The White House is Deciding Whether to Support a Bureau of Cyber Statistics – Nextgov

CISA Warns Organizations of ProxyShell Attacks on Exchange Servers | IT Security News 23. August 2021 This article has been indexed from SecurityWeek RSS Feed The U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the weekend issued an alert to warn of malicious actors actively exploiting the recently disclosed Microsoft Exchange vulnerabilities named ProxyShell. read…

Cybercrime , Cybercrime as-a-service , Fraud Management & Cybercrime Money Mule Convictions Unlikely to Slow Gang Activity Rashmi Ramesh • June 7, 2021     Cobalt gang members arrested, sentenced (Photo: Pixabay) A district court in Kazakhstan last Wednesday sentenced two unidentified Cobalt, aka Carbanak, gang members to serve eight years in prison on robbery…

FOSTER CITY, Calif., March 3, 2021 /PRNewswire/ — Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud-based IT, security, and compliance solutions, today issued an update on the security incident regarding the Accellion FTA file transfer solution. Qualys received new information about a previously identified zero-day exploit in a third-party solution, Accellion FTA that Qualys deployed to…

The United States Cybersecurity and Infrastructure Security Agency (CISA) this week added single-factor authentication to its list of bad practices. “Single-factor authentication is a common low-security method of authentication. It only requires matching one factor—such as a password—to a username to gain access to a system,” CISA says. While the agency mainly refers to “the…

Account Takeover Fraud , Card Not Present Fraud , Cybercrime Cybercriminals Using Web Shells to Control Retailers’ Servers Doug Olenick (DougOlenick) • April 9, 2021     Visa’s Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over retailers’ servers during payment card skimming attacks. See Also:…

The Department of the Prime Minister and Cabinet and the Attorney-General’s Department are not ‘cyber resilient’ and have overstated their implementation of the federal government’s mandatory strategies to mitigate cyber security incidents, an audit has found. Non-corporate commonwealth entities have been required to implement the Australian Signals Directorate’s (ASD) Top Four mitigation strategies since 2013,…