Ravie LakshmananRavie Lakshmanan Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an…
Category: Commentaries and Analyses
SANS Institute: Top 5 dangerous cyberattack techniques in 2024
Josh Nadeau writes: SANS Institute — a leading authority in cybersecurity research, education and certification — released its annual Top Attacks and Threats Report. This report provides insights into the evolving threat landscape, identifying the most prevalent and dangerous cyberattack techniques that organizations need to prepare for. This year’s report also highlighted the main takeaways from the SANS…
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks
Ravie Lakshmanan reports: A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. “Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims’ data and then destroy their infrastructure with a wiper to prevent recovery,” Kaspersky said in a Friday…
Nearly 1/3 of ransomware victims had at least one infostealer infection in preceding months — researchers
Some food for thought from a report by SpyCloud: MASSIVE SCALE OF IDENTITY EXPOSURES CREATES NEW RISKS The scale of identity exposure due to infostealers is massive: 61% of breaches last year were malware-related and responsible for 343.78 million stolen credentials. Our recaptured data also shows that as many as 1 in 5 people are…
Failure to Safeguard, Two Cyber Intrusions, and an $850,000 SEC Settlement
Melissa Pascualini of JacksonLewis writes: … In a recent settlement agreement with the SEC, a New York-based registered transfer agent, Equiniti Trust Company LLC, formerly known as American Stock Transfer & Trust Company LLC, agreed to pay $850K to settle charges that it failed to assure client securities and funds were protected against theft or…
Everything old is new again, part 2: Was U.S. Dermatology Partners hit twice within months?
Earlier today, DataBreaches reported that MCNA Dental allegedly suffered a cyberattack involving patient data. According to the threat actor who claimed responsibility for the attack (Everest Ransom Team), this incident was totally unrelated to a February 2023 ransomware attack by LockBit that was supposedly leaked in April 2023. In May 2023, MCNA Dental reported that…