A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher.
US Offers $10 Million for Information on North Korean Hackers
The US Department of State has announced that it is offering up to $10 million as a reward for information on individuals associated with notorious North Korean state-sponsored hacking groups.
Dozens of ‘Luca Stealer’ Malware Samples Emerge After Source Code Made Public
Security researchers have observed an uptick in new Luca Stealer samples after the malware’s source code was made public.
Coded in Rust, the malware was initially observed in early July 2022, when its developer posted the source code on cybercrime forums, likely in an effort to boost their reputation.
AWS Announces Enhancements to Cloud Security, Privacy, Compliance
Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements to its security offerings.
Security, privacy, compliance and identity
Wawa Agrees to Payment, Security Changes for ’19 Data Breach
A Pennsylvania-based convenience store chain will pay $8 million to several states over a 2019 data breach that involved some 34 million payment cards, authorities announced Tuesday.
European Lawmaker Targeted With Cytrox Predator Surveillance Spyware
A security audit by the European Parliament has unearthed attempts to plant high-end surveillance software on the phone of a Greek lawmaker and there are fresh reports linking the hack attempt to a known North Macedonia spyware vendor.
Data Security Firm Sotero Raises $8 Million in Seed Funding
Data security startup Sotero has raised $8 million in an extended seed funding round that brings the total invested in the company to $13 million.
The round was led by OurCrowd, with participation from existing investors Boston Seed Capital, Gutbrain Ventures, and PBJ Capital.
New Ducktail Infostealer Targets Facebook Business Accounts via LinkedIn
An ongoing spear phishing campaign has been targeting Facebook business accounts since the second half of 2021. The campaign uses an infostealer specifically designed to steal browser cookies for authenticated Facebook sessions to steal information from the account and ultimately hijack any business account that the victim can access.
Data Stolen in Breach at Security Company Entrust
Entrust suffered a data breach last month and the security company has confirmed that the attackers have stolen some files.
Chinese UEFI Rootkit Found on Gigabyte and Asus Motherboards
Security researchers with Kaspersky have analyzed a UEFI firmware rootkit that appears to target specific motherboard models from Gigabyte and Asus.
