Contemporary organizations understand the importance of data and its impact on improving interactions with customers, offering quality products or services, and building loyalty. Data is fundamental to business success. It allows companies to make the right decisions at the right time and deliver the high-quality, personalized products and services that customers expect. There … [Read more...] about How GRC protects the value of organizations — A simple guide to data quality and integrity
information security
China Accuses NSA’s TAO Unit of Hacking its Military Research University
China has accused the U.S. National Security Agency (NSA) of conducting a string of cyberattacks aimed at aeronautical and military research-oriented Northwestern Polytechnical University in the city of Xi'an in June 2022. The National Computer Virus Emergency Response Centre (NCVERC) disclosed its findings last week, and accused the Office of Tailored Access Operations (TAO) … [Read more...] about China Accuses NSA’s TAO Unit of Hacking its Military Research University
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015. Cybersecurity firm Mandiant said the group operates as the intelligence gathering arm of Iran's Islamic … [Read more...] about Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government … [Read more...] about U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania
6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
Security threats are always a concern when it comes to APIs. API security can be compared to driving a car. You must be cautious and review everything closely before releasing it into the world. By failing to do so, you're putting yourself and others at risk. API attacks are more dangerous than other breaches. Facebook had a 50M user account affected by an API breach, and an … [Read more...] about 6 Top API Security Risks! Favored Targets for Attackers If Left Unmanaged
New Vulnerabilities Reported in Baxter’s Internet-Connected Infusion Pumps
Multiple security vulnerabilities have been disclosed in Baxter's internet-connected infusion pumps used by healthcare professionals in clinical environments to dispense medication to patients. "Successful exploitation of these vulnerabilities could result in access to sensitive data and alteration of system configuration," the U.S. Cybersecurity and Infrastructure Security … [Read more...] about New Vulnerabilities Reported in Baxter’s Internet-Connected Infusion Pumps
Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. The findings, which come from Google's Threat Analysis Group (TAG), builds upon a prior report published in July 2022, detailing the continued cyber activity aimed at the Eastern European nation amid the ongoing Russo-Ukrainian … [Read more...] about Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks
Worok Hackers Target High-Profile Asian Companies and Governments
High-profile companies and local governments located primarily in Asia are the subjects of targeted attacks by a previously undocumented espionage group dubbed Worok that has been active since late 2020. "Worok's toolset includes a C++ loader CLRLoad, a PowerShell backdoor PowHeartBeat, and a C# loader PNGLoad that uses steganography to extract hidden malicious payloads from … [Read more...] about Worok Hackers Target High-Profile Asian Companies and Governments
Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
A vulnerable anti-cheat driver for the Genshin Impact video game has been leveraged by a cybercrime actor to disable antivirus programs to facilitate the deployment of ransomware, according to findings from Trend Micro. The ransomware infection, which was triggered in the last week of July 2022, banked on the fact that the driver in question ("mhyprot2.sys") is signed with a … [Read more...] about Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus
Samsung Admits Data Breach that Exposed Details of Some U.S. Customers
South Korean chaebol Samsung on Friday said it experienced a cybersecurity incident that resulted in the unauthorized access of some customer information, the second time this year it has reported such a breach. "In late July 2022, an unauthorized third-party acquired information from some of Samsung's U.S. systems," the company disclosed in a notice. "On or around August 4, … [Read more...] about Samsung Admits Data Breach that Exposed Details of Some U.S. Customers