Collaborate Disseminate
Protect traveler data with these tips: use VPNs, manage app permissions, and secure travel documents. Travel companies should… Continue reading Enhancing Traveler Data Security: Best Practices for Managing Sensitive Info
A critical vulnerability in the Windows Kerberos authentication protocol poses a significant risk to millions of servers. Microsoft… Continue reading Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack
A unified approach from both public and private sectors is essential to safeguard our critical infrastructure.
The post How to remove the cybersecurity gridlock from the nation’s energy lifelines appeared first on CyberScoop.
Continue reading How to remove the cybersecurity gridlock from the nation’s energy lifelines
A Facebook malvertising campaign disguised as Bitwarden updates spreads malware, targeting business accounts. Users are tricked into installing… Continue reading Facebook Malvertising Campaign Spreads Malware via Fake Bitwarden
DocuSign phishing scams surged by 98%, with hundreds of daily attacks impersonating US government agencies like HHS and… Continue reading US Government Agencies Impersonated in Aggressive DocuSign Phishing Scams
Zero-day vulnerabilities are more commonly used, according to the Five Eyes:
Key Findings
In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day.
Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities…
Continue reading Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days
Another day, another hack at T-Mobile! This time, Chinese state-sponsored group Salt Typhoon hacked T-Mobile, targeting US telecoms… Continue reading Chinese Salt Typhoon Hacked T-Mobile in US Telecom Breach Spree
Mozilla’s 0Din uncovers critical flaws in ChatGPT’s sandbox, allowing Python code execution and access to internal configurations. OpenAI… Continue reading Mozilla 0Din Warns of ChatGPT Sandbox Flaws Enabling Python Execution
Google’s Gemini AI Chatbot faces backlash after multiple incidents of it telling users to die, raising concerns about… Continue reading Google’s Gemini AI Chatbot Keeps Telling Users to Die
The U.S. Environmental Protection Agency (EPA) Report Exposes Cybersecurity Risks in US Water Systems: Vulnerabilities in Critical Drinking… Continue reading Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk