https://www.facebook.com/226174360579408/

Security in Sixty, Mumbai (2026)

17/10/2024

Are your cybersecurity measures truly secure? Recent findings reveal that threat actors are hijacking the EDRSilencer tool to evade detection and exploit vulnerabilities in Endpoint Detection and Response (EDR) solutions.

This new trend highlights the growing sophistication of cyber criminals. The EDRSilencer takes advantage of the Windows Filtering Platform (WFP) to block outbound network traffic from EDR processes, keeping malicious activities under wraps. As ransomware groups increasingly adopt EDR-killing tools like AuKill and TrueSightKiller, organizations must bolster their cybersecurity defenses.

The crucial lesson here? Stay informed and proactive. Regularly update your security measures and monitor for suspicious behavior. How does your organization defend against these evolving threats?

Join the conversation below and share your insights! 🤔

17/10/2024

Are your printers instilling confidence or causing concern? The rise of hybrid work has unveiled critical vulnerabilities in print security 🍃

Organizations are facing greater risks with insecure printers, especially as 67% reported printer-related security incidents this year alone. Many employees use unmanaged devices, making sensitive information even more vulnerable. Issues like inadequate authentication and exposure of local caches further complicate security.

Notably, studies show that legacy printer environments often harbor undetected flaws, leaving organizations at risk for years. The shift toward cloud printing is not a silver bullet either; it introduces its own challenges, including concerns about data sovereignty and unauthorized access.

Adopting zero-trust principles is vital for safeguarding print infrastructures in this evolving landscape, ensuring robust monitoring and access control measures are in place.

Is your organization addressing these overlooked vulnerabilities? Let's start a conversation about securing print environments!

10/10/2024

🚨 Major Breach Alert! 🚨 The Internet Archive has been hacked, exposing 31 million records! This massive data breach includes email addresses and bcrypt-hashed passwords, putting countless users at risk. According to Troy Hunt, creator of Have I Been Pwned (HIBP), the stolen data was shared with HIBP to verify exposure.

The breach involved a 6.4GB SQL file named "ia_users.sql," containing sensitive user data. Users reported seeing alarming JavaScript alerts on the site as the breach unfolded. Experts recommend changing passwords immediately, especially if reused on other platforms.

The situation is escalating with a DDoS attack claimed by the BlackMeta hacktivist group, indicating potential ongoing threats. Protect yourself—if you have an account with the Internet Archive, change your passwords now and stay informed on updates.

Do you think enough is being done to secure our digital archives? Let us know in the comments below!

🔒

Keywords: Data Breach, Cyber Security, Internet Archive, HIBP, BlackMeta
Hashtags:

10/10/2024

Australia's Cyber Security Bill 2024 takes center stage, enhancing protections for victims of cyber incidents. 🇦🇺 Discover the framework for reporting and coordination of significant cybersecurity incidents, aimed at improving future preparedness. The bill lays the groundwork for a Cyber Incident Review Board to conduct post-incident reviews, offering crucial insights and government recommendations.

The reforms extend to the Security of Critical Infrastructure Act 2018, streamlining information exchange and government assistance during cyber crises. Australia aims to lead in cybersecurity by 2030, making this bill a cornerstone in their strategic plan.

Industry experts hail this as a major stride for Australia's cybersecurity. Could this be the game-changer the nation needs to fortify its digital defenses?

What changes do you think will have the most impact on enhancing cybersecurity? Share your thoughts below!

10/10/2024

🛑 A critical Fortinet RCE flaw has been flagged by CISA as being actively exploited! This revelation highlights the urgency for immediate action to prevent potential attacks. Fortinet's vulnerability, CVE-2024-23113, affects several products, including FortiOS and FortiWeb.

This flaw allows attackers to execute arbitrary code remotely without user interaction, posing significant risks to networks globally. It's crucial that federal agencies patch their systems by October 30, as mandated.

Does your organization have measures in place to address this? Share your strategies below!

09/10/2024

"Redefining Privacy in Cybersecurity! 🛡️ CyberArk and Badge are teaming up to revolutionize Privileged Access Management (PAM) and Secrets Management. This partnership introduces user-centric privacy, allowing digital identities and keys to be controlled seamlessly with biometrics. It's a stride towards eliminating stored credentials, drastically reducing cyber-attack risks. Curious how this new age of identity security affects businesses worldwide? Explore more!

How do you see these advancements impacting the future of cybersecurity in your organization? Share your thoughts!"

08/10/2024

🚨 Data Breach Alert: ADT hit by another cyberattack!

