cybersecurity, data, endpoint, framework, gartner, group, intelligence, international, jobs, metric, network, nist, risk, startup, technology, tool, update

Like all other business leaders, chief information security officers (CISOs) could find themselves on the unemployment line if something on their watch goes seriously sideways.But what if CISOs simply aren’t demonstrating enough business value?With companies cutting costs, proving cybersecurity programs are good for the business has become vital to protecting budgets and jobs. That’s why…
Musk’s DOGE effort could spread malware, expose US systems to threat actors

Feb 4, 2025 10:12 AM

Tags: access, ai, api, attack, authentication, ceo, cio, computer, computing, control, cyber, cybercrime, cybersecurity, data, defense, email, exploit, governance, government, hacking, infection, infosec, international, jobs, malicious, malware, network, office, privacy, ransomware, risk, service, technology, threat, tool

Over the past 10 days, an astonishing series of actions by Elon Musk via his Department of Government Efficiency (DOGE) project has elevated the cybersecurity risk of some of the most sensitive computing systems in the US government. Musk and his team of young, inexperienced engineers, at least one of whom is not a US…
New Phishing Attack Hijacks High-Profile X Accounts to Promote Scam Sites

Feb 3, 2025 5:12 PM

Tags: attack, crypto, cyber, exploit, international, phishing, scam

A new wave of phishing attacks has been identified, targeting high-profile accounts on the social media platform X (formerly Twitter). This campaign, analyzed by SentinelLABS, aims to hijack accounts belonging to prominent individuals and organizations, including U.S. political figures, international journalists, employees of X, and cryptocurrency entities. The compromised accounts are then exploited to promote…
Justice Department Disrupts Cybercrime Network Selling Hacking Tools to Organized Crime Groups

Feb 3, 2025 10:12 AM

Tags: crime, cybercrime, fraud, group, hacking, international, network, organized, tool

The Justice Department made a new move in disrupting an international network of cybercriminals by announcing the coordinated seizure of 39 cybercrime websites. These websites, associated with a Pakistan-based operation called the HeartSender, were used to sell hacking tools and fraud-enabling resources to transnational organized crime groups. The action was carried out in collaboration with…
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 31

Feb 2, 2025 5:12 PM

Tags: attack, backdoor, cloud, exploit, international, malware, phone, ransomware, risk

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. ESXi Ransomware Attacks: Stealthy Persistence through SSH Tunneling MintsLoader: StealC and BOINC Delivery Cloud Ransomware Developments – The Risks of Customer-Managed Keys New TorNet backdoor seen in widespread campaign Active Exploitation: New Aquabot Variant Phones Home…
Security Affairs newsletter Round 509 by Pierluigi Paganini INTERNATIONAL EDITION

Feb 2, 2025 4:12 PM

Tags: attack, email, international, ransomware, WeeklyReview

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. A ransomware attack forced New York Blood Center to reschedule appointments Contec CMS8000 patient monitors contain a hidden…
Researchers Jailbreaked DeepSeek R1 to Generate Malicious Scripts

Jan 29, 2025 12:36 PM

Tags: cyber, international, malicious, openai, vulnerability

Researchers have successfully jailbroken DeepSeek R1, a cutting-edge reasoning model originating from China. Dubbed a potential challenger to tech giants like OpenAI, DeepSeek R1 has garnered international attention for its impressive problem-solving abilities in mathematics, logic, and coding. However, the model’s vulnerabilities have raised significant ethical and security concerns, especially after it was manipulated to…
MGM agrees to pay $45 million to victims of 2019 data breach and 2023 ransomware attack

Jan 29, 2025 5:37 AM

Tags: attack, breach, data, data-breach, international, ransomware

MGM Resorts International agreed to pay $45 million to settle multiple class action lawsuits related to a data breach in 2019 and a ransomware attack the company experienced in 2023. First seen on therecord.media Jump to article: therecord.media/mgm-agrees-45-million-payment-data-breach-ransomware-victims
New CEO Rob Greer on Scaling ExtraHop’s NDR Product Globally

Jan 23, 2025 8:23 PM

Tags: ceo, detection, international, network, strategy, technology

Greer on Adding Capabilities Adjacent to NDR, Using Channel Partnerships for Scale. New ExtraHop CEO Rob Greer sees massive potential in scaling the company’s network detection and response platform globally. His strategy includes investing in international markets, enhancing channel partnerships and delivering value to large enterprises through seamless technology integration. First seen on govinfosecurity.com Jump…
25 on 2025: APAC security thought leaders share their predictions and aspirations

Jan 22, 2025 8:22 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, business, ciso, cloud, compliance, control, cryptography, csf, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, deep-fake, detection, disinformation, encryption, endpoint, exploit, extortion, finance, framework, fraud, government, group, hacking, Hardware, identity, incident, incident response, infrastructure, injection, intelligence, international, iot, malicious, malware, microsoft, monitoring, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, scam, service, skills, social-engineering, software, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, update, vulnerability, warfare, zero-trust

