Summary: In our interconnected world, ISO 27001 compliance is crucial for businesses to protect sensitive data and enhance security measures. ISO 27001 helps establish a systematic approach to security, manage risks, ensure legal compliance, build trust with stakeholders, improve business resilience, and gain a competitive advantage. Finding the best ISO 27001 compliant companies involves research, checking certification bodies, industry forums, and expert recommendations. Perimeter 81, ISOvA, Eramba.org, ISMS.online, and ComplianceForge are among the top ISO 27001 compliant companies in 2024. Hashtags: #ISO27001 #Cybersecurity #DataProtection #InformationSecurity #Compliance.

Cyber Security News

10 Best ISO 27001 Compliant Security Companies - 2026

Best ISO 27001 Compliant Companies: 1. Perimeter 81 2. ISOvA 3. Eramba 4. OrgISMS online 5. ComplianceForge 6. LogicGate 7. Resolver.

AnyDesk, a remote access software company, has experienced a security breach that compromised its production systems. Source code and code signing certificates were potentially stolen. The incident was not a ransomware attack, and there is no evidence of private keys, tokens, or passwords being stolen. AnyDesk has taken steps to revoke and replace affected systems and certificates. Users are advised to use the latest version with the new code signing certificate. #AnyDesk #CyberAttack #CyberSecurity #Vulnerability

Cyber Security News

URGENT: AnyDesk Servers Hacked, Customers Urged to Reset Passwords

AnyDesk has not yet officially confirmed these reports. Nonetheless, the company has confirmed that the incident was not a ransomware attack, which...

Summary: - Palo Alto Networks loses a patent lawsuit and is ordered to pay $151.5 million. - Identity solutions firms receive significant funding. - Iranian intelligence contractors engage in cyber contracting to target Western entities. - Russia-linked APT group targets Ukrainian military with a new backdoor. - Russian state-sponsored APT group launches NTLMv2 hash relay attacks. - UNC4990 relies on weaponized USB drives for malware infection. - Patch releases for Chrome, Mastodon, Splunk, and WordPress address critical vulnerabilities. - Check Point unveils Infinity AI Copilot to automate security tasks. - WordPress vulnerabilities double in 2023, with the increase in XSS attacks. Hashtags: - #PatentLawsuit - #Funding - #IranianThreat - #UkrainianMilitary - #APTAttacks - #MalwareInfection - #VulnerabilityPatches - #SecurityAutomation - #WordPressVulnerabilities - #XSSAttacks

SecurityWeek

In Other News: Palo Alto Loses Patent Lawsuit, Identity Firms Get Funding, Government Hackers

Palo Alto Networks ordered to pay $150 million in patent lawsuit, identity solutions firms get big funding, government hacker techniques.

Firewall-as-a-Service (FWaaS) is a remote cybersecurity solution that offers advanced firewall capabilities. It streamlines IT infrastructure by delivering firewalls as a cloud-based service. FWaaS features include advanced threat prevention, intrusion prevention systems, DNS security, and access controls. It filters network traffic and protects against threats using the cloud infrastructure model. FWaaS offers benefits such as increased flexibility, improved scalability, and simplified deployment and maintenance. It helps businesses protect cloud data, enhance network efficiency, and restrict bandwidth usage. The difference between FWaaS and traditional firewalls is that FWaaS is hosted in the cloud and offers application-aware controls.

Cyber Security News

What is Firewall-as-a-Service (FWaaS)? How Does It Work?

A firewall as a service is a product or service that businesses can purchase to protect their network from external threats.

Fishing for illex squid in Argentina waters is being monitored to prevent Chinese fishing boats from depleting the population. #Argentina #Squid Note: The provided text does not have enough information to create the requested number of sentences.

Schneier on Security

Friday Squid Blogging: Illex Squid in Argentina Waters - Schneier on Security

Argentina is reporting that there is a good population of illex squid in its waters ready for fishing, and is working to ensure that Chinese fishin...

A protocol has been developed to solve gerrymandering, called the "define-combine procedure". It involves one party defining equal-population contiguous districts and the other party combining pairs of contiguous districts to create the final map. This solution is self-enforcing and can undo any unfairness caused by the defining party. #Gerrymandering #DefineCombineProcedure

Schneier on Security

A Self-Enforcing Protocol to Solve Gerrymandering - Schneier on Security

In 2009, I wrote: There are several ways two people can divide a piece of cake in half. One way is to find someone impartial to do it for them. Thi...

David Kahn, author of "The Codebreakers," has passed away. His book was influential in my decision to enter the field of codebreaking. He will be missed. #DavidKahn #TheCodebreakers #cryptanalysis #historyofcryptography

Schneier on Security

David Kahn - Schneier on Security

David Kahn has died. His groundbreaking book, The Codebreakers, was the first serious book I read about codebreaking, and one of the primary reason...

