Study - Technical
- LMS-SFC (EN) - Cyber
Security - News archive
November 2022
Cyber Security - News Archive
November 2022
30.11.2022
- News
from cyber security.
- Pairing up Cybersecurity
and Data Protection Efforts: EDPS and ENISA sign Memorandum of
Understanding. (to
the original material)
- Who’s swimming in South
Korean waters? Meet ScarCruft’s Dolphin. (to
the original material)
- Three out of four
organizations are still vulnerable to Log4Shell. (to
the original material)
- Cybersecurity budgets are
up but aren't being well spent. (to
the original material)
- Researchers Find a Way
Malicious NPM Libraries Can Evade Vulnerability Detection. (to
the original material)
- This Malicious App Abused
Hacked Devices to Create Fake Accounts on Multiple Platforms.
(to
the original material)
- French Electricity Provider
Fined for Storing Users' Passwords with Weak MD5 Algorithm. (to
the original material)
- Australia Passes Bill to
Fine Companies up to $50 Million for Data Breaches. (to
the original material)
- 3 New Vulnerabilities
Affect OT Products from German Companies Festo and CODESYS. (to
the original material)
- Chinese Cyber Espionage
Hackers Using USB Devices to Target Entities in Philippines. (to
the original material)
- 33% of attacks in the cloud
leverage credential access. (to
the original material)
- CISOs’ priorities for the
coming year. (to
the original material)
- GoTo says hackers breached
its dev environment, cloud storage. (to
the original material)
- Keralty ransomware attack
impacts Colombia's health care system. (to
the original material)
- Critical RCE bugs in
Android remote keyboard apps with 2M installs. (to
the original material)
- Lastpass says hackers
accessed customer data in new breach. (to
the original material)
- New Windows malware also
steals data from victims’ mobile phones. (to
the original material)
- Cybersecurity researchers
take down DDoS botnet by accident. (to
the original material)
- Australia will now fine
firms up to AU$50 million for data breaches. (to
the original material)
- Google discovers Windows
exploit framework used to deploy spyware. (to
the original material)
- NVIDIA releases GPU driver
update to fix 29 security flaws. (to
the original material)
- Android and iOS apps with
15 million installs extort loan seekers. (to
the original material)
- Crafty threat actor uses
'aged' domains to evade security platforms. (to
the original material)
- Acer Fixes Bugs That Enable
Attackers to Bypass Secure Boot. (to
the original material)
- How to Carry Out a Crypto
Heist - Part 1. (to
the original material)
- Brooklyn Hospitals Decried
for Silence on Cyber Incident. (to
the original material)
- UK Court Orders Crypto
Firms to Share Data to Track Thieves. (to
the original material)
- Okta Clears Up Customer
Identity Confusion as SMB Sales Dip. (to
the original material)
- Attackers lure users to
install malware via TikTok challenge. (to
the original material)
- A syntax error took down
the KmsdBot cryptomining botnet, effectively killing it. (to
the original material)
- How security leaders can
clarify priorities to fuel accelerated outcomes. (to
the original material)
- Why cloud security has
become a top priority in the 5G era. (to
the original material)
- Google links three
exploitation frameworks to Spanish commercial spyware vendor
Variston. (to
the original material)
- Attackers abused the
popular TikTok Invisible Challenge to spread info-stealer. (to
the original material)
- China-linked UNC4191 APT
relies on USB Devices in attacks against entities in the
Philippines. (to
the original material)
- ENC Security, the
encryption provider for Sony and Lexar, leaked sensitive data
for over a year. (to
the original material)
- Majority of US Defense
Contractors Not Meeting Basic Cybersecurity Requirements. (to
the original material)
- Australian Parliament
Passes Privacy Penalty Bill. (to
the original material)
- China-Based Hackers Target
Southeast Asia With USB-Based Malware. (to
the original material)
- Zero-Day Flaw Discovered in
Quarkus Java Framework. (to
the original material)
- Businesses Increasing Cyber
Spend Without Clear Strategy, Fastly Finds. (to
the original material)
- Let's Encrypt Issues Three
Billionth Certificate. (to
the original material)
- Most Small Biz IaaS Users
Seeing Surge in Attacks. (to
the original material)
- New "Icefall" Bugs Include
Critical DoS Flaw. (to
the original material)
- Let Data Breach Victims Sue
Marriott. (to
the original material)
- Let Them Know: San
Francisco Shouldn’t Arm Robots. (to
the original material)
29.11.2022
- News
from cyber security.
- CISA Releases Seven
Industrial Control Systems Advisories. (to
the original material)
- Vulnerability Summary for
the Week of November 21, 2022. (to
the original material)
- Vote for Zero Trust early
and often. (to
the original material)
- EU Council adopts the
NIS2 directive. (to
the original material)
- Pre-auth RCE in Oracle
Fusion Middleware exploited in the wild (CVE-2021-35587). (to
the original material)
- The top 200 most common
passwords in 2022 are bad, mkay? (to
the original material)
- Cybercriminals are
cashing in on FIFA World Cup-themed cyberattacks. (to
the original material)
- Trigona ransomware
spotted in increasing attacks worldwide. (to
the original material)
- Let’s Encrypt issued over
3 billion certificates, securing 309M sites for free. (to
the original material)
- Spanish police dismantle
operation that made €12M via investment scams. (to
the original material)
- Ransomware detection with
Wazuh SIEM and XDR platform. (to
the original material)
- Microsoft Defender boosts
default protection for all enterprise users. (to
the original material)
- CrowdStrike Sales Growth
Slows as SMB Clients Delay Spending. (to
the original material)
- UK Companies Fear
Reporting Cyber Incidents, Parliament Told. (to
the original material)
- HHS Rule to Ease Record
Sharing, Guard Substance Abuse Data. (to
the original material)
- TSA Plans Cyber Risk
Regulation for Pipeline and Rail Sector. (to
the original material)
- Why Are HIPAA Fines Down
93% - With Data Breaches Soaring? (to
the original material)
- Cybersecurity Stigma:
More Victims Avoid Saying 'Ransomware'. (to
the original material)
- Over half of SMBs using
the cloud faced more attacks in the past year. (to
the original material)
- Security, ESG
(Environmental, Social and Governance) are the top two risks
for corporate audit professionals. (to
the original material)
- Cybercriminals look to
exploit sports fans with World Cup-themed attacks. (to
the original material)
- Adversary disruption: We
can’t underestimate the power of public-private
collaboration. (to
the original material)
- Five ways security teams
can create continuous security for APIs. (to
the original material)
- Threat actors are
offering access to corporate networks via unauthorized
Fortinet VPN access. (to
the original material)
- CISA adds Oracle Fusion
Middleware flaw to its Known Exploited Vulnerabilities
Catalog. (to
the original material)
- Tips for Gamifying Your
Cybersecurity Awareness Training Program. (to
the original material)
- Irish data protection
commission fines Meta over 2021 data-scraping leak. (to
the original material)
- Tips for International
Computer Security Day. (to
the original material)
- CISOs look to balance
transformation and cybersecurity. (to
the original material)
- WordPress Vulnerability
& Patch Roundup November 2022. (to
the original material)
- New Flaw in Acer Laptops
Could Let Attackers Disable Secure Boot Protection. (to
the original material)
- Hackers Using Trending
TikTok 'Invisible Challenge' to Spread Malware. (to
the original material)
- 7 Cyber Security Tips for
SMBs. (to
the original material)
- Irish Regulator Fines
Facebook $277 Million for Leak of Half a Billion Users'
Data. (to
the original material)
- CISA Warns of Actively
Exploited Critical Oracle Fusion Middleware Vulnerability. (to
the original material)
- Oracle Fusion Middleware
Vulnerability Actively Exploited in the Wild: CISA. (to
the original material)
- PII May Have Been Stolen
in Virginia County Ransomware Attack. (to
the original material)
- US Census Bureau Head
Fends Off Critics of 'Differential Privacy' Tool. (to
the original material)
- Police Shutter 13,000
Sites in Piracy Crackdown. (to
the original material)
- Ireland’s DPC Fines Meta
€265m Following Large-Scale Data Leak. (to
the original material)
- Experts Find 16,000+ Scam
FIFA World Cup Domains. (to
the original material)
- Web App and API Attacks
Surge 257% in Financial Services. (to
the original material)
- Coalition of Human
Rights, LGBTQ+ Organizations Tell Congress to Oppose the
Kids Online Safety Act. (to
the original material)
- From Camera Towers to Spy
Blimps, Border Researchers Now Can Use 65+ Open-licensed
Images of Surveillance Tech from EFF. (to
the original material)
28.11.2022
- News
from cyber security.