As threat actors and security teams harness the growing potential of artificial intelligence (AI), who will prevail? From generative AI (GenAI) to agentic AI, we look through the lens of 25 of Asia-Pacific’s thought leaders in security and dive into their predictions and goals for the year. src=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Athikom.jpg?quality=50&strip=all” alt=”athikom” loading=”lazy” width=”400px”>Athikom Kanchanavibhu Chief Information Security…
Cybersecurity is tough: 4 steps leaders can take now to reduce team burnout

Jan 22, 2025 7:22 AM

Tags: ai, attack, breach, business, ciso, compliance, control, corporate, cybercrime, cybersecurity, group, incident response, international, jobs, risk, soc, tactics, threat

Working in cybersecurity is only getting harder. Cybercriminals continue to up their game as security teams scramble to catch up with attack tactics and techniques. Organizations put near-impossible demands on their security departments, often with little or no support.The “always-on” nature of many roles in cybersecurity (from SOC analyst to incident response to the CISO)…
GDPR Compliance in the US: Checklist and Requirements

Jan 22, 2025 5:22 AM

Tags: compliance, data, GDPR, international, regulation
Forescout Report Detail Hunters International Ransomware Gang Tactics

Jan 21, 2025 5:22 PM

Tags: cybercrime, international, ransomware, service, tactics

An analysis of the operations of Hunters International, the ransomware-as-a-service platform that has been used to compromise more than 200 organizations, conducted by Forescout Technologies reveals the cybercriminal syndicate that created it is employing a wide range of new and old tactics and techniques. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/forescout-report-detail-hunters-international-ransomware-gang-tactics/
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 29

Jan 19, 2025 11:23 PM

Tags: ai, attack, credit-card, group, injection, international, malware, ransomware, service, wordpress

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection Ransomware on ESXi: The mechanization of virtualized attacks FunkSec Alleged Top Ransomware Group Powered by AI Abusing AWS Native Services: Ransomware Encrypting S3 Buckets […]…
Security Affairs newsletter Round 507 by Pierluigi Paganini INTERNATIONAL EDITION

Jan 19, 2025 11:23 PM

Tags: breach, china, cybersecurity, email, international, privacy, WeeklyReview

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon EU privacy…
Star Blizzard hackers abuse WhatsApp to target high-value diplomats

Jan 19, 2025 6:22 PM

Tags: blizzard, defense, hacker, international, phishing, russia, spear-phishing, ukraine

Russian nation-state actor Star Blizzard has been running a new spear-phishing campaign to compromise WhatsApp accounts of targets in government, diplomacy, defense policy, international relations, and Ukraine aid organizations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats/
US Export Control Rules on AI Chips Spark Backlash

Jan 18, 2025 1:22 AM

Tags: access, ai, control, intelligence, international, nvidia, oracle

Poland, Israel, Nvidia and Oracle Question Need for Restrictions. A decision by the Biden administration to limit international access to American-made advanced artificial intelligence chips is facing backlash from countries whose purchasing power the rule affects. New export controls seeks to choke the supply of advanced chips to China. First seen on govinfosecurity.com Jump to…
CISA unveils ‘Secure by Demand’ guidelines to bolster OT security

Jan 15, 2025 2:02 PM

Tags: attack, authentication, breach, ceo, cisa, compliance, cyber, cybersecurity, encryption, flaw, framework, infrastructure, international, network, office, resilience, risk, service, software, strategy, technology, threat, update, vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA), along with its international cybersecurity allies, has unveiled the “Secure by Demand” guidelines to safeguard operational technology (OT) environments. The framework provides a blueprint for OT owners and operators to prioritize cybersecurity when procuring digital products.This initiative addresses growing concerns about vulnerabilities in critical infrastructure, including energy…
FBI removed PlugX malware from U.S. computers

Jan 15, 2025 2:02 PM

Tags: computer, international, malware

The Justice Department announced on Tuesday that, alongside international partners, the FBI deleted >>PlugX
International effort erases PlugX malware from thousands of Windows computers

Jan 15, 2025 6:07 AM

Tags: access, awareness, botnet, ceo, china, cisco, computer, conference, control, country, crime, crimes, cyber, cybersecurity, data, email, endpoint, espionage, government, group, hacker, hacking, incident response, infection, infrastructure, international, Internet, law, malicious, malware, microsoft, military, network, office, phishing, privacy, router, russia, service, strategy, threat, ukraine, unauthorized, windows

The US has again taken court-approved action to remove malware from privately-held internet-connected computers across the country, part of an effort by a number of countries to combat infections of a version of the PlugX malware from a Chinese-based group that has infected thousands of Windows machines around the world.PlugX is a remote access Trojan…
FBI deleted China-linked PlugX malware from over 4,200 US computers

