Day: November 2, 2023

Attackers have begun exploiting a critical remote code execution vulnerability patched last week in Apache ActiveMQ to deploy ransomware in enterprise networks. Users are urged to upgrade the software as soon as possible. “Beginning Friday, October 27, Rapid7 Managed Detection and Response (MDR) identified suspected exploitation of Apache ActiveMQ CVE-2023-46604 in two different customer environments,”…

Aerospace and defense giant Boeing on Thursday confirmed that it had suffered a cyber incident affecting its parts and distribution business, and the infamous Lockbit ransomware group is reported to be behind the attack. According to a Boeing spokesperson, the company is taking post-incident steps to rectify the damage, noting that the incident did not…

Microsoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring together “every part of Microsoft” to advance cybersecurity protection incorporating three pillars focused on AI-based cyber defenses, advances in fundamental software…

The members of the International Counter Ransomware Initiative (CRI) have agreement a joint policy statement declaring that member governments should not pay ransoms demanded by cybercriminal groups. The agreement was announced during the third CRI summit in Washington, D.C this week. CRI members affirmed the importance of strong and aligned messaging discouraging paying ransomware demands…

Digital resilience provider, Red Sift is adding four new capabilities — Brand Trust, OnDMARC, ASM, and Certificates — designed to help organizations proactively address cybersecurity risks. The Red Sift platform uses APIs to collect and process large amounts of threat intelligence from cybersecurity feeds. The capabilities in the platform will bolster a company’s cyber resilience,…

Phishing definition Phishing is a type of cyberattack that uses disguised email as a weapon. Variations of phishing use text messages, voicemail, or QR codes. These attacks use social engineering techniques to trick the email recipient into believing that the message is something they want or need–a request from their bank, for instance, or a…

In Silicon Valley startup culture, “cookie licking” is a derogatory phrase. A cookie licker stakes a claim to a project in a way that prevents anyone else from having it, despite not having the ability to immediately execute on the project. The licker wants to save the delicious opportunity despite being too full to eat…