- CISA Adds Two Known
Exploited Vulnerabilities to Catalog. (to
the original material)
- Red Alert: The SFPD (San
Francisco Police Department) want the power to kill with
robots. (to
the original material)
- Is Elon Begging Us to
Look for Twitter Alternatives? The Silver Lining of
Twitter’s Deepening Woes. (to
the original material)
- What I Learned About
Privacy Laws in the US. (to
the original material)
- 7 free cybersecurity
resources you need to bookmark. (to
the original material)
- Many Global 2000
companies lack proper domain security. (to
the original material)
- Acer fixes UEFI bugs that
can be used to disable Secure Boot. (to
the original material)
- Malicious Android app
found powering account creation service. (to
the original material)
- TikTok ‘Invisible Body’
challenge exploited to push malware. (to
the original material)
- Cyber Monday deal: Get
50% off Malwarebytes Premium, Privacy VPN. (to
the original material)
- Meta fined €265M for not
protecting Facebook users' data from scrapers. (to
the original material)
- The Cyber Monday 2022
Security, IT, VPN, & Antivirus Deals. (to
the original material)
- US bans sales of Huawei,
Hikvision, ZTE, and Dahua equipment. (to
the original material)
- Meta Fined by Irish
Privacy Regulator for GDPR Violations. (to
the original material)
- Indiana Health Entity
Reports Breach Involving Tracking Code. (to
the original material)
- UK Online Safety Bill
Harms Privacy & Security, Experts Say. (to
the original material)
- Greater Toronto School
Offline Following 'Cyber Incident'. (to
the original material)
- Cybercrime Forum Dumps
Stolen Details on 5.4M Twitter Users. (to
the original material)
- Addressing the Shortage
of Medical Device Cyber Talent. (to
the original material)
- Attackers target
vulnerable financial customers, rather than the institutions
themselves. (to
the original material)
- Trend Micro’s Cloud
Sentry promises increased visibility into cloud
environments. (to
the original material)
- The top five risks
mitigated by network and security convergence. (to
the original material)
- A flaw in some Acer
laptops can be used to bypass security features. (to
the original material)
- Experts found a
vulnerability in AWS AppSync. (to
the original material)
- RansomBoggs Ransomware
hit several Ukrainian entities, experts attribute it to
Russia. (to
the original material)
- RansomBoggs: New
ransomware targeting Ukraine. (to
the original material)
- Researchers Detail
AppSync Cross-Tenant Vulnerability in Amazon Web Services. (to
the original material)
- The 5 Cornerstones for an
Effective Cyber Security Awareness Training. (to
the original material)
- Over a Dozen New BMC
Firmware Flaws Expose OT and IoT Devices to Remote Attacks.
(to
the original material)
- Elon Musk Confirms
Twitter 2.0 will Bring End-to-End Encryption to Direct
Messages. (to
the original material)
- Elon Musk Unveils
End-to-End Encrypted DMs For Twitter 2.0. (to
the original material)
- Phishing Campaign
Impersonating UAE Ministry of Human Resources Grows. (to
the original material)
- Millions of Twitter
Accounts Potentially Compromised. (to
the original material)
- Orange Cyberdefense
Unveils Its Security Navigator With OT Hacking Demos. (to
the original material)
- Belgian Police Under Fire
After Major Ransomware Leak. (to
the original material)
- Russian Sandworm Hackers
Linked to New Ransomware Blitz. (to
the original material)
- African Police Bust $800K
Fraud Schemes. (to
the original material)
27.11.2022
- News
from cyber security.
- Week in review: 5 free
CISA resources, surviving a DDoS attack, Google to make
Cobalt Strike useless. (to
the original material)
- 5.4 million Twitter
users' stolen data leaked online - more shared privately. (to
the original material)
- Security Affairs
newsletter Round 395. (to
the original material)
- US FCC bans the import of
electronic equipment from Chinese firms. (to
the original material)
26.11.2022
- News
from cyber security.
- Ransomware gang targets
Belgian municipality, hits police instead. (to
the original material)
- SharkBot Trojan Spread
Via Android File Manager Apps. (to
the original material)
- Data from 5.4M Twitter
users obtained from multiple threat actors and combined with
data from other breaches. (to
the original material)
- Devices from Dell, HP,
and Lenovo used outdated OpenSSL versions. (to
the original material)
- All You Need to Know
About Emotet in 2022. (to
the original material)
- U.S. Bans Chinese Telecom
Equipment and Surveillance Cameras Over National Security
Risk. (to
the original material)
- Russia-based RansomBoggs
Ransomware Targeted Several Ukrainian Organizations. (to
the original material)
25.11.2022
- News
from cyber security.
- All you need to know
about SASE and SSE but never dared ask [Q&A]. (to
the original material)
- Crypto, really. Part III:
cryptocurrency politics, and the future. (to
the original material)
- New infosec products of
the week: November 25, 2022. (to
the original material)
- 5 cybersecurity
predictions for 2023. (to
the original material)
- New ransomware attacks in
Ukraine linked to Russian Sandworm hackers. (to
the original material)
- Vice Society ransomware
claims attack on Cincinnati State college. (to
the original material)
- Google pushes emergency
Chrome update to fix 8th zero-day in 2022. (to
the original material)
- Cyber Resilience
Minimizes Risks for Digital Services. (to
the original material)
- ISMG Editors: The Rise of
Info Stealing Malware. (to
the original material)
- Ontario Teachers’ Data
Stolen in Ransomware Attack. (to
the original material)
- Cybercrime Carnage:
Cryptocurrency-Targeting Attacks Abound. (to
the original material)
- Google fixed the eighth
actively exploited #Chrome #zeroday this year. (to
the original material)
- Experts investigate
WhatsApp data leak: 500M user records for sale. (to
the original material)
- An international police
operation dismantled the spoofing service iSpoof. (to
the original material)
- UK urges to disconnect
Chinese security cameras in government buildings. (to
the original material)
- Spyware posing as VPN
apps – Week in security with Tony Anscombe. (to
the original material)
- Know your payment
options: How to shop and pay safely this holiday season. (to
the original material)
- Update Chrome Browser Now
to Patch New Actively Exploited Zero-Day Flaw. (to
the original material)
- Dell, HP, and Lenovo
Devices Found Using Outdated OpenSSL Versions. (to
the original material)
- U.K. Police Arrest 142 in
Global Crackdown on 'iSpoof' Phone Spoofing Service. (to
the original material)
- Interpol Seized $130
Million from Cybercriminals in Global "HAECHI-III" Crackdown
Operation. (to
the original material)
- ConnectWise Fixes XSS
Vulnerability that Could Lead to Remote Code Execution. (to
the original material)
- Google Releases Chrome
Patch to Fix New Zero-Day Vulnerability. (to
the original material)
- Remote Code Execution
Vulnerability Found in Windows Internet Key Exchange. (to
the original material)
- Experts Warn Remote
Workers of Black Friday Security Threats. (to
the original material)
- Experts Find 1600+
Malicious Docker Hub Images. (to
the original material)
- Global Police Celebrate
$130m Cyber Busts. (to
the original material)
24.11.2022
- News
from cyber security.
- Cybersecurity news of the
week (24.11.2022). (to
the original material)
- Press release:
Cooperation agreement between the National Cyber Security
Directorate (DNSC) and the Information Technology and Cyber
Security Service (STISC) of the Republic of Moldova. (to
the original material)
- How to Stay Safe When
Shopping Online. (to
the original material)
- A Guide to Protecting
Your Social Media Privacy. (to
the original material)
- Shopping Alert! Top US
Black Friday Deals to Look Out For in 2022. (to
the original material)
- Red, purple and blue -
security teams keeping the hackers at bay. (to
the original material)
- Distributed Denial of
Service attack: Prevention and best practices. (to
the original material)
- Encrypted attacks breach
70 percent of organizations. (to
the original material)
- Google Translate for
phishing. (to
the original material)
- The emergence of zero
trust consumers. (to
the original material)
- Docker Hub repositories
hide over 1,650 malicious containers. (to
the original material)
- Interpol seized $130
million from cybercriminals worldwide. (to
the original material)
- Hackers modify popular
OpenVPN Android app to include spyware. (to
the original material)
- U.S. govt seizes domains
used in 'pig butchering' scams. (to
the original material)
- 'iSpoof' service
dismantled, main operator and 145 users arrested. (to
the original material)
- Cyber-Mercenaries Target
Android Users with Fake VPN Apps. (to
the original material)
- Lorenz Ransomware Alert:
Risk to Healthcare, Public Sector. (to
the original material)
- Ransomware Group
Zeppelin's Costly Encryption Mistake. (to
the original material)
- Zeppelin Ransomware
Proceeds Punctured by Crypto Workaround. (to
the original material)
- RansomExx Ransomware
upgrades to Rust programming language. (to
the original material)
- An aggressive malware
campaign targets US-based companies with Qakbot to deliver
Black Basta Ransomware. (to
the original material)
- Threat actors exploit
discontinues Boa web servers to target critical
infrastructure. (to
the original material)
- 10 tips to avoid Black
Friday and Cyber Monday scams. (to
the original material)
- New RansomExx Ransomware
Variant Rewritten in the Rust Programming Language. (to
the original material)
- Millions of Android
Devices Still Don't Have Patches for Mali GPU Flaws. (to
the original material)
- Boost Your Security with
Europe's Leading Bug Bounty Platform. (to
the original material)
- Bahamut Cyber Espionage
Hackers Targeting Android Users with Fake VPN Apps. (to
the original material)
- This Android File Manager
App Infected Thousands of Devices with SharkBot Malware. (to
the original material)
- Black Basta Ransomware
Gang Actively Infiltrating U.S. Companies with Qakbot
Malware. (to
the original material)
- Bahamut Spyware Group
Compromises Android Devices Via Fake VPN Apps, (to
the original material)
- SharkBot Malware Found in
Android File Manager Apps With Thousands of Downloads. (to
the original material)
- Sonder confirms data
breach, documents and other PII potentially compromised. (to
the original material)
- Cyber Essentials Scheme
Set for April 2023 Update. (to
the original material)
- UK Cops Lead Action
Against Fraud Site that Made £100m+. (to
the original material)
- Russian DDoS Briefly
Downs European Parliament Site. (to
the original material)
23.11.2022
- News
from cyber security.
