Netizen Blog and News
The Netizen team sharing expertise, insights and useful information in cybersecurity, compliance, and software assurance.
Category: CyberSecurity
-
Sam Bankman-Fried, founder of the defunct cryptocurrency exchange FTX, has been sentenced to 25 years in prison for extensive financial misconduct. The case highlights the urgency of enhanced Anti-Money Laundering (AML) and Countering Financing of Terrorism (CFT) measures in the cryptocurrency sector. The industry must strengthen AML/CFT protocols and collaboration with regulators to ensure market…
-
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities Catalog to include CVE-2023-24955, a high-severity Remote Code Execution (RCE) vulnerability in Microsoft SharePoint Server. This vulnerability, coupled with CVE-2023-29357, poses a significant threat, demanding immediate mitigation efforts to prevent potential cyberattacks. CISA urges all organizations to prioritize remediation.
-
The U.S. Department of Justice indicted seven individuals linked to China for cyberattacks aimed at silencing critics, stealing trade secrets, and interfering in American institutions. The indictment underscores the need for enhanced cybersecurity and international cooperation to combat such threats.
-
A cyberattack campaign targeted the software supply chain, affecting Top.gg GitHub and individual developers. Attackers used multiple techniques including account takeovers, submission of malicious code through verified commits, and the creation of a fake Python mirror. The campaign involved sophisticated tactics such as typosquatting, social engineering, and obfuscation.
-
Malvertising involves embedding malicious code in online ads to spread malware. The recent PuTTY malvertising campaign used Google ads to redirect users to a fake PuTTY site distributing malware. Attackers used social engineering to target IT professionals, demonstrating a deep understanding of cybersecurity and user behavior. Combatting malvertising requires a multi-layered security approach due to…
-
Microsoft’s March 2024 security updates for Windows Server have led to significant stability issues across domain controllers. Reports have surfaced from various corners indicating that servers are unexpectedly freezing and rebooting due to a memory leak in the Local Security Authority Subsystem Service (LSASS) process. The Root of the Problem The crux of the issue…
-
PCI DSS is crucial for businesses handling credit card info. Common mistakes include neglecting security assessments, storing data incorrectly, weak passwords, lack of employee training, non-compliant third-party vendors, and more. To ensure compliance, businesses can consult cybersecurity experts and utilize Netizen’s services for built-in security and compliance support.
-
Microsoft Corp. is set to unveil artificial intelligence tools on April 1, aimed at enhancing the capabilities of cybersecurity professionals. These tools, developed in partnership with OpenAI, will assist in summarizing suspicious incidents and uncovering hackers’ methods. Dubbed Copilot for Security, this suite of AI tools was unveiled approximately a year ago and has since…
-
Over the last half-decade, TikTok has swiftly climbed to a leading position within the realm of social media, captivating a worldwide audience with its short, intriguing video content. Owned by the Chinese technological behemoth ByteDance, TikTok has been the focus of intense international scrutiny and debate, mainly from Western governments. The heart of this debate…
-
Fortinet has recently taken steps to strengthen its cybersecurity posture by patching a critical flaw in the FortiClient Enterprise Management Server (EMS) software, which had left servers vulnerable to remote code execution (RCE) attacks. This effort reflects Fortinet’s commitment to addressing security vulnerabilities promptly to protect against potential cyber threats. In addressing various security concerns,…
Netizen Blog and News 