Posts

Showing posts with the label Cyber Security

AI and cyber security: what you need to know

Image
  Understanding the risks - and benefits - of using AI tools. Ignited by the release of ChatGPT in late 2022, artificial intelligence (AI) has captured the world's interest and has the potential to bring many benefits to society. However, for the opportunities of AI to be fully realised, it must be developed in a safe and responsible way, especially when the pace of development is high, and the potential risks are still unknown. As with any emerging technology, there's always concern around what this means for security.  This guidance is designed to help managers, board members and senior executives (with a non-technical background) to understand some of the risks - and benefits - of using AI tools . Managers don't need to be technical experts, but they should know enough about the potential risks from AI to be able to discuss issues with key staff. What is artificial intelligence? Artificial intelligence  (AI) can be described as  ‘Any computer system that can perfo...

Top Three Most Active Malware in January 2024

Image
In January, the cybersecurity landscape has been particularly troubled by the sophistication of malware such as the Phemedrone Stealer, Androxgh0st, and the NSPX30 backdoor, all of which have demonstrated advanced techniques for evasion, data harvesting, and exploiting network vulnerabilities. These threats underline the critical need for up-to-date defenses against sophisticated malware campaigns that can bypass standard security protocols and compromise sensitive information. CVE-2023-36025: Phemedrone Malware Campaign Targets Microsoft Defender SmartScreen Vulnerability The Phemedrone Stealer campaign has been leveraging CVE-2023-36025, a vulnerability that allows bypassing Windows Defender SmartScreen, to conduct defense evasion and payload delivery since its discovery. This vulnerability enables attackers to execute malicious scripts without triggering SmartScreen's warning mechanisms, a critical security feature in Windows environments designed to block unrecognized applicati...

How European countries are implementing new cybersecurity framework

Image
  EU countries are implementing the updated Network and Information Security Directive (NIS2), in force since January, with varying degrees of progress. To provide an overview of the state of play, Euractiv interviewed Nicolas Sonder and Mailin von Knobelsdorff, PwC experts on cybersecurity. Since state-sponsored cyber warfare has become increasingly prevalent and cyberattacks lead to financial losses, data breaches, reputational damage, and industrial espionage, more cyber resilience is needed. The NIS2 directive introduces additional security requirements for ICT products used by organisations that are considered essential or important to the functioning of society. Member states have until October 2024 to modernise the existing cybersecurity frameworks. To determine which products and services fall within the directive’s scope, companies must, among other things, check which laws apply in the EU member states and register with the local authorities. Best performers According to ...

CISA and ENISA enhance their Cooperation

Image
  The European Union Agency for Cybersecurity (ENISA) has signed a Working Arrangement with the Cybersecurity and Infrastructure Security Agency (CISA) of the US, in the areas of capacity-building, best practices exchange and boosting situational awareness. Geopolitics have shaped the cyber threat landscape, bringing like-minded partners closer together in the wake of common cyber challenges and advances in digital technologies. Today at the EU-US Cyber Dialogue, ENISA and CISA announced the signing of their Working Arrangement as an important milestone in the overall cooperation between the United States and the European Union in the field of cybersecurity, also following the Joint Statement of European Commissioner Thierry Breton and U.S. Secretary for Homeland Security Alejandro Mayorkas of January 2023. ENISA’s International Strategy directs the Agency to be selective in engaging with international partners and to limit its overall approach in international cooperation to those...

Hello Kitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

Image
Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware binaries on target systems in an effort to ransom the victim organizations," cybersecurity firm Rapid7  disclosed  in a report published Wednesday. "Based on the ransom note and available evidence, we attribute the activity to the HelloKitty ransomware family, whose source code was leaked on a forum in early October." The intrusions are said to involve the exploitation of  CVE-2023-46604 , a remote code execution vulnerability in Apache ActiveMQ that allows a threat actor to run arbitrary shell commands. It's worth noting that the  vulnerability  carries a CVSS score of 10.0, indicating maximum severity. It has been  addressed  in ActiveMQ versions 5.15.16, 5.16.7, 5.17.6, or 5.1...

Top 20 Ethical Hacking Tools and Software You Need to Be Aware of in 2023

Image
1.   Nmap Nmap is an open-source security and port scanner, as well as a network exploration tool. It works for single hosts and large networks alike. Cybersecurity experts can use Nmap for network inventory, monitoring host and service uptime, and managing service upgrade schedules. Among its features: Offer binary packages for Windows, Linux, and Mac OS X Contains a data transfer, redirection, and debugging tool Results and GUI viewer 2.  Burp Suite This security-testing tool comes in three price tiers: Community edition (free), Professional edition (starting at $399 per user/per year), and Enterprise edition (starting at $3999/year). Burp Suite distinguishes itself as a web vulnerability scanner. Its features include: Scan scheduling and repeating Uses out-of-band techniques Offers CI integration 3. Cain & Abel Cain & Abel is an Operating System password recovery tool provided by Microsoft.  It is used to recover the MS Access passwords It can be...