- Cybersecurity Investments
in the EU: Is the Money Enough to Meet the New Cybersecurity
Standards? (to
the original material)
- Experts Condemn The UK
Online Safety Bill As Harmful To Privacy And Encryption. (to
the original material)
- Top Prosecutors in CA, NY
and DC Are Speaking Up For End-to-End Encryption. (to
the original material)
- New Wave of SocGholish
cid=27x Injections. (to
the original material)
- How to build a security
operations center from the ground up. (to
the original material)
- The challenges of
modernizing enterprise API infrastructure [Q&A]. (to
the original material)
- Why banning payments is
not the solution to the ransomware epidemic. (to
the original material)
- A flaw in ConnectWise
Control spurred the company to make life harder for
scammers. (to
the original material)
- Fake subscription
invoices lead to corporate data theft and extortion. (to
the original material)
- Here’s how to make sure
your incident response strategy is ready for holiday
hackers. (to
the original material)
- Threat actors extend
attack techniques to new enterprise apps and services. (to
the original material)
- Get 50% off Emsisoft
Anti-Malware Home through Cyber Monday. (to
the original material)
- Meta links U.S. military
with covert Facebook influence operation. (to
the original material)
- Fake MSI Afterburner
targets Windows gamers with miners, info-stealers. (to
the original material)
- Pro-Russian hacktivists
take down EU Parliament site in DDoS attack. (to
the original material)
- Mali GPU ‘patch gap’
leaves Android users vulnerable to attacks. (to
the original material)
- Backdoored Chrome
extension installed by 200,000 Roblox players. (to
the original material)
- Russian cybergangs stole
over 50 million passwords this year. (to
the original material)
- Ducktail hackers now use
WhatsApp to phish for Facebook Ad accounts. (to
the original material)
- Tata Power Attack Linked
to Bug in Nearly 20-Year-Old Server. (to
the original material)
- Russian Hackers Now
Offering Stealer as a Service. (to
the original material)
- Russian KillNet Shuts
Down EU Parliament Website With DDoS. (to
the original material)
- DOJ Closes Pig-Butchering
Domains Tied to Crypto Scams. (to
the original material)
- Healthcare Data Breaches
Doubled in 3 Years: Here's Why. (to
the original material)
- AxLocker Ransomware Adds
a Twist: Stealing Discord Tokens. (to
the original material)
- Black Basta Using QBot
Malware to Target US-Based Companies. (to
the original material)
- US Army Banks on Cyber
Defense Based on Zero Trust - Part 2. (to
the original material)
- Beating Clever Phishing
Through Strong Authentication. (to
the original material)
- Black Basta ransomware
group targeting US companies with QakBot malware. (to
the original material)
- Security leaders need to
look beyond ‘retention’. (to
the original material)
- How to keep CISOs focused
on moving the business forward. (to
the original material)
- Pro-Russian group Killnet
claims responsibility for DDoS attack that has taken down
the European Parliament site. (to
the original material)
- Ducktail information
stealer continues to evolve. (to
the original material)
- Experts claim that
iPhone’s analytics data is not anonymous. (to
the original material)
- Microsoft releases
out-of-band update to fix Kerberos auth issues caused by a
patch for CVE-2022-37966. (to
the original material)
- Exclusive – Quantum
Locker lands in the Cloud. (to
the original material)
- 10 Common Cyber Security
Mistakes and How to Avoid Them. (to
the original material)
- Bahamut cybermercenary
group targets Android users with fake VPN apps. (to
the original material)
- 34 Russian Cybercrime
Groups Stole Over 50 Million Passwords with Stealer Malware.
(to
the original material)
- Ducktail Malware
Operation Evolves with New Malicious Capabilities. (to
the original material)
- Top Cyber Threats Facing
E-Commerce Sites This Holiday Season. (to
the original material)
- Hackers Exploiting
Abandoned Boa Web Servers to Target Critical Industries. (to
the original material)
- Meta Takes Down Fake
Facebook and Instagram Accounts Linked to Pro-U.S. Influence
Operation. (to
the original material)
- Nighthawk Likely to
Become Hackers' New Post-Exploitation Tool After Cobalt
Strike. (to
the original material)
- Panaseer Launches
Guidance on Security Controls Ahead of EU's New Legislation.
(to
the original material)
- CISA Updates Guidelines
to Increase Resilience of Infrastructure Planning. (to
the original material)
- Meta Removes Pro-US
Accounts in Middle East and Central Asia. (to
the original material)
- Qakbot Infections Linked
to Black Basta Ransomware Campaign. (to
the original material)
- Yanluowang Ransomware's
Russian Links Laid Bare. (to
the original material)
- UK Privacy Tsar Defends
Controversial Enforcement Strategy. (to
the original material)
- Dozens of Russian Groups
Steal 50 Million User Passwords. (to
the original material)
22.11.2022
- News
from cyber security.
- CISA Releases Eight
Industrial Control Systems Advisories. (to
the original material)
- EFF to Fifth Circuit: The
First Amendment Protects the Right to Make Jokes on Social
Media. (to
the original material)
- See What We Accomplished
Together in EFF's 2021 Annual Report. (to
the original material)
- WP-CLI: How to Install
WordPress via SSH. (to
the original material)
- It's time for better data
protection: Why the 3-2-1 rule isn't enough. (to
the original material)
- Cyberattacks cost
enterprises $1,200 per employee per year. (to
the original material)
- Microsoft is adding a
handy VPN indicator to the Windows 11 taskbar. (to
the original material)
- How to create a cyber
immune system? (to
the original material)
- Cyber risk focus areas
for portfolio companies. (to
the original material)
- 90% of organizations have
Microsoft 365 security gaps. (to
the original material)
- Donut extortion group
also targets victims with ransomware. (to
the original material)
- Hackers breach energy
orgs via bugs in discontinued web server. (to
the original material)
- Android file manager apps
infect thousands with Sharkbot malware. (to
the original material)
- AGs Urge Apple to Tighten
Health Privacy, Security in Apps. (to
the original material)
- Broadcom-VMware Merger
Faces European Regulatory Hurdles. (to
the original material)
- LockBit 3.0 Says It's
Holding a Canadian City for Ransom. (to
the original material)
- Authorized Payment Scams:
Why Banks Are So Slow to Respond. (to
the original material)
- Australian Children's
Charity Breach Affects 80,000 Donors. (to
the original material)
- Digital Army 2030:
Modernizing Technology at Scale - Part 1. (to
the original material)
- IT pros concerned of
successful attacks on their organizations in next 12 months.
(to
the original material)
- Five ways security
leaders can prepare for economic uncertainty. (to
the original material)
- 5 API Vulnerabilities
That Get Exploited by Criminals. (to
the original material)
- Researcher warns that
Cisco Secure Email Gateways can easily be circumvented. (to
the original material)
- Aurora Stealer Malware is
becoming a prominent threat in the cybercrime ecosystem. (to
the original material)
- Two Estonian citizens
arrested in $575M cryptocurrency fraud scheme. (to
the original material)
- Emotet is back and
delivers payloads like IcedID and Bumblebee. (to
the original material)
- Security fatigue is real:
Here’s how to overcome it. (to
the original material)
- This Malware Installs
Malicious Browser Extensions to Steal Users' Passwords and
Cryptos. (to
the original material)
- Researchers Warn of Cyber
Criminals Using Go-based Aurora Stealer Malware. (to
the original material)
- Here's How to Ensure Your
Incident Response Strategy is Ready for Holiday Hackers. (to
the original material)
- Luna Moth Gang Invests in
Call Centers to Target Businesses with Callback Phishing
Campaigns. (to
the original material)
- U.S. Authorities Seize
Domains Used in 'Pig butchering' Cryptocurrency Scams. (to
the original material)
- Ducktail Hacker Group
Evolves, Targets Facebook Business Accounts. (to
the original material)
- US Takes Down Domains
Used in 'Pig Butchering' Cryptocurrency Scheme. (to
the original material)
- Firms Spend $1197 Per
Employee Yearly to Address Cyber-Attacks. (to
the original material)
- Estonian Duo Arrested for
Masterminding $575m Ponzi Scheme. (to
the original material)
- Experts Warn Threat
Actors May Abuse Red Team Tool Nighthawk. (to
the original material)
- Credential Stuffers Steal
$300K from DraftKings Customers. (to
the original material)
21.11.2022
- News
from cyber security.
- Vulnerability Summary for
the Week of November 14, 2022. (to
the original material)
- EFF, Coalition of
California Privacy Advocates Caution Against Weakening CA
Privacy Rights. (to
the original material)
- EFF Files Comments on the
FTC’s Commercial Surveillance Rulemaking. (to
the original material)
- VICTORY! Congress Sends
the Safe Connections Act to the President’s Desk. (to
the original material)
- Monetization, Not Human
Rights or Vulnerable Communities, Matter Most at Twitter
Under Musk. (to
the original material)
- Documents Show DOJ’s
Multi-Pronged Effort to Undermine Section 230. (to
the original material)
- Rise of security
champions: Application development's long-awaited evolution.
(to
the original material)
- How to choose the safest
data center [Q&A]. (to
the original material)
- Rules for safe online
shopping. (to
the original material)
- How AppSec will be
shifted left. (to
the original material)
- Threat predictions for
2023 from Barracuda’s security frontline. (to
the original material)
- Google seeks to make
Cobalt Strike useless to attackers. (to
the original material)
- 5 free resources from the
Cybersecurity and Infrastructure Security Agency (CISA). (to
the original material)
- The pros and cons of
using open-source Kubernetes security software. (to
the original material)
- Two Estonians arrested
for running $575M crypto Ponzi scheme. (to
the original material)
- Aurora infostealer
malware increasingly adopted by cybergangs. (to
the original material)
- Attackers bypass Coinbase
and MetaMask 2FA via TeamViewer, fake support chat. (to
the original material)
- Hackers steal $300,000 in
DraftKings credential stuffing attack. (to
the original material)
- Google Chrome extension
used to steal cryptocurrency, passwords. (to
the original material)
- Google releases 165 YARA
rules to detect Cobalt Strike attacks. (to
the original material)
- Apps with over 3 million
installs leak 'Admin' search API keys. (to
the original material)
- RSA CEO Rohit Ghai on
Authenticating Users to Mobile Devices. (to
the original material)
- 5 Hospital Workers
Charged with Selling Patient Information. (to
the original material)
- Chinese APT Using Google
Drive, Dropbox to Drop Malware. (to
the original material)
- Central Depository Attack
Delays Trade Settlement in India. (to
the original material)
- Amazon to Shut Down
Controversial Encrypted Messaging App. (to
the original material)
- Covering Data Breaches in
an Ethical Way. (to
the original material)
- Callback phishing
campaign targets legal and retail sectors. (to
the original material)
- IT pros struggle to hire,
train staff to implement multi-cloud architecture. (to
the original material)
- How to tune out AppSec
noise through DAST (Dynamic Application Security Testing). (to
the original material)
- Why are CISOs resigning?