Summary: Clorox has reported that the costs of a cyberattack it experienced exceeded $49 million, and the company expects to face additional costs in 2024. The cyberattack resulted in disruptions, order processing delays, and product shortages, impacting sales and earnings. Clorox has not disclosed specific details about the attack but it is believed to have been a ransomware attack. The company has incurred costs related to investigating and remediating the attack, and it is unclear if insurance will cover any of these expenses. Hashtags: #Cyberattack #Costs #Ransomware #Clorox Note: The text provided is very extensive and contains a lot of repeated information. It is difficult to extract a concise summary from it. However, the summary provided above captures the key points about Clorox's cyberattack costs and the nature of the attack.

SecurityWeek

Clorox Says Cyberattack Costs Exceed $49 Million

Cleaning products maker Clorox puts the impact of the damaging cyberattack at $49 million so far and expects to incur more costs in 2024.

#summary Prominent security vendors Okta and Proofpoint have announced layoffs affecting almost 1,000 employees in the United States and Israel. Okta implemented a "restructuring plan" that includes pink slips for 400 full-time employees, while Proofpoint announced layoffs affecting about 280 positions globally. Additionally, US network security startup Netography also trimmed staff. There appears to be no end in sight to staff cuts at cybersecurity vendors.

SecurityWeek

Layoffs Hit Security Vendors Okta, Proofpoint, Netography

Prominent security vendors Okta and Proofpoint announced layoffs affecting almost 1,000 employees in the United States and Israel.

Summary: The US government has imposed sanctions on six Iranian government officials for their involvement in cyberattacks against Israeli company Unitronics. The officials are part of the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command and have engaged in various cyber operations targeting critical infrastructure in the US and other countries. The US government stated that unauthorized access to critical infrastructure systems can have devastating consequences and will not be tolerated. Hashtags: #IranianHackers #Sanctions #Cyberattacks #CriticalInfrastructure

SecurityWeek

US Slaps Sanctions on ‘Dangerous’ Iranian Hackers Linked to Water Utility Hacks

The US government slaps sanctions against six Iranian government officials linked to cyberattacks against Israeli PLC vendor Unitronics.

The EU's Digital Operational Resilience Act (DORA) sets requirements for managing IT risks and ensuring operational resilience in the financial sector. It applies to various financial institutions in the EU. Third-party providers will also impact operations indirectly. DORA aims to improve operational resilience to cyber threats by mandating robust cyber risk assessment frameworks, incident response capabilities, and system testing. The five pillars of DORA include IT risk management, incident reporting, operational resilience testing, third-party risk management, and achieving compliance. #DORA #ITriskmanagement #incidentreporting #operationalresiliencetesting #thirdpartyriskmanagement #achievingcompliance

Infosecurity Magazine

Navigating the DORA Regulation: What UK Finance Firms Need to Know

Harman Singh sets out how UK financial services can achieve compliance with the EU

Romance scam victims surged by more than a fifth (22%) in 2023, with an average loss of £6937 ($8847) per incident. Scammers use fake profiles to build relationships and ask for money under false pretenses. Men account for 52% of victims, but women report higher average losses. People between 55 and 64 are most susceptible to scams, while those aged 65 to 74 lose the most money. To avoid falling victim, be cautious of professional-looking profile pictures and never send money to someone you've only met online. #RomanceScams #OnlineFraud

Infosecurity Magazine

Romance Scam Victims Surge in 2023

New data from Lloyds found that romance scam victims increased by 22% in 2023, with the average amount lost per incident £6937

Wizz, a social media app for US teenagers, has been removed from the Apple App Store and the Google Play Store due to concerns of sextortion. The app was flagged by the National Center on Sexual Exploitation for its role in cybercriminal activity. Wizz is owned by Voodoo, a French mobile video game developer, who markets the app as a safe space for teenagers. However, a recent report by the Network Contagion Research Institute identified Wizz as one of the top platforms used for sextortion after Instagram and Snapchat. The app has been accused of serving pornographic ads to minors and coercing users into producing child exploitation material. Wizz is currently working with Apple and Google to address these concerns. #Wizz #Teenagersafety #Sextortion

Infosecurity Magazine

Wizz Removed from Apple and Google Stores for Sextortion Concerns

The Tinder-like app has countered claims of being a hot spot for sextortion scammers

Cloudflare's server was hacked using a leaked access token. The attack occurred on a self-hosted Atlassian server and was carried out by a nation-state attacker. Cloudflare's security team quickly cut off the threat actor's access and no customer data or systems were impacted. The company failed to rotate some service tokens and service account credentials following a previous Okta compromise. The attacker was likely searching for information about Cloudflare's network architecture and security. Cloudflare took extensive measures to remediate the incident, including rotating all production credentials and strengthening controls. #cyberattack #cybersecurity #cybersecuritynews

Cyber Security News

Cloudflare's Server Hacked Using Leaked Access Token in Okta Breach

Cloudflare discovered a threat actor on the self-hosted Atlassian server on November 23, 2023. The attack was launched with the use of one stolen a...

