US proposes cybersecurity rules to limit impact of health data leaks

Health care organizations may be required to bolster their cybersecurity to better prevent sensitive information from being leaked by cyberattacks like the ones that hit Ascension and UnitedHealth, a senior White House official said Friday. Anne Neuberger, the U.S. deputy national security adviser for cyber and emerging technology, told reporters that proposed requirements are necessary […]

Continue reading


Many organisations unprepared for AI cybersecurity threats

While AI improves the detection of cybersecurity threats, it simultaneously ushers in more advanced challenges. Research from Keeper Security finds that, despite the implementation of AI-related policies, many organisations remain inadequately prepared for AI-powered threats. 84% of IT and security leaders find AI-enhanced tools have exacerbated the challenge of detecting phishing and smishing attacks, which were already […]

Continue reading


Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk

A large percentage of Google’s own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called “Showcase.apk” that comes with excessive system privileges, including the ability to remotely execute […]

Continue reading


Thanks to a shadowy hacker group, the British Library is still on its knees. Is there any way to stop them?

It is not quite accurate to say that the cyber-attack against the British Library took place on 28 October 2023. Most probably, Rhysida, the hacker gang that orchestrated the attack and is thought to be Russian, had already been creeping undetected through the digital territories of the British Library for months, Enrico Mariconti, a lecturer […]

Continue reading


HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that’s known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed by Aqua, is a sign that the financially-motivated threat actor behind the campaign is actively adapting […]

Continue reading


Exploitation of Cisco IOS XE vulnerabilities affecting UK organisations

Cisco has published an updated advisory detailing two vulnerabilities affecting Cisco IOS XE devices. Both are being actively exploited. CVE-2023-20198 – A remote, unauthenticated attacker could create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system. CVE-2023-20273 – A […]

Continue reading


5 ways generative AI will help bring greater precision to cybersecurity

Every cybersecurity vendor has a different vision of how generative AI will serve its customers, yet they all share a common direction. Generative AI brings a new focus on data accuracy, precision and real-time insights. DevOps, product engineering and product management are delivering new generative AI-based products in record time, looking to capitalize on the […]

Continue reading


Analysis: In Australia, a hacking frenzy spurred by an undersized cybersecurity workforce

SYDNEY, Oct 31 (Reuters) – A swathe of hacks on some of Australia’s biggest companies has made the country a target for copycat attacks just as a skills shortage leaves an understaffed, overworked cybersecurity workforce ill-equipped to stop it, technology experts said. As Monday saw the disclosure of another potential breach of sensitive data – […]

Continue reading


Microsoft confirms it’s buying cybersecurity startup RiskIQ

Microsoft has confirmed it’s buying RiskIQ, a San Francisco-based cybersecurity company that provides threat intelligence and cloud-based software as a service for organizations. Terms of the deal, which will see RiskIQ’s threat intelligence services integrated into Microsoft’s flagship security offerings, were not disclosed, although Bloomberg previously reported that Microsoft will pay more than $500 million in cash for […]

Continue reading