The PECB Conference 2024 is set to take place from 30 September to 3 October at the Van der Valk Hotel Breukelen in Amsterdam. This annual event will gather global experts, thought leaders, and professionals to explore the latest trends and challenges in cybersecurity, data protection, AI, and regulatory developments such as the EU AI Act. The conference will feature over 25 international speakers and more than 20 interactive sessions, with participants expected from over 100 countries. The agenda will cover a wide range of topics crucial for today’s rapidly evolving digital landscape, providing attendees with valuable insights and practical…
ISB Staff Reporter
Recognizing that cyber criminals increasingly exploit software vulnerabilities, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken the lead with a new resource for software customers—the “Secure by Demand Guide.” The Guide is part of CISA’s ongoing effort to strengthen the cybersecurity resilience of businesses, organizations, and government agencies nationwide. The guide aims to help software customers actively strengthen the security of the software products they acquire. Key Recommendations for Software Customers CISA’s Guide offers software customers several ways to enhance their security through more thoughtful procurement practices. Here are the core takeaways: 1. Prioritize Security as a Key…
Attackers are employing AI-generated scripts, leveraging malvertising to distribute rogue PDF tools, and embedding malware in image files. These developments mark a significant shift in the threat landscape, accelerating the frequency and complexity of cyberattacks. This was revealed by HP’s latest Threat Insights Report, based on data from April to June 2024, which offers valuable information to help businesses stay ahead of cybercriminals’ evolving methods. Key Findings: AI Lowers the Barrier for Cybercriminals HP’s threat research identified that AI-assisted malware development is no longer speculative. A recent campaign targeting French speakers used VBScript and JavaScript scripts, which analysts believe were…
In a troubling development, the Necro Trojan has resurfaced on Google Play, infecting popular applications and reaching millions of Android devices worldwide. Kaspersky’s cybersecurity researchers discovered the Necro malware in various apps, including some available on official app stores like Google Play and others distributed through unofficial websites. This is not the first time Necro has exploited official channels—its previous attack in 2019 impacted over 100 million users. This new wave of infections is similarly alarming, with affected apps reaching over 11 million devices. Malware Hidden in Popular Apps The latest version of the Necro Trojan has been found in…
Red Canary has released a midyear update to its 2024 Threat Detection Report, revealing key cybersecurity trends and evolving threats. Among the most notable findings is the rise of Atomic Stealer, an infostealer targeting macOS devices, which entered the top ten most common threats, ranking at number nine. The report also highlights changes in the top MITRE ATT&CK® techniques, with identity and cloud-native attacks dominating the list. New techniques include Email Hiding Rule, where adversaries exploit compromised accounts by altering email settings to conceal their activities. The report identified three significant changes in the top ten threats over the past…
Social media and video streaming services (SMVSSs), including Amazon, Alphabet-owned YouTube, Meta’s Facebook and TikTok, are engaging in a “vast surveillance of users” to profit off their personal information. The report also raised concerns about the lack of meaningful privacy safeguards for children and teens. “These surveillance practices can endanger people’s privacy, threaten their freedoms, and expose them to a host of harms, from identity theft to stalking,” said FTC Chair Lina Khan in a statement. The findings stem from a special investigation launched in December 2020, targeting nine major companies in the U.S. to understand how their platforms impact…
In a major cyber operation, the U.S. Justice Department announced the successful takedown of a botnet controlled by People’s Republic of China (PRC) state-sponsored hackers. The botnet, dubbed “Raptor Train” by Black Lotus Labs, spanned over 200,000 devices globally. It was linked to hackers working for Integrity Technology Group, a Beijing-based company known in cybersecurity circles as “Flax Typhoon.” It infected various consumer devices like home routers, IP cameras, and DVRs, forming a network that hackers used for malicious activities disguised as normal internet traffic. In response, U.S. authorities launched a court-authorized operation, effectively neutralizing the botnet by sending disabling…
Tensions in Lebanon soared on Wednesday as handheld radios used by Hezbollah fighters exploded across the country’s south, marking the deadliest day since cross-border skirmishes with Israel began nearly a year ago, reported Reuters. The explosions left 20 dead and over 450 injured, according to Lebanon’s health ministry, further stoking fears of a broader conflict with Israel. This latest incident follows a similar wave of blasts on Tuesday when thousands of pagers used by Hezbollah members detonated, killing 12 people, including two children, and wounding nearly 3,000 others. Lebanon’s Red Cross reported a massive response, dispatching 30 ambulance teams to…
In a coordinated and deadly attack, pagers used by hundreds of Hezbollah members exploded almost simultaneously across Lebanon on Tuesday, killing at least nine people and injuring thousands more, according to officials. Both Hezbollah and the Lebanese government have pointed to Israel as the orchestrator of what appears to be a highly sophisticated remote strike. A U.S. official revealed that Israel had briefed the United States following the operation, which involved small amounts of explosives being secretly planted inside the pagers and then detonated. The official, who was not authorized to discuss the matter publicly, provided insight into the complex…
Yesterday, Reuters reported that multiple explosions involving communication devices used by Hezbollah resulted in at least nine deaths and over 3000 injuries across Lebanon. Among those wounded were Hezbollah fighters, medics, and Iran’s ambassador to Lebanon, Mojtaba Amani, who sustained minor injuries. The blasts, which occurred around 3:45 p.m. local time, have been described by Hezbollah as the “biggest security breach” they have faced during their ongoing conflict with Israel. While Hezbollah and the Lebanese government blamed Israel for the explosions, Israeli officials have not commented. The Lebanese Red Cross deployed over 50 ambulances and 300 medics to assist the…