(to
the original material)
- Expert published PoC
exploit code for macOS sandbox escape flaw. (to
the original material)
- Google won a lawsuit
against the Glupteba botnet operators. (to
the original material)
- Google provides rules to
detect tens of cracked versions of Cobalt Strike. (to
the original material)
- Octocrypt, Alice, and
AXLocker Ransomware, new threats in the wild. (to
the original material)
- Daixin Ransomware Gang
Steals 5 Million AirAsia Passengers' and Employees' Data. (to
the original material)
- Notorious Emotet Malware
Returns With High-Volume Malspam Campaign. (to
the original material)
- Been Doing It The Same
Way For Years? Think Again. (to
the original material)
- Google Wins Lawsuit
Against Russians Linked to Blockchain-based Glupteba Botnet.
(to
the original material)
- Google Identifies 34
Cracked Versions of Popular Cobalt Strike Hacking Toolkit in
the Wild. (to
the original material)
- Google Wins Legal Battle
Against Glupteba Botnet. (to
the original material)
- Thousands of Algolia API
Keys Could Expose Users' Data. (to
the original material)
- Luna Moth Phishing
Extortion Campaign Targets Businesses in Multiple Sectors. (to
the original material)
- Private Equity Exposed by
Cyber-Hygiene Shortcomings. (to
the original material)
- New AXLocker Ransomware
Steals Victims' Discord Tokens. (to
the original material)
- Ten Charged in $11m
Healthcare BEC Plots. (to
the original material)
20.11.2022
- News
from cyber security.
- Week in review: 5 Kali
Linux tools, Spotify’s Backstage vulnerability, Cybertech
NYC 2022. (to
the original material)
- New ransomware encrypts
files, then steals your Discord account. (to
the original material)
- Donald Trump returns to
Twitter after Elon Musk's poll. (to
the original material)
- Remote code execution
found in cloud development toolkit Backstage. (to
the original material)
- Security Affairs
newsletter Round 394. (to
the original material)
- PoC exploit code for
ProxyNotShell Microsoft Exchange bugs released online. (to
the original material)
19.11.2022
- News
from cyber security.
- New attacks use Windows
security bypass zero-day to drop malware. (to
the original material)
- Simplifying cloud native
security for posture management and AppSec. (to
the original material)
- DEV-0569 group uses
Google Ads to distribute Royal Ransomware. (to
the original material)
- Black Friday and Cyber
Monday, crooks are already at work. (to
the original material)
- New improved versions of
LodaRAT spotted in the wild. (to
the original material)
- New attacks use Windows
security bypass zero-day to drop malware. (to
the original material)
- DOJ Charges 10 With BEC
Targeting Federal Health Program. (to
the original material)
- Cybersecurity Analysis of
the FTX Crypto Heist: Part Two. (to
the original material)
- Indian Government
Publishes Draft of Digital Personal Data Protection Bill
2022. (to
the original material)
- Microsoft Warns of
Hackers Using Google Ads to Distribute Royal Ransomware. (to
the original material)
- Chinese 'Mustang Panda'
Hackers Actively Targeting Governments Worldwide. (to
the original material)
- Atlassian Releases
Patches for Critical Flaws Affecting Crowd and Bitbucket
Products. (to
the original material)
18.11.2022
- News
from cyber security.
- Data security advice for
supporters traveling to Qatar for the World Cup. (to
the original material)
- Photos: Cybersecurity
marketers gather at Cyber Marketing Con 2022. (to
the original material)
- New infosec products of
the week: November 18, 2022. (to
the original material)
- ODD Platform: Open-source
data discovery and observability. (to
the original material)
- PCI SSC publishes new
standard for mobile payment acceptance solutions. (to
the original material)
- Transportation sector
targeted by both ransomware and APTs. (to
the original material)
- The Week in Ransomware -
November 18th 2022 - Rising Operations. (to
the original material)
- Exploit released for
actively abused ProxyNotShell Exchange bug. (to
the original material)
- Researchers secretly
helped decrypt Zeppelin ransomware for 2 years. (to
the original material)
- US charges BEC suspects
with targeting federal health care programs. (to
the original material)
- Chinese hackers use
Google Drive to drop malware on govt networks. (to
the original material)
- Google Search results
poisoned with torrent sites via Data Studio. (to
the original material)
- Atlassian fixes critical
command injection bug in Bitbucket Server. (to
the original material)
- PCI Releases New Payment
Standards for Mobile Devices. (to
the original material)
- ID Agent's Amelia Paro on
Why Tech Alone Can't Protect Email. (to
the original material)
- Piedmont CISO on
Protecting Hospitals in the Age of COVID-19. (to
the original material)
- Feds Alert Healthcare,
Other Sectors of Growing Hive Threats. (to
the original material)
- Ransomware-as-a-Service
Market Now Highly Specialized. (to
the original material)
- Ransomware: Did Law
Enforcement Lose Ground Early On? (to
the original material)
- Cybersecurity Analysis of
the FTX Crypto Heist: Part 1. (to
the original material)
- With FTX's Collapse,
Cycle of Cryptocurrency Loss Continues. (to
the original material)
- Emotet’s return
underscores that some threat groups never go away for good.
(to
the original material)
- IT pros cite
configuration controls, management as top weaknesses of
cloud providers. (to
the original material)
- AI and open-source
intelligence can mitigate ransomware and cryptocurrency
risks. (to
the original material)
- Atlassian fixed 2
critical flaws in Crowd and Bitbucket products. (to
the original material)
- Hive Ransomware extorted
over $100M in ransom payments from over 1,300 companies. (to
the original material)
- Ongoing supply chain
attack targets Python developers with WASP Stealer. (to
the original material)
- China-based Fangxiao
group behind a long-running phishing campaign. (to
the original material)
- Leaving Twitter's Walled
Garden. (to
the original material)
- Cybercriminals looking to
score with World Cup scams. (to
the original material)
- Mining still a serious
threat to business. (to
the original material)
- 5 cybersecurity hygiene
best practices every MSP should follow. (to
the original material)
- Latest insights on APT
activity – Week in security with Tony Anscombe. (to
the original material)
- Tor vs. VPN: Which should
you choose? (to
the original material)
- Meta Reportedly Fires
Dozens of Employees for Hijacking Users' Facebook and
Instagram Accounts. (to
the original material)
- LodaRAT Malware
Resurfaces with New Variants Employing Updated
Functionalities. (to
the original material)
- Threat hunting with MITRE
ATT&CK and Wazuh. (to
the original material)
- Hive Ransomware Attackers
Extorted $100 Million from Over 1,300 Companies Worldwide. (to
the original material)
- W4SP Stealer Constantly
Targeting Python Developers in Ongoing Supply Chain Attack.
(to
the original material)
- CISA, NSA, ODNI Publish
Software Supply Chain Guidelines For Customers. (to
the original material)
- Shoppers Warned Stay
Alert this Black Friday as Hackers Renew Efforts. (to
the original material)
- Instagram Credential
Phishing Attacks Bypass Microsoft Email Security. (to
the original material)
- Emerging Threat Actor
DEV-0569 Expands Its Toolkit to Deliver Royal Ransomware. (to
the original material)
- Netflix Phishing Emails
Surge 78%. (to
the original material)
- Russian Duo Indicted Over
E-Book Piracy. (to
the original material)
- Hive Ransomware Has Made
$100m to Date. (to
the original material)
17.11.2022
- News
from cyber security.
- Cybersecurity news of the
week (11/17/2022). (to
the original material)
- CISA, NSA, and ODNI
Release Guidance for Customers on Securing the Software
Supply Chain. (to
the original material)
- #StopRansomware: Hive. (to
the original material)
- CISA Releases Two
Industrial Control Systems Advisories. (to
the original material)
- Top passwords used in RDP
brute-force attacks. (to
the original material)
- Open-source tool puts
machine learning dataset analysis at data scientists’
fingertips. (to
the original material)
- Phishing kit impersonates
well-known brands to target US shoppers. (to
the original material)
- Microsoft fixes Windows
Kerberos auth issues in emergency updates. (to
the original material)
- Previously unidentified
ARCrypter ransomware expands worldwide. (to
the original material)
- FBI: Hive ransomware
extorted $100M from over 1,300 victims. (to
the original material)
- QBot phishing abuses
Windows Control Panel EXE to infect devices. (to
the original material)
- F5 fixes two remote code
execution flaws in BIG-IP, BIG-IQ. (to
the original material)
- ESET rolls out new
consumer offerings to improve home security. (to
the original material)
- Microsoft urges devs to
migrate away from .NET Core 3.1 ASAP. (to
the original material)
- U.S. charges Russian
suspects with operating Z-Library e-Book site. (to
the original material)
- Australia Unveils Plan to
Counter Global Cybercrime Problem. (to
the original material)
- HHS Needs to Modernize
Its Cyber Approach: Watchdog Agency. (to
the original material)
- Discord Fined by French
CNIL for GDPR Violations. (to
the original material)
- Cyberwarfare's Role in
the Next National Defense Strategy. (to
the original material)
- Amazon Relational
Database Service exposing PII via cloud ‘snapshots’. (to
the original material)
- Over a third of
vulnerabilities reviewed by ethical hackers did not have a
CVE (Common Vulnerabilities and Exposures). (to
the original material)
- How to determine if your
IT environment is ready for SASE. (to
the original material)
- Carmakers must start
taking cybersecurity more seriously. (to
the original material)
- Two public schools in
Michigan hit by a ransomware attack. (to
the original material)
- Magento and Adobe
Commerce websites under attack. (to
the original material)
- Tank, the leader of the
Zeus cybercrime gang, was arrested by the Swiss police. (to
the original material)
- Iran-linked threat actors
compromise US Federal Network. (to
the original material)
- KOSA (Kids Online Safety
Act) Would Let the Government Control What Young People See
Online. (to
the original material)
- EFF's Atlas of
Surveillance Database Now Documents 10,000+ Police Tech
Programs. (to
the original material)
- Should We Be Worried
About Doorstep Surveillance – How Surveillance Is Changing
Us & Society. (to
the original material)
- How to Fix the “This Site
May Harm Your Computer” Warning. (to
the original material)
- Better governance is
crucial to getting value from data. (to
the original material)
- The rise of cloud
marketplaces. (to
the original material)
- New webinar: A look back
at high-impact vulnerabilities from 2022. (to
the original material)
- Chinese Hackers Using
42,000 Imposter Domains in Massive Phishing Attack Campaign.
