Nation-state cyber attacks could lead to cyber conflict

New HP-sponsored report finds significant increase in nation-states targeting enterprises to steal high-value IP. A new report from HP released Thursday, Nation States, Cyberconflict and the Web of Profit, found that nation-state cyber attacks are "moving us closer to a point of advanced cyber conflict." "Nation-state conflict doesn't take place in a vacuum; as evidenced … Continue reading Nation-state cyber attacks could lead to cyber conflict

Voice-Changing Software Found on APT Attackers Server

Security researchers believe the presence of Morph Vox Pro could indicate APT-C-23 has new plans for their phishing campaigns. The discovery of voice-changing software on the server of APT-C-23 could have implications for the group's future phishing attacks, Cado Security researchers report. APT-C-23, a group connected to attacks in the Middle East, is known as … Continue reading Voice-Changing Software Found on APT Attackers Server

Attackers Actively Seeking, Exploiting Vulnerable SAP Applications

Analysis of threat activity in mission-critical environments prompts CISA advisory urging SAP customers to apply necessary security patches and updates. Threat actors are actively exploiting unpatched vulnerabilities in SAP applications, including in mission-critical environments such as enterprise resource planning (ERP), supply chain management (SCM), product life cycle management (PLM), and customer relationship management (CRM). In … Continue reading Attackers Actively Seeking, Exploiting Vulnerable SAP Applications

Rethinking Cyberattack Response: Prevention & Preparedness

The SolarWinds incident is the starkest reminder yet that complacency can exact a terrible price. There is something inherently wrong with the current culture surrounding cybersecurity incident response. Business leaders almost invariably approach incident response in two steps: prevention, then pain. Buy a Band-Aid and hope your cut does not get infected. Paint over the … Continue reading Rethinking Cyberattack Response: Prevention & Preparedness

Facebook attributes 533 million users data leak to “scraping” not hacking

Facebook has now released a public statement clarifying the cause of and addressing some of the concerns related to the recent data leak. As reported last week, information of about 533 million Facebook profiles surfaced on a hacker forum. From the Facebook data samples seen by BleepingComputer, almost every user record had a mobile phone … Continue reading Facebook attributes 533 million users data leak to “scraping” not hacking