
- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 37
- Supporting Policy Developments to Achieve a High Common Level of Cybersecurity. (to the original material)
- CISA Releases One Industrial Control Systems Advisory. (to the original material)
- ESET APT Activity Report T3 2022. (to the original material)
- IT Army of Ukraine gained access to a 1.5GB archive from Gazprom. (to the original material)
- Experts released VMware vRealize Log RCE exploit for CVE-2022-31706. (to the original material)
- GitHub to revoke stolen code signing certificates for GitHub Desktop and Atom. (to the original material)
- Pro-Palestine hackers threaten Israeli chemical companies. (to the original material)
- Pro-Russia group Killnet targets US healthcare with DDoS attacks. (to the original material)
- Wheels of cyberjustice slowly crank. (to the original material)
- Checkmarx launches Supply Chain Threat Intelligence. (to the original material)
- GitHub hit by hackers; code signing certificates for GitHub Desktop and Atom applications stolen. (to the original material)
- How secure is your password manager? (to the original material)
- EFF Files Amicus Briefs in Two Important Geofence Search Warrant Cases. (to the original material)
- The FCC Broadband Maps: Meet the New Maps, Same as the Old Maps. (to the original material)
- Two Steps Forward, One Step Back on Vaccine Privacy in New York. (to the original material)
- EU to Use ePrivacy and GDPR to Tackle Illegal Cookie Walls. (to the original material)
- Three lessons for DevOps from the CircleCI breach. (to the original material)
- OpenEMR flaws detailed. (to the original material)
- JD Sports cyberattack compromises 10M customers. (to the original material)
- Indianapolis Housing Agency ransomware attack hits over 200K individuals. (to the original material)
- Data breaches hit Illinois social services firm, Washington behavioral health provider. (to the original material)
- GitHub code signing certificates compromised, to be revoked. (to the original material)
- New Titan Stealer malware examined. (to the original material)
- Novel malware leveraged in embassy-targeted APT29 attacks. (to the original material)
- Over 1.5 million records exposed by compromised TSA no-fly list. (to the original material)
- Enterprise XDR adoption still in early days, survey finds. (to the original material)
- GitHub Confirms Signing Certificates Stolen in Cyber-Attack, Revokes Them. (to the original material)
- DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000. (to the original material)
- Financial Services Targeted in 28% of UK Cyber-Attacks Last Year. (to the original material)
- Killnet Attackers DDoS US and Dutch Hospitals. (to the original material)
- Two US Doctors Convicted of $30m Medicare Fraud. (to the original material)
- QNAP: Patch Critical Remote Code Injection Bug. (to the original material)
- Skyrocketing Cyber Insurance Premium Growth May Slow. (to the original material)
- CISA to Set Up New Office for Supply Chain Security. (to the original material)
- OpenEMR Flaws Could Allow Attackers to Steal Data, More. (to the original material)
- Microsoft-Verified OAuth Apps Used to Infiltrate Inboxes. (to the original material)
- Russian Sandworm APT Adds New Wiper to Its Arsenal. (to the original material)
- Will Hive Stay Kaput After FBI Busts Infrastructure? (to the original material)
- Organization-Wide Passwordless Orchestration. (to the original material)
- Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts. (to the original material)
- Critical QNAP NAS vulnerability fixed, update your device ASAP! (CVE-2022-27596). (to the original material)
- 3 ways to stop cybersecurity concerns from hindering utility infrastructure modernization efforts. (to the original material)
- DigiCert releases new unified approach to trust management. (to the original material)
- Budget constraints force cybersecurity teams to do more with less. (to the original material)
- New Sh1mmer ChromeBook exploit unenrolls managed devices. (to the original material)
- Over 29,000 QNAP devices vulnerable to code injection attacks. (to the original material)
- Microsoft: Over 100 threat actors deploy ransomware in attacks. (to the original material)
- PoS malware can block contactless payments to steal credit cards. (to the original material)
- Exploit released for critical VMware vRealize RCE vulnerability. (to the original material)
- Microsoft disables verified partner accounts used for OAuth phishing. (to the original material)
- Using the Wazuh SIEM and XDR platform to meet PCI DSS compliance. (to the original material)
- Microsoft Defender can now isolate compromised Linux endpoints. (to the original material)

- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 41