(to
the original material)
- FBI-Wanted Leader of the
Notorious Zeus Botnet Gang Arrested in Geneva. (to
the original material)
- High Severity
Vulnerabilities Reported in F5 BIG-IP and BIG-IQ Devices. (to
the original material)
- Iranian Hackers
Compromised a U.S. Federal Agency's Network Using Log4Shell
Exploit. (to
the original material)
- North Korean Hackers
Targeting Europe and Latin America with Updated DTrack
Backdoor. (to
the original material)
- Zeus Botnet Suspected
Leader Arrested in Geneva. (to
the original material)
- Security Budget Cuts and
Recession Spark Worries Among IT Admins. (to
the original material)
- Hundreds of Amazon RDS
Snapshots Discovered Leaking Users' Data. (to
the original material)
- More Than Half of Black
Friday Spam Emails Are Scams. (to
the original material)
- Cybersecurity Industry
Must Maintain Public Faith in Technology, Says NCSC Founder.
(to
the original material)
- PCI Council Launches
Flexible Mobile Payments Standard. (to
the original material)
- US: Iranian Hackers
Breached Government with Log4Shell. (to
the original material)
- Chinese Spy Gets 20 Years
for Aviation Espionage Plot. (to
the original material)
16.11.2022
- News
from cyber security.
- Cisco Releases Security
Updates for Identity Services Engine. (to
the original material)
- Samba Releases Security
Updates. (to
the original material)
- Mozilla Releases Security
Updates for Multiple Products. (to
the original material)
- CISA and FBI Release
Advisory on Iranian Government-Sponsored APT Actors
Compromising Federal Network. (to
the original material)
- Electronics repair
technicians snoop on your data. (to
the original material)
- Cloud data protection
trends you need to be aware of. (to
the original material)
- 5 use cases with a
malware sandbox. (to
the original material)
- Updated RapperBot malware
targets game servers in DDoS attacks. (to
the original material)
- Suspected Zeus cybercrime
ring leader ‘Tank’ arrested by Swiss police. (to
the original material)
- Twitter source code
indicates end-to-end encrypted DMs are coming. (to
the original material)
- US govt: Iranian hackers
breached federal agency using Log4Shell exploit. (to
the original material)
- Magento stores targeted
in massive surge of TrojanOrders attacks. (to
the original material)
- Okta shares fix for issue
impacting Microsoft 365 SSO logins. (to
the original material)
- DuckDuckGo now lets all
Android users block trackers in their apps. (to
the original material)
- Misconfigured Server
Exposed PHI of 600,000 Inmates. (to
the original material)
- Iranian Hacker Group Uses
Log4Shell to Cryptojack US Agency. (to
the original material)
- Qatar's World Cup Apps
Pose Privacy Concerns. (to
the original material)
- Ransomware Attackers
Don't Take Holidays. (to
the original material)
- Arrest of Ukrainian in
Cybercrime Case Shows Patience Pays. (to
the original material)
- Simplifying
Implementation of a Zero Trust Architecture. (to
the original material)
- Managing Cyber Risk in a
Technology-Dependent World. (to
the original material)
- How to punch up your next
executive briefing quickly. (to
the original material)
- How security teams can
defend against BECs. (to
the original material)
- F5 fixed 2 high-severity
Remote Code Execution bugs in its products. (to
the original material)
- Lazarus APT uses DTrack
backdoor in attacks against LATAM and European orgs. (to
the original material)
- New RapperBot Campaign
targets game servers with DDoS attacks. (to
the original material)
- Beginning 2023 Google
plans to rollout the initial Privacy Sandbox Beta. (to
the original material)
- Is Mastodon Private and
Secure? Let’s Take a Look. (to
the original material)
- The Fediverse Could Be
Awesome (If We Don’t Screw It Up). (to
the original material)
- Companies caught off
guard by holiday and weekend ransomware attacks. (to
the original material)
- Gartner 2022 security
trend #5: Beyond Awareness. (to
the original material)
- Open banking: Tell me
what you buy, and I’ll tell you who you are. (to
the original material)
- Researchers Discover
Hundreds of Amazon RDS Instances Leaking Users' Personal
Data. (to
the original material)
- 7 Reasons to Choose an
MDR Provider. (to
the original material)
- Warning: New RapperBot
Campaign Aims to Launch DDoS Attacks at Game Servers. (to
the original material)
- Google to Roll Out
Privacy Sandbox Beta on Android 13 by Early 2023. (to
the original material)
- Android Privacy Sandbox
Beta to Roll Out By Early 2023. (to
the original material)
- Majority of Companies
Reduce Cybersecurity Staff Over Holidays. (to
the original material)
- Botnets, Trojans, DDoS
From Ukraine and Russia Have Increased Since Invasion. (to
the original material)
- State-Backed APT Group
Activity Continuing Apace. (to
the original material)
- Euro Authorities Warn
World Cup Fans Over Qatari Apps. (to
the original material)
- Most Neurodiverse Women
in Tech Feel Unsupported: Study. (to
the original material)
- LockBit Remains Most
Prolific Ransomware in Q3. (to
the original material)
15.11.2022
- News
from cyber security.
- CISA Releases One
Industrial Control Systems Advisory. (to
the original material)
- SSVC: Prioritization of
vulnerability remediation according to CISA. (to
the original material)
- As trust in online spaces
degrades, Canada bolsters resilience against cyber attacks.
(to
the original material)
- Critical vulnerability in
Spotify’s Backstage discovered, patched. (to
the original material)
- Top enterprise email
threats and how to counter them. (to
the original material)
- North Korean hackers
target European orgs with updated malware. (to
the original material)
- Google to roll out
Privacy Sandbox on Android 13 starting early 2023. (to
the original material)
- Researchers release
exploit details for Backstage pre-auth RCE bug. (to
the original material)
- MFA Fatigue attacks are
putting your organization at risk. (to
the original material)
- Chinese hackers target
government agencies and defense orgs. (to
the original material)
- US FTC Delays Safeguards
Rule Deadlines by 6 Months. (to
the original material)
- FDA Updates Medical
Device Cyber Response Playbook. (to
the original material)
- Hospital CISO on Why
Hackers Pursue Research, Pediatric Data. (to
the original material)
- Twitter Two-Factor
Authentication Has a Vulnerability - Updated. (to
the original material)
- Pro-Moscow Nuisance
Hackers Claim DDoS Attack on FBI Website. (to
the original material)
- How Do Recent CISA
Directives Affect Private Firms? (to
the original material)
- Google to pay record
$391.5 million for misleading users on location tracking. (to
the original material)
- Most companies on Forbes
Global 2000 yet to adopt all domain security measures. (to
the original material)
- Many financial
institutions say their own IT staffs pose the biggest risk
to cloud security. (to
the original material)
- Three steps to build more
diverse cybersecurity teams. (to
the original material)
- Why passwordless can’t
eliminate passwords, but giving administrators the ability
to manage passwords better can. (to
the original material)
- Experts found critical
RCE in Spotify’s Backstage. (to
the original material)
- Experts revealed details
of critical SQLi and access issues in Zendesk Explore. (to
the original material)
- China-linked APT Billbug
breached a certificate authority in Asia. (to
the original material)
- Google to Pay a record
$391M fine for misleading users about the collection of
location data. (to
the original material)
- Previously undetected
Earth Longzhi APT group is a subgroup of APT41. (to
the original material)
- Avast details Worok
espionage group’s compromise chain. (to
the original material)
- New SocGholish Malware
Variant Uses Zip Compression & Evasive Techniques. (to
the original material)
- New data security
alliance aims to help enterprises beat cyberattacks. (to
the original material)
- The psychology of
building a resilient cybersecurity team. (to
the original material)
- ForgeRock launches
cloud-native identity solution for enterprises. (to
the original material)
- Prices down, miners up. (to
the original material)
- Better software security
this way comes. (to
the original material)
- Security compromises of
audio-video monitoring systems for children are on the rise:
here's how to stay safe. (to
the original material)
- Critical RCE Flaw
Reported in Spotify's Backstage Software Catalog and
Developer Platform. (to
the original material)
- PCspooF: New
Vulnerability Affects Networking Tech Used by Spacecraft and
Aircraft. (to
the original material)
- Researchers Reported
Critical SQLi and Access Flaws in Zendesk Analytics Service.
(to
the original material)
- Deep Packet Inspection
vs. Metadata Analysis of Network Detection & Response
(NDR) Solutions. (to
the original material)
- Researchers Say China
State-backed Hackers Breached a Digital Certificate
Authority. (to
the original material)
- Google to Pay $391
Million Privacy Fine for Secretly Tracking Users' Location.
(to
the original material)
- Billbug Targets
Government Agencies in Multiple Asian Countries. (to
the original material)
14.11.2022
- News
from cyber security.
