Iranian threat actors launched a cyberattack against the Municipal Water Authority of Aliquippa. (Image: MWAA)

Iranian Hacking Group Attacks Pennsylvania Water Authority

Chris Riotta • November 28, 2023

The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as "Cyber Av3ngers" that targeted a small municipal water authority in Pennsylvania over its use of Israeli-owned software, according to officials.

Cybercrime

Australia Unveils AU$587M Strategy to Defeat Cybercrime

Latest

Security Information & Event Management (SIEM)

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Michael Novinson • November 28, 2023

Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk has driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. It hit the $100 million ARR milestone last quarter thanks to LogScale's search speed, data gravity and cost efficiency.

Government

Second Front Raises $40M to Support More Classified Networks

Michael Novinson • November 28, 2023

A vendor focused on fast-tracking government access to commercial software closed its Series B funding round to support more classified and regulated environments. The $40 million will allow Second Front Systems to support additional bespoke networks in the U.S. Defense and National Security space.

Fraud Management & Cybercrime

Thanksgiving Day Attack on Ardent Health Serving Leftovers

Marianne Kolbasuk McGee • November 28, 2023

Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.

Cybercrime

DP World Says Australian Employee Data Stolen in Attack

Mihir Bagwe • November 28, 2023

A cyber incident that incapacitated four major Australian ports for days also resulted in the theft by hackers of employee data, the port operator said Tuesday. Hackers obtained personal information of current and former employees of DP World Australia in an incident first detected on Nov. 10.

Email Security & Protection

Proofpoint Snags Former VMware President Sumit Dhawan as CEO

Michael Novinson • November 28, 2023

Proofpoint landed top VMware lieutenant Sumit Dhawan as its new chief executive just days after the cloud and virtualization giant was acquired by Broadcom. The Silicon Valley-based email security firm said it liked Dhawan's track record of building security, cloud and end-user computing businesses.

Business Continuity Management / Disaster Recovery

Insights From Israel: Guy Shafir, WideOps

Tom Field • November 28, 2023

DDoS and other cyberattacks against media outlets and critical services are what Guy Shafir, CTO of Israeli tech vendor WideOps, has been dealing with since the start of the terrorist attacks in Israel on Oct. 7. Shafir shared details about the response to these intense attacks.

Active Directory

Mapping Access - and Attack - Paths in Active Directory

Steve King • November 28, 2023

A directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active Directory.

Data Loss Prevention (DLP)

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

Michael Novinson • November 27, 2023

Zscaler infused generative AI features into its data protection bundles and is introducing AI-powered products that quantify risk and predict breaches, said CEO Jay Chaudhry. The cloud security firm enhanced its data protection policies for AI/ML apps and tools to lower the likelihood of data loss.

Finance & Banking

How Generative AI Will Reshape the Financial Services Sector

Michael Novinson • November 27, 2023

Generative AI can improve operational efficiencies, enhance risk and compliance and elevate the client experience for financial services firms, said Wipro's Suzanne Dann. Wipro embraced generative AI to reduce fraud by spotting anomalous behavior and used synthetic data to test deep learning models.

Endpoint Security

Udderly Insecure: Researchers Spot Cow-Tracking Collar Flaws

Mathew J. Schwartz • November 27, 2023

Not even dairy cows appear to be safe from internet of things flaws, researchers report after reverse-engineering health-monitoring collars for cows and finding they could eavesdrop on and alter data. Once addressed by the manufacturer, they said the non-updateable collars would have to be replaced.

Artificial Intelligence & Machine Learning

How Biden's AI Executive Order Will Affect Healthcare

Marianne Kolbasuk McGee • November 27, 2023

President Joe Biden's recent executive order for artificial intelligence encourages investment in AI while setting a vision for a regulatory framework to address issues involving AI technology safety, bias and other concerns in healthcare, said attorney Wendell Bartnick of the law firm Reed Smith.

Critical Infrastructure Security

Breach Roundup: Filipinos Under Fire From 'Mustang Panda'

Anviksha More • November 23, 2023

This week, Chinese-affiliated hackers targeted the Philippine government; Kansas courts confirmed data theft; officials warned of exploited flaws in Sophos, Oracle and Microsoft software; AutoZone disclosed a Clop ransomware attack; and Optus' CEO resigned after a network outage.