Over Security

Over Security

33545 bookmarks
Custom sorting
Canadian retail giant Loblaw notifies customers of data breach
Canadian retail giant Loblaw notifies customers of data breach
Still, out of an abundance of caution, Loblaw says it has automatically logged out all customers from their accounts. Account holders who need to access the company's digital services will have to log in again.
·bleepingcomputer.com·
Canadian retail giant Loblaw notifies customers of data breach
England Hockey investigating ransomware data breach
England Hockey investigating ransomware data breach
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site.
·bleepingcomputer.com·
England Hockey investigating ransomware data breach
AI-generated Slopoly malware used in Interlock ransomware attack
AI-generated Slopoly malware used in Interlock ransomware attack
A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware attack.
·bleepingcomputer.com·
AI-generated Slopoly malware used in Interlock ransomware attack
This one’s for you, Mom
This one’s for you, Mom
This week, Joe talks about allyship and how being aware of an issue is the first step in helping to fix it.
·blog.talosintelligence.com·
This one’s for you, Mom
Law enforcement shuts down botnet made of tens of thousands of hacked routers
Law enforcement shuts down botnet made of tens of thousands of hacked routers
An international law enforcement operation shut down a service called SocksEscort, which allegedly helped cybercriminals all over the world launch ransomware and DDoS attacks, as well as distribute child sexual abuse material.
·techcrunch.com·
Law enforcement shuts down botnet made of tens of thousands of hacked routers
Veeam warns of critical flaws exposing backup servers to RCE attacks
Veeam warns of critical flaws exposing backup servers to RCE attacks
Data protection company Veeam Software has patched multiple flaws in its Backup & Replication solution, including four critical remote code execution (RCE) vulnerabilities.
·bleepingcomputer.com·
Veeam warns of critical flaws exposing backup servers to RCE attacks
US disrupts SocksEscort proxy network powered by Linux malware
US disrupts SocksEscort proxy network powered by Linux malware
Law enforcement agencies in the U.S. and Europe along with private partners have disrupted the SocksEscort cybercrime proxy network that used only edge devices compromised via the AVRecon malware for Linux.
·bleepingcomputer.com·
US disrupts SocksEscort proxy network powered by Linux malware
Il Dragone nel Viminale: quando la stretta di mano nasconde un furto
Il Dragone nel Viminale: quando la stretta di mano nasconde un furto
L'esfiltrazione che sarebbe avvenuta tra Italia e Cina, a cavallo tra 2024 e 2025, è una storia di diplomazia in superficie, ma di spionaggio informatico nel sottosuolo. Una storia che dovrebbe farci riflettere su Pechino, su noi stessi: ecco come proteggiamo i nostri dati, le istituzioni e le persone che lavorano per renderci sicuri
·cybersecurity360.it·
Il Dragone nel Viminale: quando la stretta di mano nasconde un furto
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Canadian business process outsourcing giant Telus Digital has confirmed it suffered a security incident after threat actors claimed to have stolen nearly 1 petabyte of data from the company in a multi-month breach.
·bleepingcomputer.com·
Telus Digital confirms breach after hacker claims 1 petabyte data theft
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
Stolen airline miles are converted into flights and hotel stays, then resold as discounted travel. Flare shows how cybercriminals and underground markets treat loyalty accounts like tradable currency.
·bleepingcomputer.com·
Going the Extra Mile: Travel Rewards Turn into Underground Currency.
Apple patches older iPhones and iPads against Coruna exploits
Apple patches older iPhones and iPads against Coruna exploits
​Apple has released security updates to patch older iPhones and iPads against a set of vulnerabilities targeted in cyberespionage and crypto-theft attacks using the Coruna exploit kit.
·bleepingcomputer.com·
Apple patches older iPhones and iPads against Coruna exploits
US charges another ransomware negotiator linked to BlackCat attacks
US charges another ransomware negotiator linked to BlackCat attacks
The U.S. Department of Justice charged another former DigitalMint employee for his involvement in an insider scheme in which ransomware negotiators secretly partnered with the BlackCat (ALPHV) ransomware operation.
·bleepingcomputer.com·
US charges another ransomware negotiator linked to BlackCat attacks
La security secondo Microsoft nell’era dell’Agentic AI
La security secondo Microsoft nell’era dell’Agentic AI
Nell’evoluzione verso l’intelligenza artificiale agentica, l’azienda di Redmond traccia strategie e buone pratiche per proteggere le infrastrutture aziendali, mettendo a disposizione delle aziende strumenti evoluti per la governance
·cybersecurity360.it·
La security secondo Microsoft nell’era dell’Agentic AI
Sciami di bot AI infestano i social media: una minaccia alla democrazia
Sciami di bot AI infestano i social media: una minaccia alla democrazia
Alle presidenziali Usa 2028, sciami di agenti autonomi malevoli, capaci di infiltrarsi nelle comunità online, potrebbero invadere i social media e i canali di messaggistica per plasmare il consenso pubblico su scala industriale. Difficili da rilevare, ecco lo studio sui bot AI e le mire dei leader politici con ambizioni autocratiche
·cybersecurity360.it·
Sciami di bot AI infestano i social media: una minaccia alla democrazia
Who Is Handala — The Iran-Linked Ghost Group That Just Wiped 200K Stryker Devices
Who Is Handala — The Iran-Linked Ghost Group That Just Wiped 200K Stryker Devices
On the morning of March 11, employees at Stryker offices worldwide switched on their computers and found them blank — login screens replaced by a logo most had never seen. A small, barefoot boy with a slingshot, the symbol of Handala. The attack on Stryker Corporation — a Fortune 500 medical technology giant that supplies […]
·thecyberexpress.com·
Who Is Handala — The Iran-Linked Ghost Group That Just Wiped 200K Stryker Devices
I pilastri del TPRM con DORA: come trasformare il rischio terze parti in vantaggio competitivo
I pilastri del TPRM con DORA: come trasformare il rischio terze parti in vantaggio competitivo
Un Third-Party Risk Management (TPRM) maturo non è solo un obbligo normativo, ma un vantaggio competitivo. Per non trasformare DORA in una checklist sterile, un ente finanziario può iniziare da tre priorità. Ecco quali, per realizzare una governance efficace e tenere sempre sotto controllo l’intera filiera
·cybersecurity360.it·
I pilastri del TPRM con DORA: come trasformare il rischio terze parti in vantaggio competitivo