- CISA Has Added One Known
Exploited Vulnerability to Catalog . (to
the original material)
- Vulnerability Summary for
the Week of November 7, 2022. (to
the original material)
- Russian hacktivists hit
Ukrainian orgs with ransomware – but no ransom demands. (to
the original material)
- Product showcase: ESET’s
newest consumer offerings. (to
the original material)
- 5 Kali Linux tools you
should learn how to use. (to
the original material)
- Unwanted emails steadily
creeping into inboxes. (to
the original material)
- Whoosh confirms data
breach after hackers sell 7.2M user records. (to
the original material)
- 42,000 sites used to trap
users in brand impersonation scheme. (to
the original material)
- Instagram, Facebook,
Twitter, YouTube suspended in Turkey after blast. (to
the original material)
- Russian Hackers Target
Ukraine With Malicious Encryption. (to
the original material)
- Anesthesiology Services
Firm Faces 5 Class Action Lawsuits. (to
the original material)
- 'Unauthorized
Transactions' Lead to Missing Funds at FTX. (to
the original material)
- SolarWinds CEO on How to
Secure the Software Build Process. (to
the original material)
- Graphus' Amelia Paro on
Why Phishing Has Exploded Since 2020. (to
the original material)
- LockBit Releases Thales
Group Documents. (to
the original material)
- Microsoft identifies
issues with Kerberos authentication on certain Windows
Servers. (to
the original material)
- Cloud security isn’t
guaranteed because a provider is well-known, expert says. (to
the original material)
- Insider threats accounted
for more than a third of unauthorized access incidents in
Q3. (to
the original material)
- Seven deadly sins hiding
in the company’s attack surface. (to
the original material)
- Massive Black hat SEO
campaign used +15K WordPress sites. (to
the original material)
- KmsdBot, a new evasive
bot for cryptomining activity and DDoS attacks. (to
the original material)
- CERT-UA warns of multiple
Somnia ransomware attacks against organizations in Ukraine.
(to
the original material)
- Have board directors any
liability for a cyberattack against their company? (to
the original material)
- ITRC Business Impact
Report: Good news for small biz. (to
the original material)
- ESET APT Activity Report
T2 2022. (to
the original material)
- New "Earth Longzhi" APT
Targets Ukraine and Asian Countries with Custom Cobalt
Strike Loaders. (to
the original material)
- Over 15,000 WordPress
Sites Compromised in Malicious SEO Campaign. (to
the original material)
- What is an External
Penetration Test? (to
the original material)
- New KmsdBot Malware
Hijacking Systems for Mining Crypto and Launch DDoS Attacks.
(to
the original material)
- Worok Hackers Abuse
Dropbox API to Exfiltrate Data via Backdoor Hidden in
Images. (to
the original material)
13.11.2022
- News
from cyber security.
- Week in review: Microsoft
fixes many zero-days, malicious droppers on Google Play,
IRISSCON 2022. (to
the original material)
- Ukraine says Russian
hacktivists use new Somnia ransomware. (to
the original material)
- Ukraine Police dismantled
a transnational fraud group that made €200 million per year.
(to
the original material)
- Lockbit gang leaked data
stolen from global high-tech giant Thales. (to
the original material)
12.11.2022
- News
from cyber security.
- New extortion scam
threatens to damage sites’ reputation, leak data. (to
the original material)
- Android phone owner
accidentally finds a way to bypass lock screen. (to
the original material)
- $1 billion of FTX
customer funds have vanished, Reuters reported. (to
the original material)
- Malicious app in the Play
Store spotted distributing Xenomorph Banking Trojan. (to
the original material)
- Canadian supermarket
chain giant Sobeys suffered a ransomware attack. (to
the original material)
- Containers: The ultimate
Trojan horse. (to
the original material)
11.11.2022
- News
from cyber security.
- Press release: The
European Parliament adopted new legislative rules to
strengthen the cyber resilience of the entire European Union
– NIS2 and DORA. (to
the original material)
- Cybersecurity Threats
Fast-Forward 2030: Fasten your Security-Belt Before the
Ride! (to
the original material)
- New infosec products of
the week: November 11, 2022. (to
the original material)
- API abuses and attacks
create new challenges for retailers. (to
the original material)
- The Week in Ransomware -
November 11th 2022 - LockBit feeling the heat. (to
the original material)
- Microsoft Defender
network protection generally available on iOS, Android. (to
the original material)
- Canadian food retail
giant Sobeys hit by Black Basta ransomware. (to
the original material)
- U.S. seized 18 web
domains used for recruiting money mules. (to
the original material)
- New BadBazaar Android
malware linked to Chinese cyberspies. (to
the original material)
- Microsoft confirms gaming
performance issues on Windows 11 22H2. (to
the original material)
- Royal Mail down: Tracking
unavailable as outage exceeds 24 hours. (to
the original material)
- Make Way for an Adaptive
Cybersecurity Ecosystem. (to
the original material)
- Ukrainian Cyber Police
Bust Fake Investing Ring. (to
the original material)
- Texas Hospital Says
Ransomware Breach Affected 500,000. (to
the original material)
- ISMG Editors: $3B Crypto
Seizure Shows Blockchain's Security. (to
the original material)
- Australia Blames Russian
Hackers for Medibank Hack. (to
the original material)
- Should Banks Be Held
Liable for Authorized Fraud? (to
the original material)
- Snow Software enhances
platform for greater visibility into containers, cloud
services. (to
the original material)
- Despite staff and
budgets, most firms say ‘lack of skills’ biggest threat
intel challenge. (to
the original material)
- VMDR: What it is, and how
it fits into cloud-native infrastructure and applications. (to
the original material)
- What is SASE? (to
the original material)
- Forrester: MDR, threat
hunting and cybersecurity as a service. (to
the original material)
- The state of ransomware
in state and local government. (to
the original material)
- The top six goals for
proactive cybersecurity. (to
the original material)
- An initial access broker
claims to have hacked Deutsche Bank. (to
the original material)
- Long-running surveillance
campaigns target Uyghurs with BadBazaar and MOONSHINE
spyware. (to
the original material)
- Man charged for role in
LockBit ransomware operation. (to
the original material)
- Researcher received a
$70k award for a Google Pixel lock screen bypass. (to
the original material)
- Russia-linked IRIDIUM APT
linked to Prestige ransomware attacks against Ukraine. (to
the original material)
- Cryptojacking malware
sees a 230 percent increase in 2022. (to
the original material)
- How fake data can help to
combat breaches [Q&A]. (to
the original material)
- Hackers prey on holiday
MFA fatigue. (to
the original material)
- Security challenges
facing SMBs – Week in security with Tony Anscombe. (to
the original material)
- FIFA World Cup 2022
scams: Beware of fake lotteries, ticket fraud and other
cons. (to
the original material)
- Black Friday Tips: How to
Protect Yourself from Cybercriminals. (to
the original material)
- Experts Uncover Two
Long-Running Android Spyware Campaigns Targeting Uyghurs. (to
the original material)
- Malicious Google Play
Store App Spotted Distributing Xenomorph Banking Trojan. (to
the original material)
- Multiple High-Severity
Flaws Affect Widely Used OpenLiteSpeed Web Server Software.
(to
the original material)
- Russian-Canadian National
Charged Over Involvement in LockBit Ransomware Attacks. (to
the original material)
- Microsoft Blames Russian
Hackers for Prestige Ransomware Attacks on Ukraine and
Poland. (to
the original material)
10.11.2022
- News
from cyber security.
- Press release: The
#SigurantaOnline digital education campaign has reached
schools. (to
the original material)
- Cybersecurity news of the
week (11/10/2022). (to
the original material)
- Completion of training
courses for certification within the project «Increasing the
capacity of the competent authorities in Romania DNSC and
RENAR according to the European Regulation on Cybersecurity
2019/881 (Cybersecurity Act)». (to
the original material)
- CISA Releases SSVC
Methodology to Prioritize Vulnerabilities. (to
the original material)
- Cisco Releases Security
Updates for Multiple Products. (to
the original material)
- CISA Releases Twenty
Industrial Control Systems Advisories. (to
the original material)
- CISA Updates Advisory on
Threat Actors Exploiting Multiple CVEs Against Zimbra
Collaboration Suite. (to
the original material)
- Security leaders want
consequences for insecure code. (to
the origina material)
- How ransomware gangs and
malware campaigns are changing. (to
the original material)
- Phishing drops IceXLoader
malware on thousands of home, corporate devices. (to
the original material)
- Microsoft fixes Windows
zero-day bug exploited to push malware. (to
the original material)
- US Health Dept warns of
Venus ransomware targeting healthcare orgs. (to
the original material)
- Russian military hackers
linked to ransomware attacks in Ukraine. (to
the original material)
- Worok hackers hide new
malware in PNGs using steganography. (to
the original material)
- Kaspersky to kill its VPN
service in Russia next week. (to
the original material)
- FBI warns scammers now
impersonate refund payment portals. (to
the original material)
- Ukraine arrests fraud
ring members who made €200 million per year. (to
the original material)
- Russian LockBit
ransomware operator arrested in Canada. (to
the original material)
- An $8 mess - Twitter Blue
'verified' accounts push crypto scams. (to
the original material)
- Accused LockBit
Ransomware Operator Arrested in Canada. (to
the original material)
- Federal Judge Skeptical
of Facebook in Patient Privacy Suit. (to
the original material)
- Twitter Ramps Up
Regulatory Exposure After Loss of CISO. (to
the original material)
- Exploring the
Consequences of Not Paying a Ransom. (to
the original material)
- Australia Faces
Consequences of Standing Up to Ransomware. (to
the original material)
- Nearly 80% of companies
in new survey have had to use their cyber insurance. (to
the original material)
- Three ways security teams
can foster open-source innovation. (to
the original material)
- Apple out-of-band patches
fix remote code execution bugs in iOS and macOS. (to
the original material)
- Researchers warn of
malicious packages on PyPI using steganography. (to
the original material)
- A bug in ABB Totalflow
flow computers exposed oil and gas companies to attack. (to
the original material)
- APT29 abused the Windows
Credential Roaming in an attack against a diplomatic entity.
