In today’s digital world, protecting sensitive data is more critical than ever. Organizations handle vast amounts оf information daily, much оf which includes sensitive data like Personally Identifiable Information (PII), financial details, and confidential business records. The exposure of this data can lead to severe consequences, including identity theft, financial loss, and reputational damage.

Cicada (also known as Cicada3301) is sophisticated ransomware written in Rust that has claimed more than 20 victims since its discovery in June 2024.

An X-Powered-By header is a type of HTTP response in the header field (most headers prefixed with an ‘X-‘ are non-standard) that informs the user which technology stack or framework is running on the web server. For example, if a web server is running Node.js, the header would be “X-Powered-By:Express”, which indicates an Express framework is being used.

Incident reporting is a crucial component of maintaining cybersecurity and operational resilience across the European Union. As outlined in Article 23 of the NIS2 Directive entities falling under its scope are required to report “significant incidents” to the CSIRT (Computer Security Incident Response Team or the relevant competent authority without undue delay.

Security researchers have uncovered a novel and concerning method for cybercriminals to distribute malware using public code repositories. Known as "Revival Hijack," this technique involves the re-registration of previously abandoned package names on the PyPI repository. By taking advantage of the fact that PyPI allows the reuse of names from removed packages, attackers are able to slip malicious code into unsuspecting organizations.

Blockchain technology continues to grow in prominence, and as it expands, a wide range of businesses are looking to develop digital asset products. At the same time, many startups are launching with digital assets at the center of their businesses. If you are running a digital asset business or building a blockchain product, it’s important to consider what type of custody management solution will best support your business.

In an ironic twist of fate, cybercriminals seeking to exploit stolen credentials have found themselves the targets of a new scheme. Security researchers recently uncovered a malicious campaign in which hackers were lured into downloading infostealer malware through a seemingly legitimate tool for checking compromised OnlyFans accounts. This development serves as a reminder that even those lurking on the dark web are not immune to digital risks.

In late July 2024, the US Cybersecurity and Infrastructure Security Agency (CISA) added two critical vulnerabilities (CVE-2024-4789 and CVE-2024-5217) affecting ServiceNow to its list of known exploited vulnerabilities. These vulnerabilities can allow unauthenticated users to execute code remotely, posing severe risks to organizations that use the platform. The potential for unauthorized access and severe data breaches makes addressing these vulnerabilities crucial.

Read also: A former cop gets 20 months in prison for selling victims’ personal data, a BEC scammer sentenced, and more.

This past summer was the first time I watched the Olympics since moving to the U.S. Besides appreciating the sheer greatness of the American Olympic spirit, there was also another thing that could not go missed - AI! Filling up every commercial slot seemed to be AI. And mainly, the commercials focused on harnessing AI for business productivity and operations. No matter your take on the greatest Olympic moment or greatest AI commercial, one could not overlook this overwhelming trend.