The Incident Response Plan – Preparing for a Rainy Day

The Incident Response Plan – Preparing for a Rainy Day,

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. 
Just as it wasn’t raining when Noah built the ark, companies must face the fact

,

The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity more seriously than ever, successful breaches and ransomware attacks are on the rise. While a successful breach is not inevitable, it is becoming more likely despite best efforts to prevent it from happening. 
Just as it wasn’t raining when Noah built the ark, companies must face the fact

, ,
https://thehackernews.com/2021/06/the-incident-response-plan-preparing.html

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant

Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant,

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications.
The exploited vulnerabilities included « a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in

,

APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications.
The exploited vulnerabilities included « a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in

, ,
https://thehackernews.com/2022/03/chinese-apt41-hackers-broke-into-at.html

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses,

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems.
Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to « an unauthenticated attacker gaining root on these devices. »
Pascom Cloud Phone System is an

,

Researchers have disclosed three security vulnerabilities affecting Pascom Cloud Phone System (CPS) that could be combined to achieve a full pre-authenticated remote code execution of affected systems.
Kerbit security researcher Daniel Eshetu said the shortcomings, when chained together, can lead to « an unauthenticated attacker gaining root on these devices. »
Pascom Cloud Phone System is an

, ,
https://thehackernews.com/2022/03/critical-rce-bugs-found-in-pascom-cloud.html

Ukraine : le cyberespace occidental se met en alerte maximale

Ukraine : le cyberespace occidental se met en alerte maximale,

Les agences gouvernementales craignent des attaques sur les infrastructures critiques. Toutes les organisations sont invitées à vérifier leurs protections.

,

Les agences gouvernementales craignent des attaques sur les infrastructures critiques. Toutes les organisations sont invitées à vérifier leurs protections.

, ,
https://www.01net.com/actualites/ukraine-le-cyberespace-occidental-se-met-en-alerte-maximale-2055438.html

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms

Critical Security Patches Issued by Microsoft, Adobe and Other Major Software Firms,

Microsoft’s Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others.
Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known

,

Microsoft’s Patch Tuesday update for the month of March has been made officially available with 71 fixes spanning across its software products such as Windows, Office, Exchange, and Defender, among others.
Of the total 71 patches, three are rated Critical and 68 are rated Important in severity. While none of the vulnerabilities are listed as actively exploited, three of them are publicly known

, ,
https://thehackernews.com/2022/03/critical-security-patches-issued-by.html

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices,

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP’s UEFI firmware. The variety of devices affected includes HP’s laptops, desktops, point-of-sale

,

Cybersecurity researchers on Tuesday disclosed 16 new high-severity vulnerabilities in various implementations of Unified Extensible Firmware Interface (UEFI) firmware impacting multiple HP enterprise devices.
The shortcomings, which have CVSS scores ranging from 7.5 to 8.8, have been uncovered in HP’s UEFI firmware. The variety of devices affected includes HP’s laptops, desktops, point-of-sale

, ,
https://thehackernews.com/2022/03/new-16-high-severity-uefi-firmware.html

Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks

Google: Russian Hackers Target Ukrainians, European Allies via Phishing Attacks,

A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia’s invasion of Ukraine.
Google’s Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia’s GRU military

,

A broad range of threat actors, including Fancy Bear, Ghostwriter, and Mustang Panda, have launched phishing campaigns against Ukraine, Poland, and other European entities amid Russia’s invasion of Ukraine.
Google’s Threat Analysis Group (TAG) said it took down two Blogspot domains that were used by the nation-state group FancyBear (aka APT28) – which is attributed to Russia’s GRU military

, ,
https://thehackernews.com/2022/03/google-russian-hackers-target.html

Google Buys Cybersecurity Firm Mandiant for $5.4 Billion

Google Buys Cybersecurity Firm Mandiant for $5.4 Billion,

Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion, the two technology firms announced Tuesday.
Mandiant is expected to be folded into Google Cloud upon the closure of the acquisition, which is slated to happen later this year, adding to the latter’s growing portfolio of security offerings such as BeyondCorp Enterprise, VirusTotal,

,

Google is officially buying cybersecurity company Mandiant in an all-cash deal approximately valued at $5.4 billion, the two technology firms announced Tuesday.
Mandiant is expected to be folded into Google Cloud upon the closure of the acquisition, which is slated to happen later this year, adding to the latter’s growing portfolio of security offerings such as BeyondCorp Enterprise, VirusTotal,

, ,
https://thehackernews.com/2022/03/google-buys-cybersecurity-firm-mandiant.html

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code,

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones.
« According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees, » the electronics giant told Bloomberg.

,

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones.
« According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not include the personal information of our consumers or employees, » the electronics giant told Bloomberg.

, ,
https://thehackernews.com/2022/03/samsung-confirms-data-breach-after.html

Après Nvidia, Samsung se fait dérober une quantité considérable de données sensibles

Après Nvidia, Samsung se fait dérober une quantité considérable de données sensibles,

Des pirates ont publié 190 Go de codes sources. Parmi eux figureraient des données liées aux dispositifs de sécurité des smartphones Galaxy, comme le logiciel Knox ou la TrustZone.

,

Des pirates ont publié 190 Go de codes sources. Parmi eux figureraient des données liées aux dispositifs de sécurité des smartphones Galaxy, comme le logiciel Knox ou la TrustZone.

, ,
https://www.01net.com/actualites/apres-nvidia-samsung-se-fait-derober-une-quantite-considerable-de-donnees-sensibles-2055392.html