(to
the original material)
- Lenovo warns of flaws
that can be used to bypass security features. (to
the original material)
- Top 12 Website Hardening
Tips. (to
the original material)
- SMB's security spending
is not keeping up with threats. (to
the original material)
- Cyber threat activity
continues to grow in Q3. (to
the original material)
- Threat intelligence
adoption grows but skills lag behind. (to
the original material)
- Email is the top vector
for cyberattacks. (to
the original material)
- Four out of 10 work
emails are unwanted. (to
the original material)
- Fake financial
regulators. (to
the original material)
- Toward the cutting edge:
SMBs contemplating enterprise security. (to
the original material)
- Warning: New Massive
Malicious Campaigns Targeting Top Indian Banks' Customers. (to
the original material)
- Hacker Rewarded $70,000
for Finding Way to Bypass Google Pixel Phones' Lock Screens.
(to
the original material)
- Researchers Uncover PyPI
Package Hiding Malicious Code Behind Image File. (to
the original material)
- Is Cybersecurity
Awareness Month Anything More Than PR? (to
the original material)
- Citrix Issues Patches for
Critical Flaw Affecting ADC and Gateway Products. (to
the original material)
- High-Severity Flaw
Reported in Critical System Used by Oil and Gas Companies. (to
the original material)
- Re-Focusing Cyber
Insurance with Security Validation. (to
the original material)
- New UEFI Firmware Flaws
Reported in Several Lenovo Notebook Models. (to
the original material)
09.11.2022
- News
from cyber security.
- Microsoft Releases
November 2022 Security Updates. (to
the original material)
- VMware Releases Security
Updates. (to
the original material)
- Citrix Releases Security
Updates for ADC and Gateway. (to
the original material)
- Threat Spotlight: Cyber
Criminal Adoption of IPFS (InterPlanetary File System) for
Phishing, Malware Campaigns. (to
the original material)
- 10 common security
mistakes and how to avoid them. (to
the original material)
- Security “sampling” puts
US federal agencies at risk. (to
the original material)
- 2022 Cloud Data Security
Report. (to
the original material)
- Experts observed Amadey
malware deploying LockBit 3.0 Ransomware. (to
the original material)
- Microsoft Patch Tuesday
updates fix 6 actively exploited zero-days. (to
the original material)
- VMware fixes three
critical flaws in Workspace ONE Assist. (to
the original material)
- New StrelaStealer malware
steals your Outlook, Thunderbird accounts. (to
the original material)
- Couple sentenced to
prison for trying to sell nuclear warship secrets. (to
the original material)
- New hacking group uses
custom 'Symatic' Cobalt Strike loaders. (to
the original material)
- 15,000 sites hacked for
massive Google SEO poisoning campaign. (to
the original material)
- Medibank warns customers
their data was leaked by ransomware gang. (to
the original material)
- Lenovo fixes flaws that
can be used to disable UEFI Secure Boot. (to
the original material)
- IT Army of Ukraine
Targets Russian Banks. (to
the original material)
- Could a Digital Red Cross
Protect Hospitals From Ransomware? (to
the original material)
- Microsoft Patches
ProxyNotShell Exchange Vulnerabilities. (to
the original material)
- The Role of Cybersecurity
in the Russia-Ukraine War. (to
the original material)
- The Riskiest Connected
Devices in Healthcare. (to
the original material)
- Security updates released
for critical bugs in VMware’s Workspace ONE Assist. (to
the original material)
- Malicious ‘Cloud9’ Chrome
extension operates like a remote access trojan. (to
the original material)
- Lacework adds new
analysis, scanning capabilities to its Polygraph Data
Platform. (to
the original material)
- How to address the gaps
with Open XDR sensors. (to
the original material)
- The Rise of the
Police-Advertiser. (to
the original material)
- Sacramento County
Resident Joins EFF Lawsuit After Illegal Sharing of His
Electricity Usage Data Makes Him a Target of Law
Enforcement. (to
the original material)
- APT29 Exploited a Windows
Feature to Compromise European Diplomatic Entity Network. (to
the original material)
- Several Cyber Attacks
Observed Leveraging IPFS Decentralized Network. (to
the original material)
- Experts Warn of Browser
Extensions Spying On Users via Cloud9 Chrome Botnet Network.
(to
the original material)
- Top 5 API Security Myths
That Are Crushing Your Business. (to
the original material)
- New IceXLoader Malware
Loader Variant Infected Thousands of Victims Worldwide. (to
the original material)
- VMware Warns of 3 New
Critical Flaws Affecting Workspace ONE Assist Software. (to
the original material)
- Install Latest Windows
Update ASAP! Patches Issued for 6 Actively Exploited
Zero-Days. (to
the original material)
- Only a quarter of
businesses have confidence ex-employees can no longer access
infrastructure. (to
the original material)
- Sensitive data and
digital transformation make public housing a prime target
for cyberthreats. (to
the original material)
08.11.2022
- News
from cyber security.
- CISA Adds Seven Known
Exploited Vulnerabilities to Catalog. (to
the original material)
- Emotet coming in hot. (to
the original material)
- Gartner 2022 security
trend #4: Distributing decisions. (to
the original material)
- Application security
finally getting its due. (to
the original material)
- Massive ois[.]is Black
Hat Redirect Malware Campaign. (to
the original material)
- 12 percent of employees
take IP with them when leaving a job. (to
the original material)
- Microsoft fixes many
zero-days under attack. (to
the original material)
- Malicious droppers on
Google Play deliver banking malware to victims. (to
the original material)
- How geopolitical turmoil
changed the cybersecurity threat landscape. (to
the original material)
- How micro-VMs can protect
your most vulnerable endpoints. (to
the original material)
- LockBit affiliate uses
Amadey Bot malware to deploy ransomware. (to
the original material)
- Malicious extension lets
attackers control Google Chrome remotely. (to
the original material)
- VMware fixes three
critical auth bypass bugs in remote access tool. (to
the original material)
- Microsoft fixes
ProxyNotShell Exchange zero-days exploited in attacks. (to
the original material)
- Microsoft November 2022
Patch Tuesday fixes 6 exploited zero-days, 68 flaws. (to
the original material)
- Citrix urges admins to
patch critical ADC, Gateway auth bypass. (to
the original material)
- Influencer 'Hushpuppi'
gets 11 years in prison for cyber fraud. (to
the original material)
- Enhance your privacy with
this second phone number app deal. (to
the original material)
- EU Complicit in Spread of
Advanced Spyware, Charges Veld. (to
the original material)
- Feds Warn of Iranian
Threats to Healthcare Sector. (to
the original material)
- China Likely Amasses
Zero-Days Via Vulnerability Disclosure Law. (to
the original material)
- Why Today's Cyber Defense
Requires Offensive Thinking. (to
the original material)
- Who Is Extorting
Australian Health Insurer Medibank? (to
the original material)
- Citrix ADC and Citrix
Gateway are affected by a critical authentication bypass
flaw. (to
the original material)
- SmokeLoader campaign
distributes new Laplas Clipper malware. (to
the original material)
- Medibank confirms
ransomware attack impacting 9.7M customers, but doesn’t pay
the ransom. (to
the original material)
- US DoJ seizes $3.36B
Bitcoin from Silk Road hacker. (to
the original material)
- Snowflake formalizes
integration with Streamlit, making it possible to build
cloud apps with Python. (to
the original material)
- Vast majority of SMBs are
concerned about a ransomware attack on their business. (to
the original material)
- The path to secure cloud
migration. (to
the original material)
- Six ways healthcare
organizations can improve connected device security. (to
the original material)
- The Filter Mandate Bill
Is a Privacy and Security Mess. (to
the original material)
- Politicians Still
Underestimate Smart Cars’ Threat to Privacy. (to
the original material)
- Amadey Bot Spotted
Deploying LockBit 3.0 Ransomware on Hacked Machines. (to
the original material)
- New Laplas Clipper
Malware Targeting Cryptocurrency Users via SmokeLoader. (to
the original material)
- U.S. Seizes Over 50K
Bitcoin Worth $3.3 Billion Linked to Silk Road Dark Web. (to
the original material)
- 5 Reasons to Consolidate
Your Tech Stack. (to
the original material)
- Thermal imaging attacks.
(to
the original material)
07.11.2022
- News
from cyber security.
