Threat actor used Vimeo, Ars Technica to serve second-stage malware
A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, …
Tietoevry ransomware attack halts Swedish organizations
Finnish IT software and service company Tietoevry has suffered a ransomware attack that affected several customers of one of its datacenters in Sweden. The attack The …
Akira ransomware attackers are wiping NAS and tape backups
“The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National …
Shifting data protection regulations show why businesses must put privacy at their core
Like it or not, data protection will be one of the biggest issues organizations face in 2024. Knowing where to focus compliance efforts will be tricky, with more and more …
eIDAS: EU’s internet reforms will undermine a decade of advances in online security
The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as eIDAS 2.0 – contains legislation that poses a grave …
Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)
Russian state-backed hacking group Forest Blizzard (aka Fancy Bear, aka APT28) has been using a known Microsoft Outlook vulnerability (CVE-2023-23397) to target public and …
Slovenian power company hit by ransomware
Slovenian power generation company Holding Slovenske Elektrarne (HSE) has been hit by ransomware and has had some of its data encrypted. The attack HSE is a state-owned …
Ukrainian ransomware gang behind high-profile attacks dismantled
Law enforcement and judicial authorities from seven countries have joined forces with Europol and Eurojust to dismantle and apprehend in Ukraine key figures behind significant …
NIS2 and its global ramifications
The Network and Information Systems Directive (NIS2), due to come into effect in October 2024, seeks to improve cyber resilience in the European Union (EU). Its effects are …
Organizations rethink cybersecurity investments to meet NIS Directive requirements
Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% …
Photos: IRISSCON 2023
IRISSCON, the annual cybercrime-themed conference organized by the Irish Reporting and Information Security Service (IRISS), was held in Dublin, Ireland, on November 16, 2023. …
Exploring the global shift towards AI-specific legislation
In this Help Net Security interview, Sarah Pearce, Partner at Hunton Andrews Kurth, offers insights into the evolving landscape of AI legislation and its global impact. Pearce …