Szolgáltatóknak

Only 3% of organizations around the world were reported to be completely ready to deal with increasingly sophisticated cybersecurity threats, including ransomware attacks and supply chain intrusions, reports SiliconAngle.

The U.S. Department of Justice announced that Idaho and Montana resident Scott Rhodes was fined $9.9 million for conducting thousands of "illegal and malicious" robocalls, or automated phone calls, with disturbing pre-recorded messages across the U.S., BleepingComputer reports.

Severely lacking military coordination and recruitment for U.S. cybersecurity efforts have prompted the Foundation for Defense of Democracies to urge Congress to immediately advance an independent Cyber Force that would ensure the country's cyber defense readiness, according to The Record, a news site by cybersecurity firm Recorded Future.

Cyberespionage operations have been conducted by a pair of Chinese advanced persistent threat groups against organizations in countries part of the Association of Southeast Asian Nations since January, The Hacker News reports.

Major cyber risk quantification service provider DeNexus and cybersecurity firm Cipher Security have partnered to better evaluate industrial control system and operational technology cybersecurity risks faced by critical infrastructure organizations, SiliconAngle reports.

TechCrunch reports that Facebook was revealed to have covertly conducted Snapchat network traffic interception and decryption since 2016 as part of the initiative dubbed "Project Ghostbusters" that sought to bolster user behavior analysis and better compete with the instant messaging app.

More than 1,800 stores on major e-commerce platform Shopify using Saara's EcoReturns and WyseMe plugins had 25 GB of data exposed due to the developer's misconfigured MongoDB database, according to Cybernews.

Major UK street newspaper and social enterprise The Big Issue had its systems confirmed to be impacted by a cyberattack days after the intrusion was admitted by the Qilin ransomware operation, which claimed the exfiltration of 550 GB of confidential files, reports The Record, a news site by cybersecurity firm Recorded Future.

CVE: CVE-2024-28872 Title: Incorrect TLS certificate validation can lead to escalated privileges Document version: 1.0 Posting date: 27 March 2024 Program impacted: Stork Versions affected: Stork 0.15.0 -> 1.15.0 Severity: High Exploitable: Remotely Description: The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can se ...