How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024

Dom DiFurio reports: In October, four companies collectively paid nearly $7 million as part of a settlement with the Securities and Exchange Commission for allegedly failing to properly inform investors of a cyberbreach affecting their companies, a lia… Continue reading How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand

A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety… Continue reading Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand

Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

A previously unknown threat activity cluster targeted European organizations, particularly those in the healthcare sector, to deploy PlugX and its successor, ShadowPad, with the intrusions ultimately leading to deployment of a ransomware called NailaoL… Continue reading Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware

Posted in Uncategorized

US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures

US military health benefits program administrator HNFS to pay $11 million in settlement over its false claims of cybersecurity compliance.
The post US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures appeared first on S… Continue reading US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures

Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation.
“The legitimate application used in the attack, jarsigner, is a… Continue reading Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives

Posted in Uncategorized