- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 101
- Cybersecurity news of the week (26.01.2023). (to the original material)
- The National Directorate of Cyber Security and ING Bank call for vigilance: cyber attackers can use artificial intelligence to create phishing messages that look more genuine than ever. (to the original material)
- JCDC (Joint Cyber Defense Collaborative) Announces 2023 Planning Agenda. (to the original material)
- CISA Releases Eight Industrial Control Systems Advisories. (to the original material)
- CISA Has Added One Known Exploited Vulnerability to Catalog. (to the original material)
- The Hybrid Professional Life: How Social Media Apps Became a Professional Recruiting and Business Promotion Medium. (to the original material)
- Why your data is more valuable than you may realize. (to the original material)
- UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups. (to the original material)
- An unfaithful employee leaked Yandex source code repositories. (to the original material)
- Hive Ransomware Tor leak site apparently seized by law enforcement. (to the original material)
- Experts warn of a surge of attacks exploiting a Realtek Jungle SDK RCE (CVE-2021-35394). (to the original material)
- 3 Barracuda executives share security predictions for 2023. (to the original material)
- How to Fix the “Deceptive Site Ahead” Warning. (to the original material)
- Ransomware groups rebrand and claim more victims. (to the original material)
- Cybersecurity is a key first step in digital transformation. (to the original material)
- What Old is New Again and What's Old is Me? (to the original material)
- Vulnerability Spotlight: OS command injection, directory traversal and other vulnerabilities found in Siretta Quartz-Gold and FreshTomato. (to the original material)
- The Best Super Bowl Ads of All Time. (to the original material)
- The Next Arms Race: Empowering the next generation of cybersecurity workers. (to the original material)
- Cybersecurity budgets lacking amid rising threats. (to the original material)
- More data breach disclosures lacking information. (to the original material)
- Windows CryptoAPI vulnerability exploit issued. (to the original material)
- Report: Baltimore school system lacked defenses prior to 2020 cyberattack. (to the original material)
- Zacks Investment Research data breach impacts 820K individuals. (to the original material)
- Malware campaign compromises over 4,500 WordPress sites. (to the original material)
- Windows systems targeted by novel Python RAT malware. (to the original material)
- New attack techniques employed by North Korean APT. (to the original material)
- Google Ads exploited for network breaches. (to the original material)
- Iranian Group Cobalt Sapling Targets Saudi Arabia With New Persona. (to the original material)
- Zacks Investment Research Confirms Breach Affecting 820,000 Customers. (to the original material)
- CISA Warns Against Malicious Use of Legitimate RMM Software. (to the original material)
- NCSC: Iranian and Russian Groups Targeting Government, Activists and Journalists With Spearphishing. (to the original material)
- Dark Web Posts Advertising Counterfeit Cash Surge 90%. (to the original material)
- Near-Record Year for US Data Breaches in 2022. (to the original material)
- Lloyds Bank Warns of 80% Surge in Advance Fee Scams. (to the original material)
- UK Insurers Mostly Withstand Cyber Stress Test. (to the original material)
- Uniform Infrastructure Raises Risk for Industrial Attacks. (to the original material)
- UK Warns of Surge in Russian, Iranian APT Phishing Threats. (to the original material)
- 2 Hacks Involving Mental Health Data Affected Nearly 400,000. (to the original material)
- Facebook, Instagram Blasted for 'Lame' Security Practices. (to the original material)
- Ukraine's Critical Sectors Targeted in Phishing Attack Surge. (to the original material)
- ISACA Survey: Privacy in Practice 2023 Highlights. (to the original material)
- FBI Seizes Hive Ransomware Servers in Multinational Takedown. (to the original material)
- Venture Capitalist: Now Is an Ideal Time to Invest in Cyber. (to the original material)
- Protecting the Hidden Layer in Neural Networks. (to the original material)
- Authorities shut down HIVE ransomware infrastructure, provide decryption tools. (to the original material)
- Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689). (to the original material)
- Attackers use portable executables of remote management software to great effect. (to the original material)
- ChatGPT is a bigger threat to cybersecurity than most realize. (to the original material)
- Supply chain attacks caused more data compromises than malware. (to the original material)
- Microsoft urges admins to patch on-premises Exchange servers. (to the original material)
- Bitwarden password vaults targeted in Google ads phishing attack. (to the original material)
- US offers $10M bounty for Hive ransomware links to foreign governments. (to the original material)
- New Mimic ransomware abuses ‘Everything’ Windows search tool. (to the original material)