In the past two months, ADT, the trusted name in home and business security solutions, has faced its second data breach. This time, intruders accessed their systems using stolen credentials, leading to the theft of encrypted employee data. ADT took swift action to shut down unauthorized access and is working with cybersecurity experts and law enforcement to address the issue. Thankfully, no customer data appears to be compromised.

Rising cybersecurity threats are a pressing concern—did you know 61% of data breaches involve compromised credentials? 🌐 This calls for robust security practices like multi-factor authentication to safeguard data.

With cyber threats increasing daily, how secure do you feel your information is with online companies? 🔍

08/10/2024

🔍 MoneyGram faces a massive data breach! Hackers infiltrated their systems, stealing sensitive customer data, including names, contact information, and social security numbers—all while staying undetected for days. The attack, discovered on September 27th, was due to a sophisticated social engineering scam targeting the IT help desk. 🖥️ With the assistance of CrowdStrike, the investigation is ongoing, yet the perpetrators remain unidentified.

The breach highlights the urgent need to protect personal information and educate employees about cybersecurity threats. Remember, staying informed and vigilant can help safeguard against such attacks.

Have you ever been impacted by a data breach? Share your thoughts below and let's discuss how we can better protect ourselves! 🛡️

05/10/2024

🚨 Major Cybersecurity Victory! 🇺🇸🤝 Microsoft's collaboration with the US DOJ has led to the seizure of 41 domains used by Russian intelligence for cyberattacks on US agencies and organizations. This proactive measure is part of a broader mission to cut off state-sponsored hackers from targeting sensitive information.

The domains, linked to the Callisto Group within Russia's FSB, were used for spear-phishing campaigns aiming at unauthorized access to computers and emails of government and defense contractors. Between Jan 2023 and Aug 2024, 'Star Blizzard' targeted over 30 civil societies, exfiltrating critical data.

This successful disruption highlights the power of partnerships between tech companies and governments. Through unified efforts, more than 100 sites have been removed, adding layers of protection for democratic institutions. The impact is vast, pressing the importance of continuous collaboration and amplified impact.

How do you think global tech firms should step up their involvement in fighting cyber threats? Join the conversation in the comments!

☑️

05/10/2024

🔍 Did you know that ransomware attacks on schools are surging, with incidents up by 300% this past year? Highline Public Schools is the latest victim of this digital crime wave, forced to shut down in early September after a severe breach. With over 17,500 students and 2,000 staff affected, the district is now in recovery mode, collaborating with cybersecurity experts and federal agencies.

The stakes are high: recent reports show the average cost of a data breach is around $3.9 million, and recovery can take months. As cyber threats grow more sophisticated, schools must ramp up cybersecurity measures. Lessons from Highline emphasize the importance of regular backups, constant software updates, and comprehensive staff training.

Could your local school district withstand such an attack? What steps should they take to safeguard against cyber threats? We invite your insights and comments. 💬

05/10/2024

Cybercriminals are turning Africa into a testing ground for their ransomware campaigns. Why Africa? Although booming with economic potential, Africa's low cybersecurity maturity makes it an attractive target for Ransomware-as-a-Service (RaaS) gangs. An alarming 81% spike in ransomware attacks between 2023 and 2024 highlights this growing threat. Despite digital growth, only 9 out of 44 African nations are ranked high in cybersecurity readiness, leaving many vulnerable.

The strategy involves targeting a broader array of industries beyond the usual high-value sectors like finance. Reports show significant increases in financial trojans in countries like Kenya and Nigeria, as attackers refine their methods in these lower-risk zones before hitting more developed nations.

The situation underscores the urgent need for collaborative defenses. Nations and corporations must unite, sharing knowledge and resources to bolster cybersecurity across the continent. This is a critical step in safeguarding Africa's digital economy and future.

How can businesses in Africa better prepare themselves against these rising threats?

04/10/2024

Ever wondered how secure your browser really is? 🤔 Recent research reveals stunning insights from SquareX at DEF CON 32, showcasing how some malicious extensions manage to bypass Google's MV3 security features meant to protect millions of users.

They demonstrated how these rogue browser extensions can capture live video streams, such as Google Meet and Zoom, and even manipulate private GitHub repositories without explicit permissions. The vulnerabilities persist despite Google's efforts with their new Manifest V3 standard.

SquareX’s cutting-edge Browser Detection and Response solution offers enterprises a robust defense against such threats, by analyzing and blocking malicious extensions effectively.

Given these vulnerabilities, do you think existing security measures can adequately protect your data? Join the conversation below! 💬

Security in Sixty

17/10/2024

17/10/2024

10/10/2024

10/10/2024

10/10/2024

09/10/2024

08/10/2024

08/10/2024

05/10/2024

05/10/2024

05/10/2024

04/10/2024

Address

Website

Alerts

Shortcuts

Share

Category