- A Dutch hacker obtained the personal data of Austrian citizens. (to the original material)
- Vulnerability Summary for the Week of January 23, 2023. (to the original material)
- QNAP addresses a critical flaw impacting its NAS devices. (to the original material)
- JD Sports discloses a data breach impacting 10 million customers. (to the original material)
- Researcher received a $27,000 bounty for 2FA bypass bug in Facebook and Instagram. (to the original material)
- Sandworm APT group hit Ukrainian news agency with five data wipers. (to the original material)
- UNC2565 threat actors continue to improve the GOOTLOADER malware. (to the original material)
- New webinar: Cybersecurity predictions for 2023 (and beyond). (to the original material)
- WordPress Vulnerability & Patch Roundup January 2023. (to the original material)
- Why quantum computing threatens security as we know it [Q&A]. (to the original material)
- New privacy features in Apple devices. (to the original material)
- Five key cybersecurity lessons for your CEO. (to the original material)
- Stupid Patent of the Month: Digital Verification Systems Patents E-Signatures. (to the original material)
- California Law Says Electronic Search Data Must Be Posted Online. So Where Is It? (to the original material)
- The way to stop API breaches: reevaluate the company’s cybersecurity stack. (to the original material)
- Data breaches hit UCLA Health, UCHealth. (to the original material)
- Ukraine seeks ICC (International Criminal Court) probe on Russian cyberattacks. (to the original material)
- Charter Communications impacted by third-party breach. (to the original material)
- Impact of Hive ransomware disruption assessed. (to the original material)
- TikTok proposal to allay national security fears detailed. (to the original material)
- Zero trust not a fix-all solution to cyber threats. (to the original material)
- Novel BIND9 DNS software bugs addressed. (to the original material)
- Remediating VMware vRealize Log RCE urged amid imminent exploit. (to the original material)
- Gootkit malware significantly updated. (to the original material)
- Removable USB devices targeted by PlugX malware. (to the original material)
- JD Sports Confirms Breach Affected 10 Million Customers. (to the original material)
- Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware. (to the original material)
- Devs on Dark Web Forums Paid Up to $20,000 For Illicit Activities. (to the original material)
- Fake Money Apps Garner Millions of Android Downloads. (to the original material)
- New Yorker Gets Four Years for $9m COVID Fraud Scheme. (to the original material)
- Five Data Wipers Attack Ukrainian News Agency. (to the original material)
- HHS, AHA Warn of Surge in Russian DDoS Attacks on Hospitals. (to the original material)
- JD Sports Details Data Breach Affecting 10 Million Customers. (to the original material)
- Are We Doomed? Not If We Focus on Cyber Resilience. (to the original material)
- A glut of wiper malware hits Ukrainian targets. (to the original material)
- Critical OpenEMR vulnerabilities may allow attackers to access patients’ health records. (to the original material)
- Mounting cybersecurity pressure is creating headaches in railway boardrooms. (to the original material)
- Insider attacks becoming more frequent, more difficult to detect. (to the original material)
- Porsche halts NFT launch, phishing sites fill the void. (to the original material)
- KeePass disputes vulnerability allowing stealthy password theft. (to the original material)
- Cybercrime job ads on the dark web pay up to $20k per month. (to the original material)
- GitHub revokes code signing certificates stolen in repo hack. (to the original material)
- QNAP fixes critical bug letting hackers inject malicious code. (to the original material)
- JD Sports says hackers stole data of 10 million customers. (to the original material)
- U.S. No Fly list shared on a hacking forum, government investigating. (to the original material)

- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 37
- Alleged member of ShinyHunters group extradited to the US, could face 116 years in jail. (to the original material)
- Pro-Russia group Killnet targets Germany due to its support to Ukraine. (to the original material)
- Security Affairs newsletter Round 404 by Pierluigi Paganini. (to the original material)
- Watch out! Experts plans to release VMware vRealize Log RCE exploit next week. (to the original material)
- Week in review: ChatGPT cybersecurity, critical RCE vulnerabilities found in git, Riot Games breached. (to the original material)
- Shady reward apps on Google Play amass 20 million downloads. (to the original material)

- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 39
