InfoSecBulletin Cybersecurity for mankind
Security teams ought to seize on the opportunities of failures of the past to make meaningful change in how we approach incident response, urged Sarah Armstrong-Smith, chief security advisor at Microsoft, during UK Cyber Week 2023. Learning lessons from the past is crucial to developing an effective incident response strategy in …
Read More »TimeLine Layout
April, 2023
-
6 April
GoAnywhere Zero-Day Attack Hits Major Orgs
More organizations are emerging to confirm impact from the newly disclosed in-the-wild zero-day exploits hitting Fortra’s GoAnywhere managed file transfer (MFT) software. Tracked as CVE-2023-0669, the vulnerability was publicly disclosed in early February alongside zero-day exploitation and a patch was released a week later. Soon after, attacks targeting the security defect were linked to …
Read More » -
6 April
Google Wants Android Users to Have More Control Over Their Data
Google this week announced plans to increase the control that Android users have over their data by requiring developers to enable data deletion both from the app and online. The initiative, expected to be enforced towards the end of the year, is part of a long-time initiative to improve user …
Read More » -
6 April
Western Digital has shut down several of its services after detecting a security breach on its network, the digital storage giant announced on Monday. The service outage, announced on April 2, impacts cloud, proxy, web, authentication, email, and push notification services, including My Cloud, My Cloud Home (Duo), My Cloud OS5, …
Read More » -
6 April
3CX supply chain attack appears to have been conducted by North Korean hackers with the goal of targeting cryptocurrency firms.
More information has come to light on the recent 3CX supply chain attack, which appears to have been conducted by North Korean hackers with the goal of targeting cryptocurrency companies. Cybersecurity firm Kaspersky has conducted its own analysis of the incident and found links to attacks observed by the company back in …
Read More » -
6 April
FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Crackdown
A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms. Coinciding with the infrastructure seizure, the major crackdown, which involved authorities from 17 countries, culminated in 119 arrests and …
Read More » -
6 April
Top 5 Questions to Ask When You’re Building a Cloud Security Strategy
As companies began moving their computing operations and data storage to the cloud, the security of these digital assets has been a priority. Implementing a robust cloud security strategy is paramount for every organization. SaaS providers, in particular, carry a vast amount of sensitive data. This scenario represents a sizable …
Read More » -
6 April
Mozilla Foundation Releases New Advisory on Thunderbird Vulnerability
Mozilla Foundation has released a security advisory detailing a high-impact vulnerability fixed in the latest version of their email client, Thunderbird. According to the advisory, Thunderbird version 102.9.1 fixes a vulnerability, CVE-2023-28427, that could allow a denial-of-service attack for Thunderbird users who use the Matrix chat protocol. The vulnerability was reported by the …
Read More » -
5 April
Top Resources to Start a Career for Women in Cybersecurity
Cybersecurity is evolving, not only because of hackers and cybercriminals, who are finding new ways to invade systems, but in its approach. From being a male-controlled and dominated sector, it has now progressed into a more diverse field where the industry is open to accepting change and welcoming a new …
Read More » -
5 April
British Outsourcing Giant Capita Disrupted by Online Attack
British outsourcing service provider Capita, which has major U.K. healthcare and military contracts, confirmed an online attack is behind ongoing IT failures for some of its customers. Capita “experienced a cyber incident primarily impacting access to internal Microsoft Office 365 applications,” the company said in a statement published by the London Stock …
Read More »
