Iranian threat actors launched a cyberattack against the Municipal Water Authority of Aliquippa. (Image: MWAA)

Iranian Hacking Group Attacks Pennsylvania Water Authority

Chris Riotta • November 28, 2023

The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as "Cyber Av3ngers" that targeted a small municipal water authority in Pennsylvania over its use of Israeli-owned software, according to officials.

Cybercrime

Australia Unveils AU$587M Strategy to Defeat Cybercrime

Latest

Cloud Security

Attackers Actively Target Critical ownCloud Vulnerability

Mathew J. Schwartz • November 29, 2023

Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.

Artificial Intelligence & Machine Learning

ChatGPT Turns One - and the Future of Generative AI

Tom Field • November 29, 2023

Nov. 30 marks the one-year public birthday of ChatGPT. Gartner's Avivah Litan shared insights on the current state and future of generative AI, as well as the potential market after-effects of the pre-Thanksgiving drama involving OpenAI, its board and fired/reinstated CEO Sam Altman.

Breach Notification

Okta Says Hacker Stole Every Customer Support User's Details

Mihir Bagwe , Mathew J. Schwartz • November 29, 2023

Identity and authentication giant Okta said the attacker behind its September data breach stole usernames and contact details for all users of its primary customer support system and warned customers to beware potential follow-on phishing and social engineering attacks.

Cloud Security

Stopping Cloud Workload Attacks

Steve King • November 29, 2023

In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.

Security Information & Event Management (SIEM)

CrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy Woes

Michael Novinson • November 28, 2023

Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk have driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. LogScale hit the $100 million ARR milestone last quarter thanks to its search speed, data gravity and cost efficiency.

Government

Second Front Raises $40M to Support More Classified Networks

Michael Novinson • November 28, 2023

A vendor focused on fast-tracking government access to commercial software closed its Series B funding round to support more classified and regulated environments. The $40 million will allow Second Front Systems to support additional bespoke networks in the U.S. Defense and National Security space.

Fraud Management & Cybercrime

Thanksgiving Day Attack on Ardent Health Serving Leftovers

Marianne Kolbasuk McGee • November 28, 2023

Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as the Tennessee-based organization continues to respond to a Thanksgiving Day ransomware attack.

Cybercrime

DP World Says Australian Employee Data Stolen in Attack

Mihir Bagwe • November 28, 2023

A cyber incident that incapacitated four major Australian ports for days also resulted in the theft by hackers of employee data, the port operator said Tuesday. Hackers obtained personal information of current and former employees of DP World Australia in an incident first detected on Nov. 10.

Email Security & Protection

Proofpoint Snags Former VMware President Sumit Dhawan as CEO

Michael Novinson • November 28, 2023

Proofpoint landed top VMware lieutenant Sumit Dhawan as its new chief executive just days after the cloud and virtualization giant was acquired by Broadcom. The Silicon Valley-based email security firm said it liked Dhawan's track record of building security, cloud and end-user computing businesses.

Business Continuity Management / Disaster Recovery

Insights From Israel: Guy Shafir, WideOps

Tom Field • November 28, 2023

DDoS and other cyberattacks against media outlets and critical services are what Guy Shafir, CTO of Israeli tech vendor WideOps, has been dealing with since the start of the terrorist attacks in Israel on Oct. 7. Shafir shared details about the response to these intense attacks.

Active Directory

Mapping Access - and Attack - Paths in Active Directory

Steve King • November 28, 2023

A directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active Directory.

Data Loss Prevention (DLP)

Zscaler Taps Generative AI to Measure Risk, Predict Breaches

Michael Novinson • November 27, 2023

Zscaler infused generative AI features into its data protection bundles and is introducing AI-powered products that quantify risk and predict breaches, said CEO Jay Chaudhry. The cloud security firm enhanced its data protection policies for AI/ML apps and tools to lower the likelihood of data loss.