- Copycat Criminals mimicking Lockbit gang in northern Europe. (to the original material)
- Sandworm APT targets Ukraine with new SwiftSlicer wiper. (to the original material)
- ISC fixed high-severity flaws in DNS software suite BIND. (to the original material)
- Ukraine Links Media Center Attack to Russian Intelligence. (to the original material)
- Researchers to release VMware vRealize Log RCE exploit, patch now. (to the original material)
- Hackers use new SwiftSlicer wiper to destroy Windows domains. (to the original material)

- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 36
- US federal agencies have been targeted by attacks with ScreenConnect and AnyDesk. (to the original material)
- Protecting Data: Can we Engineer Data Sharing? (to the original material)
- ISC Releases Security Advisories for Multiple Versions of BIND 9. (to the original material)
- Scammers disguised as tech support agents still a common threat: Here's what to watch out for in 2023. (to the original material)
- Are you in control of your personal data? – Week in security with Tony Anscombe. (to the original material)
- SwiftSlicer: New destructive wiper malware strikes Ukraine. (to the original material)
- Patch management is crucial to protect Exchange servers, Microsoft warns. (to the original material)
- Hacker accused of having stolen personal data of all Austrians and more. (to the original material)
- CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack. (to the original material)
- BlackCat Ransomware gang stole secret military data from an industrial explosives manufacturer. (to the original material)
- Trustwave updates its threat hunting to find unknown dangers. (to the original material)
- Secure your Untappd check-ins. (to the original material)
- Brazil's Telecom Operators Made Strides and Had Shortcomings in Internet Lab's New Report on User Privacy Practices. (to the original material)
- Threat Round up for January 20 to January 27. (to the original material)
- Three trends public and healthcare cyber defense teams should know about in 2023. (to the original material)
- Novel Mimic ransomware strain detailed. (to the original material)
- Google ads phishing takes aim on password managers. (to the original material)
- Cybersecurity layoffs in the past year examined. (to the original material)
- NIST risk management framework for AI issued. (to the original material)
- CISA’s Joint Cyber Defense Collaborative details priorities. (to the original material)
- New Abraham Ax operation linked to Iranian hacktivist group. (to the original material)
- Alarm on Russian, Iranian spear-phishing operations raised by UK. (to the original material)
- Report: ChatGPT presents critical cyber risks. (to the original material)
- Five ways security teams can more effectively manage identities in the cloud. (to the original material)
- Third-party risks: How to reduce them. (to the original material)
- How AI and DAST can mitigate security risks. (to the original material)
- Multiple Vulnerabilities Found In Healthcare Software OpenEMR. (to the original material)
- Black Basta Deploys PlugX Malware in USB Devices With New Technique. (to the original material)
- New 'Pig Butchering' Scam in West Africa Impersonates US Financial Advisors. (to the original material)
- Security is Key to Business Transformation, Say IT Chiefs. (to the original material)
- Global Action "Dismantles" Hive Ransomware Group. (to the original material)
- Microsoft: Update On-Premises Exchange Server Now. (to the original material)
- Coinbase Fined 3.3 Million Euros by Dutch Central Bank. (to the original material)
- European IoT Manufacturers Lag in Vulnerability Disclosure. (to the original material)
- Advance Your Security Awareness Training Program: Research Results Analysis. (to the original material)
- Payments Rules Bring Customer Authentication to Forefront. (to the original material)
- Russian Nuisance Hacking Group KillNet Targets Germany. (to the original material)
- ISMG Editors: Why Are Ransomware Profits Dipping? (to the original material)
- Entity Will Pay $4.3 Million Settlement in 2nd Big Hack Case. (to the original material)
- Targets of Opportunity: How Ransomware Groups Find Victims. (to the original material)
- New infosec products of the week: January 27, 2023. (to the original material)
- Open source skills continue to be in high demand. (to the original material)
- 50% of organizations exceed their budgeted spend on cloud storage. (to the original material)
- The Week in Ransomware - January 27th 2023 - 'We hacked the hackers'. (to the original material)
- Ukraine: Sandworm hackers hit news agency with 5 data wipers. (to the original material)
- PlugX malware hides on USB devices to infect new Windows hosts. (to the original material)