- Lexmark warns of RCE bug affecting 100 printer models, PoC released. (to the original material)
- Google nukes 50,000 accounts pushing Chinese disinformation. (to the original material)
- UK warns of increased attacks from Russian, Iranian hackers. (to the original material)
- Hive ransomware disrupted after FBI hacks gang's systems. (to the original material)
- Yandex denies hack, blames source code leak on former employee. (to the original material)
- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 99
- CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software. (to the original material)
- VMware Releases Security Updates for VMware vRealize Log Insight. (to the original material)
- Gaming and Video Games: How Much Is Too Much for Your Kids? (to the original material)
- Mastodon vs. Twitter: Know the differences. (to the original material)
- Zacks Investment Research data breach impacted hundreds of thousands of customers. (to the original material)
- Google Chrome 109 update addresses six security vulnerabilities. (to the original material)
- North Korea-linked TA444 group turns to credential harvesting activity. (to the original material)
- French rugby club Stade Français leaks source code. (to the original material)
- DragonSpark threat actor avoids detection using Golang source code Interpretation. (to the original material)
- Below the Surface: Innovations in security awareness training. (to the original material)
- Quality and security suffer in the push for digital transformation. (to the original material)
- Lookout launches unified security for endpoints and cloud. (to the original material)
- Dealing with the threat of social engineering [Q&A]. (to the original material)
- Newly-discovered Signal vulnerabilities - how dangerous are they? (to the original material)
- EFF Tells Supreme Court: User Speech Must Be Protected. (to the original material)
- What security pros need to know about the FTC’s proposed non-compete rule. (to the original material)
- New detection bypass methods accompany Emotet revival. (to the original material)
- Cyberwarfare concern amid Russia-Ukraine conflict examined. (to the original material)
- CISA sheds light on K-12 cybersecurity in review. (to the original material)
- New cyber, workforce subcommittees expected at House Oversight panel. (to the original material)
- Riot Games rejects paying $10M ransom for breach. (to the original material)
- Zendesk hit by phishing-related data breach. (to the original material)
- GoTo breach compromised encrypted backups. (to the original material)
- Significant updates likely in upcoming NIST cybersecurity framework. (to the original material)
- Novel Blank Image phishing technique detailed. (to the original material)
- Cyber testing gaps, staffing shortfall compromising DoD (Department of Defence) cyber posture. (to the original material)
- LatAm hacktivist collective Guacamaya examined. (to the original material)
- GAO (Government Accountability Office): Most cyber recommendations ignored by federal agencies. (to the original material)
- North Korean Group TA444 Shows 'Startup' Culture, Tries Numerous Infection Methods. (to the original material)
- Yahoo Overtakes DHL As Most Impersonated Brand in Q4 2022. (to the original material)
- Ticketmaster Claims Bot Attack Disrupted Taylor Swift Tour Sales. (to the original material)
- Regulator Stress Test Highlights Cyber Insurance Concerns. (to the original material)
- New Cheats May Emerge After Riot Games Hack. (to the original material)
- Just Half of Firms Have Sufficient Cybersecurity Budget. (to the original material)
- Case Study: Policy Compliance with Layered Security. (to the original material)
- Clinic Reports Tracking Pixel Breach Involving 3rd Party. (to the original material)
- Reported Data Breaches in US Reach Near-Record Highs. (to the original material)
- Microsoft 365 Cloud Service Outage Disrupts Users Worldwide. (to the original material)
- North Korean Crypto Hackers Keep Nose to the Grindstone. (to the original material)
- Why Healthcare Orgs Must Prioritize 3rd-Party Risk Management. (to the original material)
- Riot Games breached: How did it happen? (to the original material)
- Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704). (to the original material)
- How to tackle the cybersecurity skills shortage in the EU. (to the original material)
- Most consumers would share anonymized personal data to improve AI products. (to the original material)
- Exploit released for critical Windows CryptoAPI spoofing bug. (to the original material)
- CISA: Federal agencies hacked using legitimate remote desktop tools. (to the original material)
- Hackers auction alleged source code for League of Legends. (to the original material)
- Zacks Investment Research data breach affects 820,000 clients. (to the original material)
- Malware exploited critical Realtek SDK bug in millions of attacks. (to the original material)
- Lessons Learned from the Windows Remote Desktop Honeypot Report. (to the original material)
- New stealthy Python RAT malware targets Windows in attacks. (to the original material)
- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 114
