In the first quarter of 2023, the Trellix Advanced Research Center (ARC) has unveiled a comprehensive CyberThreat Report, delivering crucial insights into the evolving global threat landscape. The study meticulously analyses the key challenges faced by CISOs and SecOps teams, examines the global cybersecurity landscape, and explores significant security incidents. According to the report, 96% of CISOs have identified outdated technology as a significant factor that undermines cyber resilience. This figure underscores the imperative for organizations to upgrade their technology infrastructure to bolster their defenses against the increasing wave of cyber threats. From a broader perspective, the global cybersecurity landscape…
Author: Information Security Buzz Editorial Staff
As we are about to charge into 2022, it’s time to ask: so what will happen next year with cybersecurity? We reached out to industry leaders and experts with diverse backgrounds to find out what is the most important cybersecurity predictions for 2022, and below we are detailing the experts’ responses as we are receiving.
Conference Title: Key Cyber Security Challenges and Solutions in 2021 Date: April 08, 2021 With over 100,000+ readers, Information Security Buzz (aka ISBuzz) is a premier independent resource that provides experts comments, analysis and opinion on the latest Information Security News. Collated from security experts and industry leaders, content is carefully reviewed and selected to provide you with the latest threat trends, insights, practical solutions, hot topics and advice from around the globe. Whether you’re interested in expert analysis, the latest vendor announcements, industry research and forecasts or technical advice, ISBuzz News for over the last seven years has been…
As we are about to charge into 2021, it’s time to ask: so what will happen next year with cybersecurity? We reached out to industry leaders and experts with diverse backgrounds to find out what is the most important ONE cybersecurity prediction for 2021, and below we are detailing the experts’ responses as we are receiving.
A hacker has breached Mathway, a popular math solving application, from where they have stolen more than 25 million emails and passwords. The hack is the latest in a long line of security breaches carried out by a hacker going by the name of ShinyHunters, the threat actor also responsible for intrusions at Tokopedia, Wishbone, Zoosk, and others. Only emails and hashed passwords are included in this leak, but many of these are most likely to belong to children.
In his first UK broadcast interview in five years, Mark Zuckerberg told the BBC that Facebook had, and would, remove any content likely to result in “immediate and imminent harm” to users. This has included Brazilian president Jair Bolsonaro’s claim that scientists had “proved” there was a coronavirus cure and content from former broadcaster and conspiracy theorist David Icke, who suggested both that 5G mobile phone networks are linked to the spread of the virus and that a Jewish group was behind the virus. He also said that Facebook had removed content from groups claiming that the rollout of the 5G digital…
A hacker has put up for sale today the details of 40 million users registered on Wishbone, a popular mobile app that lets users compare two items in a simple voting poll. The Wishbone user database has leaked in full, being offered as a free download on one of the hacking forums it was being sold on. A well-known hacker known as ShinyHunters has taken credit for hacking the company. https://twitter.com/BleepinComputer/status/1263513005859450882 Cybersecurity and consumer privacy experts commented:
Japan has launched an investigation into the potential exposure of confidential missile data in the wake of a cyberattack on Mitsubishi Electric Corp. According to the Associated Press, the leak of information relating to a prototype, “cutting-edge” missile is suspected. The missile, a speed glider known as HGV, was documented in files Mitsubishi and other manufacturers held as part of a bidding process. It has been reported by local news outlets that Mitsubishi did not win the bid. https://twitter.com/cyberintel/status/1263739667188518912
Cofence has discovered an attack that bypasses MFA to nab Microsoft 365 credentials. Researchers at Cofense Phishing Defense Center discovered the tactic, which leverages the OAuth2 framework and OpenID Connect (OIDC) protocol and uses a malicious SharePoint link to trick users into granting permissions to a rogue application, researcher Elmer Hernandez wrote in a blog post published Tuesday.
Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. This allows attackers to capture sensitive data from the other device. The bugs allow Bluetooth Impersonation Attacks (BIAS) on everything from internet of things (IoT) gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. The flaws are not yet patched in the specification, though some affected vendors may have implemented workarounds.
