Lifeboat Foundation

This post is also available in: עברית (Hebrew)

As everyday technologies get more and more advanced, cyber security must be at the forefront of every customer. Cyber security services have become common and are often used by private companies and the public sector in order to protect themselves from potential cyber attacks.

One of these services goes under the name Darktrace and has recently been acquired by Cybersprint, a Dutch provider of advanced cyber security services and a manufacturer of special tools that use machine learning algorithms to detect cyber vulnerabilities. Based on attack path modeling and graph theory, Darktrace’s platform represents organizational networks as directional, weighted graphs with nodes where multi-line segments meet and edges where they join. In order to estimate the probability that an attacker will be able to successfully move from node A to node B, a weighted graph can be used. Understanding the insights gained will make it easier for Darktrace to simulate future attacks.

Were you unable to attend Transform 2022? Check out all of the summit sessions in our on-demand library now! Watch here.

Cybercriminals are growing ever more relentless and deft with their attacks, with data breaches and system disruptions due to cyberattacks rising every year. Therefore, finding and strengthening cybersecurity weak spots, or vulnerabilities, is key to thwarting these attacks.

A key vulnerability is apps. Many organizations rely on productivity software and apps built in-house or from IT service providers to be competitive in today’s market. However, while these solutions boost productivity and employee and customer experiences, many of them have weak security measures that can expose the organization to cyberattackers.

Continue reading “How automating vulnerability management reduces risk of cyberattacks” »

A new, multi-functional Go-based malware dubbed Chaos has been rapidly growing in volume in recent months to ensnare a wide range of Windows, Linux, small office/home office (SOHO) routers, and enterprise servers into its botnet.

“Chaos functionality includes the ability to enumerate the host environment, run remote shell commands, load additional modules, automatically propagate through stealing and brute-forcing SSH private keys, as well as launch DDoS attacks,” researchers from Lumen’s Black Lotus Labs said in a write-up shared with The Hacker News.

A majority of the bots are located in Europe, specifically Italy, with other infections reported in China and the U.S., collectively representing “hundreds of unique IP addresses” over a one-month time period from mid-June through mid-July 2022.

WhatsApp for Android and iOS patches two critical remote code execution vulnerabilities that could have allowed attackers to remotely hack targeted de.

A California university is refusing to release a cache of grisly photos of monkeys reportedly injured during experiments testing Elon Musk’s Neuralink brain implant technology, in spite of a lawsuit aiming to force the school’s hand.

In a press release, the Physicians Committee for Responsible Medicine (PCRM) advocacy group said that it had learned that the University of California, Davis is in possession of 371 photos of the experimented-upon monkeys that were subjected to Neuralink tests, which took place at the school’s veterinary lab facilities.

Earlier this year, Neuralink admitted that a fifth of the 23 rhesus macaques monkeys it used to test its brain-hacking implants had been euthanized after developing infections and malfunctions. Bolstering PCRM’s credibility, that admission came in the wake of its a complaint it filed against Neuralink.

Security analysts at ASEC have discovered a new wave of attacks targeting vulnerable Microsoft SQL servers, involving the deployment of a ransomware strain named FARGO.

GitHub team has issued a warning about an ongoing phishing campaign impersonating CircleCI notifications to steal targeted users’ credentials and two.

Somebody wormed their way into the tech giant’s systems, though it’s hard to say how bad the damage is yet.

Gamers looking for cheats on YouTube are being targeted with links to rogue password-protected archive files designed to install crypto miners and information-stealing malware such as RedLine Stealer on compromised machines.

“The videos advertise cheats and cracks and provide instructions on hacking popular games and software,” Kaspersky security researcher Oleg Kupreev said in a new report published today.