Author: Staff Writer

WASHINGTON (AP) — A ceasefire between Iran and Israel has not ended the threat of cyberattacks from hacking groups supportive of Tehran, the FBI and federal cybersecurity officials warned Monday.In a public bulletin, the authorities warned that hacking groups affiliated with or supportive of Tehran may still seek to disrupt or disable critical infrastructure systems in the U.S. such as utilities, transportation and economic hubs. Hackers may also target defense contractors or other American companies with ties to Israel, the agencies said.“Despite a declared ceasefire and ongoing negotiations towards a permanent solution, Iranian-affiliated cyber actors and hacktivist groups may still…

Seasoned executive brings high-growth, enterprise experience at scale to fuel customer-focused, international expansion AuditBoard, the leading AI-powered global platform for connected risk transforming audit, risk, and compliance, announced the appointment of Raul Villar Jr., former Chief Executive Officer of Paycor, as its new CEO. Villar brings a proven track record of driving significant growth and innovation in the SaaS industry, making him an ideal leader to guide AuditBoard through its next phase of expansion and market leadership. Villar joins AuditBoard following a highly successful tenure as CEO of Paycor, a prominent human capital management software company. At Paycor, Villar was instrumental…

Fast Facts Data Breach Announcement: Kelly & Associates Insurance Group (Kelly Benefits) reported a data breach affecting over 553,660 individuals, revealing that unauthorized actors accessed its IT systems between December 12-17, 2022. Impact on Individuals: The compromised data includes sensitive information such as full names, Social Security numbers, medical and financial information, exposing individuals to risks like phishing and scams. Affected Entities: The breach involved 46 organizations, including major healthcare providers like United Healthcare and Aetna, complicating the assessment of the full scope of the incident. Mitigation Measures: Kelly Benefits is offering impacted individuals 12 months of free credit monitoring…

Medcrypt’s Guardian PKI and Cryptography Platform integrates into C2A Security’s Product Security Orchestration Platform to provide end-to-end product security and compliance to medical device manufacturers C2A Security, the only context-driven product security orchestration platform that addresses the specific needs of software-defined products and cyber-physical systems, and Medcrypt, the leading provider of proactive cybersecurity solutions for medical devices, announced a strategic partnership to deliver comprehensive security solutions for the rapidly evolving medical and healthcare sector. This collaboration leverages Medcrypt’s expertise in medical device cybersecurity, providing scalable software with an expert regulatory advisory team. Coupled with C2A Security’s context-based approach to product security and proven…

Essential Insights Group Identification: Cybersecurity researchers identify tactical similarities between two threat actor groups, TA829 (linked to RomCom RAT) and UNK_GreenSec (responsible for TransferLoader), highlighting their shared infrastructure and methods. Hybrid Threat Capabilities: TA829 is described as a unique hybrid group conducting both espionage and financially motivated attacks, utilizing zero-day exploits in major software for infiltration. Phishing Techniques: Both groups deploy sophisticated email phishing campaigns using REM Proxy services on compromised routers to relay traffic and disguise their operations, effectively bypassing security measures. Evolution of Threats: The overlapping tactics suggest a close relationship between TA829 and UNK_GreenSec, raising the possibility…

If you invite guest users into your Entra ID tenant, you may be opening yourself up to a surprising risk. A gap in access control in Microsoft Entra’s subscription handling is allowing guest users to create and transfer subscriptions into the tenant they are invited into, while maintaining full ownership of them. All the guest user needs are the permissions to create subscriptions in their home tenant, and an invitation as a guest user into an external tenant. Once inside, the guest user can create subscriptions in their home tenant, transfer them into the external tenant, and retain full ownership…

Top Highlights DOJ Investigation: The Department of Justice is investigating North Korea’s scheme of sending citizens abroad as fake IT workers, enabling them to illicitly funnel earnings back to the regime while compromising U.S. companies. Deceptive Employment Schemes: Two main schemes involved U.S.-based facilitators who deceived over 100 U.S. companies into hiring foreign IT workers, resulting in significant financial losses and legal repercussions. National Security Risks: North Korean IT workers accessed sensitive data from U.S. defense contractors, posing a serious national security threat, especially with the involvement of individuals with security clearances. Ongoing Threat: The FBI warns that North Korea’s…

Top Highlights The International Criminal Court (ICC) is investigating a recent sophisticated cyberattack, marking the second such incident in recent years, and highlighting ongoing security threats against its systems. The ICC swiftly contained the latest attack using its detection and response mechanisms, but it has not disclosed details about the attack’s nature or potential data breaches. The previous cyber incident in September 2023 was confirmed to be a targeted espionage attempt, raising significant concerns about the Court’s security and integrity. Established in 2002, the ICC focuses on prosecuting serious international crimes and has been under heightened security threats, including past…

Summary Points Nationwide Action: The US Department of Justice has launched a coordinated crackdown across 16 states against fake IT worker schemes linked to North Korea, which have reportedly generated over $88 million in six years. Fraudulent Employment: North Korean nationals fraudulently secured remote IT jobs in the US, utilizing stolen identities and support from accomplices involving "laptop farms" to mask their locations, affecting hundreds of US companies. Data Theft and Financial Loss: The illicit activities allowed North Korean IT workers to access sensitive data and steal over $900,000 in cryptocurrency from American firms, including a blockchain company based in…

Fast Facts Identify Muckwork: Analysts lose valuable time to repetitive tasks known as “muckwork,” which AI can automate, freeing teams to engage in more impactful work. AI Frameworks: Employ a spectrum of AI automation—from basic deterministic tasks to human-in-the-loop copilots and fully autonomous agents—to match the right level of autonomy with specific task requirements. Cautious Investment: Begin AI projects by focusing on clear outcomes and measurable workflows to avoid over-investment, ensuring that AI efforts yield visible results and demonstrate ROI. Security Standards: Demand strict security protocols for AI deployment, emphasizing zero data exfiltration, granular access controls, auditability, and clear explainability…