Jan 15, 2025 1:02 AM

Tags: china, computer, international, law, malware, network

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation. The malware was operated…
Fifteen Best Practices to Navigate the Data Sovereignty Waters

Jan 14, 2025 9:46 AM

Tags: access, attack, automation, awareness, backup, best-practice, breach, cloud, compliance, computer, computing, container, control, country, crypto, cybersecurity, data, encryption, governance, iam, identity, international, law, least-privilege, monitoring, network, privacy, ransomware, regulation, resilience, risk, security-incident, service, software, strategy, threat, tool, unauthorized, update, zero-trust

Fifteen Best Practices to Navigate the Data Sovereignty Waters josh.pearson@t“¦ Tue, 01/14/2025 – 08:04 Data sovereignty”, the idea that data is subject to the laws and regulations of the country it is collected or stored in”, is a fundamental consideration for businesses attempting to balance harnessing the power of data analytics, ensuring compliance with increasingly…
13th January Threat Intelligence Report

Jan 13, 2025 11:26 AM

Tags: data, data-breach, intelligence, international, threat

The International Civil Aviation Organization (ICAO), that is part of the UN, confirmed a compromise of its recruitment database that exposed 42,000 recruitment applications. The data contains records from April 2016 to […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2025/13th-january-threat-intelligence-report/
Inside the Black Box of Predictive Travel Surveillance

Jan 13, 2025 11:26 AM

Tags: ai, data, government, international, tool

Behind the scenes, companies and governments are feeding a trove of data about international travelers into opaque AI tools that aim to predict who’s safe”, and who’s a threat. First seen on wired.com Jump to article: www.wired.com/story/inside-the-black-box-of-predictive-travel-surveillance/
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 28

Jan 12, 2025 8:26 PM

Tags: attack, botnet, google, international, malware, middle-east, phishing, scam

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Finding Malware: Unveiling PLAYFULGHOST with Google Security Operations Scam Sniffer 2024: Web3 Phishing Attacks Wallet Drainers Drain $494 Million EAGERBEE, with updated and novel components, targets the Middle East Gayfemboy: A Botnet Deliver Through a […]…
Security Affairs newsletter Round 506 by Pierluigi Paganini INTERNATIONAL EDITION

Jan 12, 2025 8:26 PM

Tags: breach, crypto, data, data-breach, email, international, russia, service, WeeklyReview

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DoJ charged three Russian citizens with operating crypto-mixing services U.S. cannabis dispensary STIIIZY disclosed a data breach A…
PCI DSS Requirements With v4.0.1 Updates For 2024

Jan 12, 2025 3:26 PM

Tags: data, finance, international, PCI, update

PCI DSS refers to the Payment Card Industry Data Security Standard created by the PCI Security Standards Council (PCI SSC), an independent entity founded by major payment card brands, including Visa, JCB International, MasterCard, American Express, and Discover. PCI DSS is designed to protect cardholder data and ensure security of payment infrastructure. PCI DSS 4.0.1……
2025 Cybersecurity and AI Predictions

Jan 11, 2025 11:42 AM

Tags: access, ai, api, attack, backdoor, backup, browser, business, chrome, communications, compliance, control, corporate, crowdstrike, crypto, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, exploit, finance, firmware, flaw, framework, fraud, GDPR, hacker, Hardware, identity, intelligence, international, korea, LLM, malicious, mitigation, monitoring, network, open-source, privacy, regulation, resilience, risk, risk-assessment, scam, service, skills, supply-chain, switch, technology, threat, tool, training, unauthorized, vulnerability

The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
United Nations Aviation Agency Hacked Recruitment Data Exposed

Jan 10, 2025 7:18 AM

Tags: breach, cyber, data, data-breach, international, malicious, security-incident, threat

The International Civil Aviation Organization (ICAO), a United Nations agency responsible for coordinating global aviation standards, has reported a significant information security incident that has exposed the personal data of approximately 42,000 applicants. The agency is actively investigating the breach, which was attributed to a malicious threat actor known for targeting international organizations. United Nations…
8 Cyber Predictions for 2025: A CSO’s Perspective

Jan 10, 2025 1:18 AM

Tags: access, ai, attack, authentication, business, ceo, ciso, cloud, compliance, computing, control, credentials, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, encryption, exploit, extortion, firewall, framework, governance, group, hacker, hacking, healthcare, identity, intelligence, international, law, leak, malicious, mfa, microsoft, network, north-korea, organized, phishing, privacy, ransom, ransomware, regulation, risk, risk-management, service, social-engineering, software, strategy, supply-chain, theft, threat, tool, update, wifi, zero-trust

As we step into 2025, the cyberthreat landscape is once again more dynamic and challenging than the year before. In 2024, we witnessed a remarkable acceleration in cyberattacks of all types, many fueled by advancements in generative AI. For security leaders, the stakes are higher than ever. In this post, I’ll explore cyberthreat projections and…