FDA cyber mandates for medical devices goes into effect
i53gfNew regulations that went into effect on Sunday aim to make it more difficult to hack into medical devices by requiring vendors to beef up the security features of things…
Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation
Oct 03, 2023THNCyber Attack / Vulnerability Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the…
Exim patches three of six zero-day bugs disclosed last week
Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code…
Clorox resumes normal plant operations in the wake of cyberattack
Clorox said all of its manufacturing facilities were back up and running following an August cyberattack that led to weeks of disruption and product shortages, according to a Friday update. …
Financial crime compliance costs exceed $206 billion
The growing complexity of compliance regulations and ever-evolving criminal methodologies are a major difficulty for financial institutions, according to LexisNexis Risk Solutions. Global financial crime compliance costs for financial institutions…
Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang
The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors. LostTrust began attacking organizations in March 2023 but did not…
Recently Patched TeamCity Vulnerability Exploited to Hack Servers
In-the-wild exploitation of a critical vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch was announced. The vulnerability, tracked…
AWS Using MadPot Decoy System to Disrupt APTs, Botnets
Cloud computing giant AWS says an internal threat intel decoy system called MadPot has been used successfully to trap malicious activity, including nation state-backed APTs like Volt Typhoon and Sandworm.…
How should organizations navigate the risks and opportunities of AI?
As we realize exciting new advancements in the application of generative pre-trained transformer (GPT) technology, our adversaries are finding ingenious ways to leverage these capabilities to inflict harm. There’s evidence…
Mass exploitation attempts against WS_FTP have begun • The Register
Security researchers have spotted what they believe to be a "possible mass exploitation" of vulnerabilities in Progress Software's WS_FTP Server. Researchers at Rapid7 began noticing evidence of exploitation on 30…