lemmydev2

Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google's analytics and advertisement platforms. [...]

arXiv:2504.15395v1 Announce Type: new Abstract: In cybersecurity risk is commonly measured by impact and probability, the former is objectively measured based on the consequences from the use of technology to obtain business gains, or by achieving business objectives. The latter has been measured, in sectors such as financial or insurance, based on historical data because there is vast information, and many other fields have applied the same approach. Although in cybersecurity, as a new discipline, there is not always historical data to support an objective measure of probability, the data available is not public and there is no consistent formatting to store and share it, so a new approach is required to measure cybersecurity events incidence. Through a comprehensive analysis of the state of the art, including current methodologies, frameworks, and incident data, considering tactics, techniques, and procedures (TTP) used by attackers, indicators of compromise (IOC), and defence controls, this work proposes a data model that describes a cyber exposure profile that provides an indirect but objective measure for likelihood, including different sources and metrics to update the model if needed. We further propose a set of practical, quantifiable metrics for risk assessment, enabling cybersecurity practitioners to measure likelihood without relying solely on historical incident data. By combining these metrics with our data model, organizations gain an actionable framework[...]

Cybercriminals continued to shift to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises declined, according to IBM. Researchers observed an 84% increase in emails delivering infostealers in 2024 compared to the prior year, a method threat actors relied heavily on to scale identity attacks. 70% of attacks in 2024 involved critical infrastructure. In this subset, the use of valid accounts made up 31% of initial access vectors, followed by phishing and … More → The post Phishing emails delivering infostealers surge 84% appeared first on Help Net Security.

There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All users running an SSH server based on the Erlang/OTP SSH library are likely to be affected by this vulnerability. If your application uses Erlang/OTP SSH to provide remote access, assume you are affected,” Ruhr University Bochum researchers, who discovered and reported the flaw, said. About CVE-2025-32433 Erlang/OTP SSH is a set of libraries … More → The post PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) appeared first on Help Net Security.

A new malware campaign utilizing NFC-relay techniques has been identified carrying out unauthorized transactions through POS systems and ATMs

A UK gang involved in fraud, drug dealing, and extortion is reportedly laundering its funds through memecoin pump and dumps. The post UK street gang launders drug funds with memecoin, report appeared first on Protos.

The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallets. [...]

A proof-of-concept (PoC) attack vector exploits two Azure authentication tokens from within a browser, giving threat actors persistent access to key cloud services, including Microsoft 365 applications.

Faces Two Counts of Oklahoma Computer Crime Act ViolationsThe CEO of a small cybersecurity firm is facing two counts of violating Oklahoma's Computer Crimes Act in a case alleging that he walked into an Oklahoma City hospital and installed malware on employee computers. The case echoes other alleged hospital security incidents.

arXiv:2504.14235v1 Announce Type: new Abstract: Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence (CTI), such as indicators of compromise, tactics, techniques, and procedures (TTPs), or threat feeds from various sources: open source data (e.g., social networks), internal intelligence (e.g., log data), and ``first-hand'' communications from cybercriminals (e.g., underground forums, chats, darknet websites). However, "first-hand" data sources remain underutilized because it is difficult to access or scrape their data. In this work, we analyze (i) 6.6 million posts, (ii) 3.4 million messages, and (iii) 120,000 darknet websites. We combine NLP tools to address several challenges in analyzing such data. First, even on dedicated platforms, only some content is CTI-relevant, requiring effective filtering. Second, "first-hand" data can be CTI-relevant from a technical or strategic viewpoint. We demonstrate how to organize content along this distinction. Third, we describe the topics discussed and how "first-hand" data sources differ from each other. According to our filtering, 20% of our sample is CTI-relevant. Most of the CTI-relevant data focuses on strategic rather than technical discussions. Credit card-related crime is the most prevalent topic on darknet websites. On underground forums and chat channels, account and subscription selling is discussed most. Topic diversity is higher on[...]

Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are leaving organizations vulnerable to audit failures, regulatory penalties and security gaps. 51% of organizations have either received compliance warnings or fines or are concerned they could in the near future. With the stakes this high, … More → The post Compliance weighs heavily on security and GRC teams appeared first on Help Net Security.

New research from EY US shows that cyber attacks are creating serious financial risks. C-suite leaders don’t always agree on how exposed their companies are or where the biggest threats come from. CISOs more concerned about cybersecurity (Source: EY US) Cybersecurity as a strategic investment In EY US’s latest C-suite cybersecurity study, 84% of executives said their company had faced a cyber incident in the past three years. Another EY US review of Russell 3000 … More → The post The C-suite gap that’s putting your company at risk appeared first on Help Net Security.