US disrupts Chinese botnet targeting SOHO routers. #cybersecurity #malware #botnet #cyberattack

Cyber Security News

US Disrupts Chinese Botnet that Hijacks SOHO Routers

In a decisive action, the U.S. The Department of Justice (DOJ) has disrupted a cyber operation conducted by Chinese state-sponsored hackers.

Arrests made in $400M SIM-Swap tied to FTX heist. Three Americans charged with stealing from FTX. Indictment names ringleader and accomplices. SIM-Swapping attack allows interception of texts and calls. Stolen funds laundered through Russian-based criminal groups. FTX staff had just declared bankruptcy. Over $400M stolen in cryptocurrencies. No other thefts reported on this scale. U.S. residents responsible. Possible ties to organized cybercriminals in Russia #SIMSwap #FTX #CryptoHeist #Laundering

Arrests in $400M SIM-Swap Tied to Heist at FTX? – Krebs on Security

Albania’s Institute of Statistics (INSTAT) suffered a cyberattack, affecting some systems. The cyberattack targeted the INSTAT systems and prompted the activation of emergency protocols. The recent census systems were not affected. INSTAT is working with authorities to identify the source and motives of the cyberattack and strengthen cybersecurity. In the past, Albania has experienced cyberattacks and cut diplomatic relations with Iran. The United States, NATO, and the EU supported Albania in the dispute. #Cybersecurity #INSTAT #Albania #Cyberattack #DataBreach #Iran

SecurityWeek

Albania’s Institute of Statistics Suffers Cyberattack, Some Systems Affected

Albania’s Institute of Statistics (INSTAT) suffered a cyberattack which affected some of its systems.

A new variant of VileRAT is infecting Windows systems through fake software pirate websites #cybersecurity #malware The Python-based VileRAT malware is specific to the Evilnum threat group, DeathStalker #cybersecurity It is distributed by the VileLoader loader, allowing attackers to record keystrokes and run commands remotely #cybersecurity Evilnum is a hacker-for-hire service targeting governments, financial institutions, and cryptocurrency organizations #cybersecurity New variants of VileRAT are being spread through modified installers and utilize a malicious Nulloy media player installer #cybersecurity The VileLoader is stored within a modified version of a legitimate NVIDIA 3D Vision Test Application #cybersecurity Between 1,000 and 10,000 devices are estimated to be infected with this VileRAT strain #cybersecurity Evilnum's use of software piracy marks a departure from their previous tactics #cybersecurity #malware

Cyber Security News

VileRAT Attacking Windows Machines via Malicious Software

A new variant of VileRAT is being distributed through fake software pirate websites to infect Windows systems on a large scale.

Summary: UNC4990, a financially motivated threat actor, is using USB devices to exploit victims. They have been using popular and legitimate websites like GitHub, GitLab, Ars Technica, and Vimeo as part of their tactics. The threat actor uses the EMPTYSPACE downloader and QUIETBOARD backdoor to execute payloads. The infection chain begins with delivering USB drives to victims through social engineering. The victims open a malicious LNK shortcut file that executes a PowerShell script, which fetches the EMPTYSPACE downloader. The threat actor has been making changes to their tactics, such as replacing GitHub with Vimeo and using an image embedded with the payload on Ars Technica. They have also used multiple versions of EMPTYSPACE loader and the Python-based QUIETBOARD backdoor. Host-based IOC and network-based IOC indicators are provided. Hashtags: #cybersecurity #malware

Cyber Security News

USB Malware Chained with Text Strings on Legitimate Websites Attacks Users

According to the reports shared with Cyber Security News, the threat actor begins the infection chain by delivering the USB drives to the victims b...

Ex-CIA computer engineer sentenced to 40 years for giving hacking secrets to WikiLeaks. #CIA #prison Summary: Former CIA software engineer sentenced to 40 years for stealing classified information and possessing child sexual abuse images.

SecurityWeek

Ex-CIA Computer Engineer Gets 40 Years in Prison for Giving Spy Agency Hacking Secrets to WikiLeaks

Former CIA software engineer Joshua Schulte sentenced to 40 years in prison for biggest theft of classified information in CIA history