- Apple Releases Security Updates for Multiple Products. (to the original material)
- CISA Releases Two Industrial Control Systems Advisories. (to the original material)
- CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats. (to the original material)
- Protect your digital identity in 2023. (to the original material)
- 5 valuable skills your children can learn by playing video games. (to the original material)
- VMware warns of critical code execution bugs in vRealize Log Insight. (to the original material)
- Pakistan hit by nationwide power outage, is it the result of a cyber attack? (to the original material)
- GoTo revealed that threat actors stole customers’ backups and encryption key for some of them. (to the original material)
- FBI confirms that North Korea-linked Lazarus APT is behind Harmony Horizon Bridge $100 million cyber heist. (to the original material)
- Meta Platforms expands features for EE2E on Messenger App. (to the original material)
- CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog. (to the original material)
- Researcher found US ‘No Fly List’ on an unsecured server. (to the original material)
- Secured.22: Backing Up Your Microsoft 365 Environment. (to the original material)
- Cybersecurity Threat Advisory: NortonLifeLock compromised. (to the original material)
- Massive Campaign Uses Hacked WordPress Sites as Platform for Black Hat Ad Network. (to the original material)
- Insider threats become more frequent and harder to deal with. (to the original material)
- Organizations not prepared for cyberwarfare. (to the original material)
- How ChatGPT will change cybersecurity. (to the original material)
- The Next Stage in Security Expert’s Trial Set for January 31. (to the original material)
- Podcast Episode: Don't Be Afraid to Poke the Tigers. (to the original material)
- Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022. (to the original material)
- By reframing talent, we can meet the cybersecurity skills gap. (to the original material)
- New NSA security guidelines for IPv6 transition issued. (to the origina material)
- Massive app-spoofing malvertising scheme disrupted. (to the original material)
- Russia hit with record high DDoS attacks last year. (to the original material)
- Sliver C2 framework gaining traction among threat actors. (to the original material)
- Global anti-ransomware task force begins operations. (to the original material)
- DellOro Group predicts SASE to overtake SD-WAN. (to the original material)
- Dell touts new servers with advanced security, efficiencies. (to the original material)
- Remote.It updates networking platform with zero-trust features. (to the original material)
- Threat intelligence: Security pros share key challenges. (to the original material)
- Threat intelligence: Security pros identify top benefits. (to the original material)
- DragonSpark Hackers Evade Detection With SparkRAT and Golang. (to the original material)
- FBI Confirms Lazarus Group Was Behind $100m Harmony Hack. (to the original material)
- #DataPrivacyWeek: Consumers Already Concerned About AI’s Impact on Data Privacy. (to the original material)
- Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery. (to the original material)
- Gartner: Zero Trust Will Not Mitigate Over Half of Attacks. (to the original material)
- #DataPrivacyWeek: ICO Offers Data Protection Advice to SMBs. (to the original material)
- Record-Breaking Year for DDoS Attacks Targeting Russia. (to the original material)
- Microsoft Security Sales Hit $20B as Consolidation Increases. (to the original material)
- VA (Veterans Affairs): Contractors Have 1 Hour to Report a Security Incident. (to the original material)
- What Federal Charges Against Bitzlato Mean for Cybercrime. (to the original material)
- CommonSpirit Facing 2 Proposed Class Actions Post-Breach. (to the original material)
- North Korean Hackers Attacked Horizon, Confirms FBI. (to the original material)
- GoTo now says customers’ backups have also been stolen. (to the original material)
- Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856). (to the original material)
- BSidesZG 2023: Strengthening the infosec community in Croatia’s capital. (to the original material)
- NSA publishes IPv6 Security Guidance. (to the original material)
- Ransomware access brokers use Google ads to breach your network. (to the original material)
- VMware fixes critical security bugs in vRealize log analysis tool. (to the original material)
- Microsoft shares workaround for unresponsive Windows Start Menu. (to the original material)
- U.S. sues Google for abusing dominance over online ad market. (to the original material)
- Riot Games receives ransom demand from hackers, refuses to pay. (to the original material)
- 75k WordPress sites impacted by critical online course plugin flaws. (to the original material)
- FBI: North Korean hackers stole $100 million in Harmony crypto hack. (to the original material)
- GoTo says hackers stole customers' backups and encryption key. (to the original material)
- Hackers use Golang source code interpreter to evade detection. (to the original material)
- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 101
- CISA Adds One Known Exploited Vulnerability to Catalog. (to the original material)
- Vulnerability Summary for the Week of January 16, 2023. (to the original material)
- 9 recommendations for hassle-free holidays in 2023. (to the original material)
- January is Digital Cleanup Month. (to the original material)
- The hybrid work style has transformed business communication platforms into preferred online socializing spaces. (to the original material)
- Hybrid play: Leveling the playing field in online video gaming and beyond. (to the original material)
- Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads. (to the original material)
- Two flaws in Samsung Galaxy Store can allow to install Apps and execute JS code. (to the original material)
- Companies impacted by Mailchimp data breach warn their customers. (to the original material)
- Massive Ad fraud scheme VASTFLUX targeted over 11 million devices. (to the original material)
- Video game firm Riot Games hacked, now it faces problems to release content. (to the original material)
- The Trouble with API security. (to the original material)
- Riot Games delays release of game updates and patches following security breach. (to the original material)
- How to avoid online recruitment scams in 2023. (to the original material)
- Socks5 VPN: What It Is & Why PIA Is the Best. (to the original material)
- Four lessons learned from the latest third-party breach of Uber data. (to the original material)
- FanDuel impacted by MailChimp data breach. (to the original material)
- Malware deployment facilitated by Microsoft OneNote attachments. (to the original material)
- Ukraine impacted by new Gamaredon cyberattacks exploiting Telegram. (to the original material)
- Fortinet vulnerability leveraged for new Boldmove malware distribution. (to the original material)
- Vice Society attack on LAUSD compromised contractors’ data. (to the original material)
- Potential TSA no-fly list breach under investigation. (to the original material)
- Cyber threats from China’s AI program, Russia-Ukraine war emphasized by FBI director. (to the original material)
- How to determine SASE needs specific to your IT environment. (to the original material)
- Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit. (to the original material)
- Two Vulnerabilities Found in Galaxy App Store. (to the original material)
- Most Federal Agencies Ignored GAO's (US Government Accountability Office) Cybersecurity Recommendations. (to the original material)
- Ad Fraud Scheme Tops 12 Billion Daily Bid Requests. (to the original material)
- Riot Games Halts Work After Cyber-Attack. (to the original material)
- New Government Cyber Advice for £100bn UK Charity Sector. (to the original material)
- Malware Blurs Line Between Banking Trojan and Surveillance. (to the original material)
- 2 Vendors Among BlackCat's Alleged Recent Ransomware Victims. (to the original material)
- Spanish Authorities Arrest 3 in Bitzlato Crackdown. (to the original material)
- Australia Initiates Global Ransomware Task Force Operations. (to the original material)
- What Makes Sumo Logic an Appealing Target for Private Equity. (to the original material)
- David Derigiotis on the Complex World of Cyber Insurance. (to the original material)
- Ransomware Profits Dip as Fewer Victims Pay Extortion. (to the original material)
- Webinar On-Demand: Why Organizations are Adopting MDR Services. (to the original material)
- ENISA gives out toolbox for creating security awareness programs. (to the original material)
- Extent of reported CVEs overwhelms critical infrastructure asset owners. (to the original material)
- Trained developers get rid of more vulnerabilities than code scanning tools. (to the original material)
- Apple iOS 16.3 arrives with support for hardware security keys. (to the original material)
- Russia’s largest ISP says 2022 broke all DDoS attack records. (to the original material)
- Apple fixes actively exploited iOS zero-day on older iPhones, iPads. (to the original material)
- CISA warns of critical ManageEngine RCE bug exploited in attacks. (to the original material)
- GTA Online bug exploited to ban, corrupt players’ accounts. (to the original material)
- Google Ads invites being abused to push spam, adult sites. (to the original material)
- Microsoft 365 to block downloaded Excel XLL add-ins to boost security. (to the original material)
- Details
- Written by: Merticaru Dorin Nicolae
- Category: Cyber Security News
- Hits: 96
- Expert found critical flaws in OpenText Enterprise Content Management System. (to the original material)
- Roaming Mantis uses new DNS changer in its Wroba mobile malware. (to the original material)
- Security Affairs newsletter Round 403 by Pierluigi Paganini. (to the original material)
- Week in review: Critical git vulnerabilities, increasingly malicious Google Search ads. (to the original material)
- FanDuels warns of data breach after customer info stolen in vendor hack. (to the original material)
- WhatsApp fined €5.5 million by Irish DPC for GDPR violation. (to the original material)
