Cybersecurity remains at the forefront of the global conversation, and MITRE ATT&CKcon 5.0 is a pivotal event in the field. Scheduled for October 22-23, 2024, in McLean, Virginia, the conference serves as a cornerstone for cybersecurity professionals, researchers, and policymakers. Hosted by MITRE, ATT&CKcon is centered around the evolution of the MITRE ATT&CK framework—a globally… Continue reading MITRE ATT&CKcon 5.0: Elevating Cybersecurity Knowledge
Category: News
Optimizing Security with OPSWAT Solutions
OPSWAT provides advanced cybersecurity solutions that help organizations optimize security measures.
MITRE ATT&CK version 13
MITRE ATT&CK version 13 has been recently launched, bringing some significant updates. These include: ATT&CK version 13 for Enterprise includes 14 tactics, 196 techniques, 411 sub-techniques, 138 groups, b22 campaigns, and 740 software pieces. The upcoming version 14, set to release in October, will further enhance the coverage across domains, introduce renovated mitigations, new cross-domain… Continue reading MITRE ATT&CK version 13
ATT&CK v12 is now accessible! Revisions – October 2022
Updates to Techniques, Groups, and Software for Enterprise, Mobile, and ICS are included in the October 2022 (v12) ATT&CK release. The addition of detections to ATT&CK for ICS and the inclusion of Campaigns are the two biggest updates in ATT&CK v12. The ATT&CK for ICS detections are tied to particular Data Sources and Data Components,… Continue reading ATT&CK v12 is now accessible! Revisions – October 2022
Critical Fortinet auth bypass bug has an exploit available; apply the patch now
A critical authentication bypass flaw affecting Fortinet’s FortiOS, FortiProxy, and FortiSwitchManager appliances now has proof-of-concept exploit code available. Attackers can get around the authentication process on the administrative interface of FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management instances thanks to this security flaw (CVE-2022-40684). Last Thursday, Fortinet released security updates to… Continue reading Critical Fortinet auth bypass bug has an exploit available; apply the patch now
Organizations in Poland and Ukraine are affected by the new “Prestige” ransomware.
The Microsoft Threat Intelligence Center (MSTIC) has found evidence of a novel ransomware campaign using a hitherto unidentified ransomware payload that targets businesses in the logistics and transportation sectors in Poland and Ukraine. On October 11, we saw the introduction of this new ransomware, which refers to itself in its ransom note as “Prestige ransomware,”… Continue reading Organizations in Poland and Ukraine are affected by the new “Prestige” ransomware.
Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance
IntroductionInfrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure as a service (IaaS). In spite of the fact that Organizations typically use 2-3 IaaS providers and frequently use tens to hundreds of SaaS products. A standard set of guidelines called the SaaS Governance Best… Continue reading Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance
A CyberRisk Alliance Resource, MSSP Alert – TOP 250 MSSPs Services Providers 2022 edition
A succinct summary The Top 250 MSSPs and associated survey respondents continue to expand more quickly than the managed security market as a whole. In fact, respondents to the survey anticipate that annual MSSP revenues will increase by 26% in 2022 compared to 2021, or nearly twice the market growth rate. MSSP growth is being… Continue reading A CyberRisk Alliance Resource, MSSP Alert – TOP 250 MSSPs Services Providers 2022 edition
Threat actors gained access to the personal data of tens of thousands of Revolut customers as a result of a cyberattack
Over the weekend, the financial technology company Revolut was the victim of a “highly targeted” cyberattack in which threat actors gained access to the personal data of 0.16% of its users (approximately 50,000 users).The business claims to have already spoken with the affected customers. A cyberattack on Revolut resulted in unauthorised access to the personal… Continue reading Threat actors gained access to the personal data of tens of thousands of Revolut customers as a result of a cyberattack
$3,500 for Starbucks Cofee Data with Name, Gender, DoB, Mobile No., Email and Address
The Straits Times discovered that 330,000 Singaporean Starbucks customers’ personal information had been compromised and sold on an online forum since September 10. On Friday, the coffee chain sent an email to the affected customers informing them of a data breach that had exposed their names, addresses, and email addresses. Upon being questioned about whether… Continue reading $3,500 for Starbucks Cofee Data with Name, Gender, DoB, Mobile No., Email and Address