Steve Zurier
Contributor at SC Media
Writer, editor and music lover, especially jazz and improvised music. I work as a freelance writer out of Columbia, Md.
Articles
-
1 week ago |
scworld.com | Steve Zurier
Cyberattacks on insurance companies in the U.S. are continuing as Aflac reported to the Securities and Exchange Commission (SEC) on June 20 that it discovered an attack on its network June 12. The company said the recent attack — like many others U. S. insurance companies are experiencing — was caused by a sophisticated cybercrime group via social engineering tactics. “This was part of a cybercrime campaign against the insurance industry,” said Aflac in a Friday press release.
-
1 week ago |
scworld.com | Steve Zurier
A sophisticated evolution of the GodFather banking malware was observed targeting 12 Turkish banks and scanning nearly 500 apps globally, including cryptocurrency wallets and financial platforms. The real danger here: the malware leverages an advanced on-device “Virtualization-as-a-Weapon” technique that hijacks several legitimate apps with an eye towards taking full control of a mobile device.
-
1 week ago |
scworld.com | Steve Zurier
The Google Threat Intelligence Group (GTIG) on June 16 said that it’s now aware of “multiple” intrusions into the insurance industry in the U.S. that bear all the hallmarks of the Scattered Spider ransomware group. The news represented a shift from Scattered Spider’s recent focus on retail operations, most notably attacks on Marks & Spencer in the UK and Victoria’s Secret in the United States.
-
1 week ago |
scworld.com | Steve Zurier
A malicious package named “Chimera-Sandbox Extensions” was uploaded to the PyPI repo (Python) and aims to steal credentials and other sensitive information, such as Jamf MacOS data, CI/CD environment variables, and AWS tokens. The discovery of the malicious Chimera package highlighted the ongoing risks associated with open source software repositories. Security pros said the development is potentially dangerous because developers use Chimera to build AI applications.
-
2 weeks ago |
scworld.com | Steve Zurier
Trend Micro earlier this week released security updates to address four critical 9.8 bugs in its encryption PolicyServer offerings. The bugs were a series of remote code execution (RCE) and authentication bypass flaws in its Apex Central and Trend Micro Endpoint Encryption (TMEE) PolicyServer products. While Trend Micro said it has yet to observe exploitation in the wild, it advised customers to patch immediately.
Try JournoFinder For Free
Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.
Start Your 7-Day Free Trial →X (formerly Twitter)
- Followers
- 869
- Tweets
- 1K
- DMs Open
- No
Critical Insight's Mike Hamilton offers some advice for all security teams as they face cyberattacks resulting from the Israel-Hamas war: https://t.co/Cq96myztrv
Here's some good insight into the regulatory environment impacting cyber and how people can sort out what's important to their business. A CYE webinar I moderated: https://t.co/W9WQGB6Kvg
Another plug for SC's Women in Cyber, a column from the ISSA's Candy Alexander and Debra Christofferson on the Biden administration's cyber workforce plan: https://t.co/s7kjgqxTIu