433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | info@poseidon-us.com | Office: (813) 563-2652

PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates

Clop and LockBit ransomware affiliates are behind the recent attacks exploiting vulnerabilities in PaperCut application servers, according to Microsoft and Trend Micro researchers. The detected campaings “Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505),” Microsoft shared. “Lace Tempest (DEV-0950) is a Clop ransomware affiliate that has been observed … More → The post PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates appeared first on Help Net Security.
http://news.poseidon-us.com/Sn8jL9

Why Russia’s cyber arms transfers are poor threat predictors

The history of international cyber conflict is remarkably long and storied. The timeline of major cyber threat events stretches back nearly four decades, but it is really only the last decade that has seen the widespread proliferation of national cyber forces. As of 2007, only 10 countries had operational cyber commands, three of which were members of the NATO alliance. Just eight years later, that figure jumped to 61 nations, a full two-thirds of which were outside of the NATO alliance. Clearly, national governments have become more willing to see cybersecurity as a key responsibility. States are also cooperating and sharing the burden of securing cyberspace. To read this article in full, please click here
http://news.poseidon-us.com/Sn8Q8p

The true numbers behind deepfake fraud

The use of artificial intelligence can result in the production of deepfakes that are becoming more realistic and challenging to differentiate from authentic content, according to Regula. Companies view fabricated biometric artifacts such as deepfake videos or voices as genuine menaces, with about 80% expressing concern. In the United States, this apprehension appears to be the highest, with approximately 91% of organizations believing it to be an escalating danger. AI-generated deepfakes The increasing accessibility of … More → The post The true numbers behind deepfake fraud appeared first on Help Net Security.
http://news.poseidon-us.com/Sn7vzJ

Over half of GAO’s high-risk areas stem from critical skills gaps

22 of the 37 items on GAO’s list of vulnerable federal programs and broad government challenges stem from issues of mission-critical skills gaps in the federal workforce.
http://news.poseidon-us.com/Sn7HK5

VA’s new EHR hits another outage, as agency reconsiders FY 2024 request for project

The VA on Tuesday experienced a systemwide outage of its Oracle-Cerner EHR that’s currently running at five sites.
http://news.poseidon-us.com/Sn7Bfx

Managed services deal size grew in 2022 despite economy woes

Outsourcing IT remains an effective long-term cost savings strategy for many companies, driving growth in the managed services category.
http://news.poseidon-us.com/Sn5bYv

Embracing zero-trust: a look at the NSA’s recommended IAM best practices for administrators

By now, most of the industry has realized we’re seeing a shift from the legacy perimeter-based security model to an identity-centric approach to cybersecurity. If defenders haven’t realized this, malicious actors certainly have, with 80% of web application attacks utilizing stolen credentials and 40% of breaches that don’t involve insider threats and user error involving stolen credentials, according to sources such as the 2022 Verizon Data Breach Investigation Report. Compromised credentials were involved in incidents such as the 2021 Colonial national gas pipeline breach, the 2021 Oldsmar Florida water treatment plant attack, and an attack on the South Staffordshire water treatment plant in the UK in 2022, illustrating that these incidents can and have spilled over from the digital realm to the physical, impacting critical infrastructure. To read this article in full, please click here
http://news.poseidon-us.com/Sn5Jkp

New coercive tactics used to extort ransomware payments

The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide, industry agnostic threat, according to GuidePoint Security. The report is based on data obtained from publicly available resources, including threat groups themselves, and insight into the ransomware threat landscape. In the first quarter, GRIT tracked 849 total publicly posted ransomware victims claimed by 29 different threat groups. Increase in public ransomware victims GRIT’s latest report shows a … More → The post New coercive tactics used to extort ransomware payments appeared first on Help Net Security.
http://news.poseidon-us.com/Sn4nMb

VHA already meeting year-end targets to grow its health care workforce

The Department of Veterans Affairs is already meeting one of its goals to grow its health care workforce by the end of the fiscal year, and remains on track to meet its other hiring targets.
http://news.poseidon-us.com/Sn4CQL

Google Cloud finally turns a profit

The third-largest cloud provider generated $191 million in Q1 2023 operating income, its parent company Alphabet reported.
http://news.poseidon-us.com/Sn47my