- Blue OLEx 2022 tests the
Standard Operating Procedures of the EU CyCLONe (Cyber
Crisis Liaison Organisation Network Executives). (to
the original material)
- Vulnerability Summary for
the Week of October 31, 2022. (to
the original material)
- Why your phone is slow –
and how you can make it run faster. (to
the original material)
- Hacking baby monitors can
be child’s play: Here’s how to stay safe. (to
the original material)
- New platform aims to
tackle API security problems. (to
the original material)
- Medibank won’t pay the
ransom for data stolen in breach. (to
the original material)
- Phishing threats are
increasingly convincing and evasive. (to
the original material)
- Taking cybersecurity
investments to the next level. (to
the original material)
- False sense of safety
undermines good password hygiene. (to
the original material)
- Azov Ransomware is a
wiper, destroying data 666 bytes at a time. (to
the original material)
- U.S. unmasks hacker who
stole 50,000 bitcoins from Silk Road. (to
the original material)
- Maple Leaf Foods suffers
outage following weekend cyberattack. (to
the original material)
- Ransomware gang threatens
to release stolen Medibank data. (to
the original material)
- Feds Announce Silk Road
Cryptocurrency Haul. (to
the original material)
- Aveanna Healthcare Data
Breach Could Cost Firm More Than $1M. (to
the original material)
- FortiGuard Labs: 2023
Threat Landscape Insights. (to
the original material)
- Using Student Data for
Gambling Apps Is Bad, Says UK ICO. (to
the original material)
- Basics Will Block Most
Ransomware Hits, Says UK Cyber Chief. (to
the original material)
- Medibank Says No to
Paying Hacker's Extortion Demand. (to
the original material)
- ‘Justice Blade’ Hackers
are Targeting Saudi Arabia. (to
the original material)
- Robin Banks
phishing-as-a-service platform continues to evolve. (to
the original material)
- Water sector in the US
and Israel still unprepared to defeat cyber attacks. (to
the original material)
- UK NCSC govt agency is
scanning the Internet for flawed devices in the UK. (to
the original material)
- Abusing Microsoft
Dynamics 365 Customer Voice in phishing attacks. (to
the original material)
- FBI warns of politically
motivated hacktivist activity, DDoS attacks in alert. (to
the original material)
- Attacks on critical
infrastructure doubled in the past year, Microsoft says. (to
the original material)
- Checklist: A cloud
migration to-do list. (to
the original material)
- Embrace your role as a
security guide to earn a seat at the table. (to
the original material)
- Managing software risk in
the automotive software supply chain. (to
the original material)
- Turkey's New
Disinformation Law Spells Trouble For Free Expression. (to
the original material)
06.11.2022
- News
from cyber security.
- Week in review:
High-severity OpenSSL vulnerabilities fixed, Patch Tuesday
forecast. (to
the original material)
- LockBit 3.0 gang claims
to have stolen data from Kearney & Company. (to
the original material)
- A cyberattack blocked the
trains in Denmark. (to
the original material)
- Security Affairs
newsletter Round 392. (to
the original material)
- Quality or Quantity? Why
Server Count Doesn’t Matter As Much As You Think. (to
the original material)
05.11.2022
- News
from cyber security.
- How does security posture
management guard cloud environments? (to
the original material)
- Microsoft sued for
open-source piracy through GitHub Copilot. (to
the original material)
- Phishing-as-a-Service
Platform Offers MFA Bypass for $1,500. (to
the original material)
- 29 malicious PyPI
packages spotted delivering the W4SP Stealer. (to
the original material)
- Zero-day are exploited on
a massive scale in increasingly shorter timeframes. (to
the original material)
04.11.2022
- News
from cyber security.
- Ransomware rages on –
Week in security with Tony Anscombe. (to
the original material)
- Getting started with Zero
Trust Network Access. (to
the original material)
- How secure are your
privileged access employees? (to
the original material)
- Attackers leverage
Microsoft Dynamics 365 to phish users. (to
the original material)
- November 2022 Patch
Tuesday forecast: Wrapping up loose ends? (to
the original material)
- New infosec products of
the week: November 4, 2022. (to
the original material)
- FBI: Hacktivist DDoS
attacks had minor impact on critical orgs. (to
the original material)
- British govt is scanning
all Internet devices hosted in UK. (to
the original material)
- Robin Banks phishing
service returns to steal banking accounts. (to
the original material)
- As Twitter brings on $8
fee, phishing emails target verified accounts. (to
the original material)
- Sexual Assault, Abuse
Victims' Data at Risk in Australia. (to
the original material)
- Cyberattack at Boeing
Disrupts Flight Planning. (to
the original material)
- Vendor Hack Tied to 20
Anesthesiology Practice Breaches. (to
the original material)
- LockBit Claims Attack on
German Auto Parts Giant Continental. (to
the original material)
- ISMG Editors: How the
Ransomware Ecosystem Is Fracturing. (to
the original material)
- SolarWinds May Face SEC
Investigation Over Hack Disclosure. (to
the original material)
- RomCom RAT campaigns
abuses popular brands like KeePass and SolarWinds NPM. (to
the original material)
- The 10th edition of the
ENISA Threat Landscape (ETL) report is out! (to
the original material)
- Cisco addressed several
high-severity flaws in its products. (to
the original material)
- RomCom RAT targets
Ukraine and possibly English-speaking countries. (to
the original material)
- 5 use cases for MDR to
fight ransomware. (to
the original material)
- Sporting events are
irresistible targets for DDoS attacks. (to
the original material)
03.11.2022
- News
from cyber security.
- Cybersecurity news of the
week (03.11.2022). (to
the original material)
- Volatile Geopolitics
Shake the Trends of the 2022 Cybersecurity Threat Landscape.
(to
the original material)
- Cisco Releases Security
Updates for Multiple Products. (to
the original material)
- Apple Releases Security
Update for Xcode. (to
the original material)
- CISA Releases Three
Industrial Control Systems Advisories. (to
the original material)
- Businesses want
technologies that allow for passwordless workflows. (to
the original material)
- By breaking down
barriers, we can address the cybersecurity workforce gap. (to
the original material)
- Updated TikTok Privacy
Policy confirms that Chinese staff can access European
users’ data. (to
the original material)
- Fortinet fixed 16
vulnerabilities, 6 rated as high severity. (to
the original material)
- Real-Time Bidding is Bad
for Privacy and Promotes Disinformation. (to
the original material)
- Attack Surface Management
2022 Midyear Review Part 3. (to
the original material)
- The future starts now: 10
major challenges facing cybersecurity. (to
the original material)
- How to level up in
today’s IIoT threat landscape. (to
the original material)
- What Is Cross-Origin
Resource Sharing (CORS)? (to
the original material)
- The consequences of a
years-old SQLite vulnerability. (to
the original material)
- Vendor fraud techniques
used to bypass Office 365 security. (to
the original material)
- Automated threats
responsible for 62 percent of eCommerce security incidents.
(to
the original material)
- RomCom RAT malware
campaign impersonates KeePass, SolarWinds NPM, Veeam. (to
the original material)
- New Crimson Kingsnake
gang impersonates law firms in BEC attacks. (to
the original material)
- LockBit ransomware claims
attack on Continental automotive giant. (to
the original material)
- OPERA1ER hackers steal
over $11 million from banks and telcos. (to
the original material)
- ALMA Observatory shuts
down operations due to a cyberattack. (to
the original material)
- New clipboard hijacker
replaces crypto wallet addresses with lookalikes. (to
the original material)
- Black Basta ransomware
gang linked to the FIN7 hacking group. (to
the original material)
- Dropbox Data Breach
Another Multifactor Fail. (to
the original material)
- UK NCSC Says Friendly
Spooks Scanning British Internet. (to
the original material)
- Cybersecurity Is Patient
Safety, Says US Senator. (to
the original material)
- More State-Sponsored OT
Hacking To Come, Says ENISA. (to
the original material)
- Smooth 'Opera1er':
French-Speaking Gang Steals $11 Million. (to
the original material)
- Ransomware: 'To Pay or
Not to Pay' Question Faces Medibank. (to
the original material)
- LockBit ransomware gang
claims the hack of Continental automotive group. (to
the original material)
- 250+ U.S. news sites
spotted spreading FakeUpdates malware in a supply-chain
attack. (to
the original material)
- Experts link the Black
Basta ransomware operation to FIN7 cybercrime gang. (to
the original material)
- Password security still
an issue despite rising cybersecurity education. (to
the original material)
- Analysts track gift cards
to see how scammers use them in BEC attacks. (to
the original material)
- Everything You Need to
Know About Cyberattacks on US Hospitals. (to
the original material)
- Behind the Scenes
Exclusive: PIA’s 50 Servers in 50 States Campaign. (to
the original material)
02.11.2022
- News
from cyber security.
- 130 Dropbox code repos
plundered after successful phishing attack. (to
the original material)
- Group indicted for
breaching CPA, tax preparation firms via stolen credentials.
(to
the original material)
- 32% of cybersecurity
leaders considering quitting their jobs. (to
the original material)
- IDC Analyst Brief reveals
how passwords aren’t going away. (to
the original material)
- Hundreds of U.S. news
sites push malware in supply-chain attack. (to
the original material)
- Emotet botnet starts
blasting malware again after 5 month break. (to
the original material)
- Dozens of PyPI packages
caught dropping 'W4SP' info-stealing malware. (to
the original material)
- Vodafone Italy discloses
data breach after reseller hacked. (to
the original material)
- U.S. govt employees
exposed to mobile attacks from outdated Android, iOS. (to
the original material)
- Ransomware Attack
Disrupts Japanese Hospital for 2nd Day. (to
the original material)
- How 'Recognized Security
Practices' Fit with HIPAA Actions. (to
the original material)
- Oreo Maker Settles With
Insurer Over NotPetya Damages Claim. (to
the original material)
- Aaron's CISO On Forging
Strong C-Suite Relationships. (to
the original material)
- Strategies to Mitigate
Risk During Mergers and Acquisitions. (to
the original material)
- Government workers face
more phishing attacks on mobile devices. (to
the original material)
- Dropbox incident raises
questions about how much security pros can depend on MFA. (to
the original material)
- The new pillars of modern
security: workloads, identities, and data. (to
the original material)
- 4 Malicious apps on Play
Store totaled +1M downloads. (to
the original material)
- SandStrike, a previously
undocumented Android malware targets a Persian-speaking
religion minority. (to
the original material)
- Dropbox discloses
unauthorized access to 130 GitHub source code repositories.
(to
the original material)
- OpenSSL fixed two
high-severity vulnerabilities. (to
the original material)
- Barracuda XDR Insight:
Threat severity rises during vacation months. (to
the original material)
- The true cost of gaming.
(to
the original material)
- ID fraud levels still
high despite post-pandemic drop. (to
the original material)
01.11.2022
- News
from cyber security.
- OpenSSL Releases Security
Update. (to
the original material)
- CISA Upgrades to TLP 2.0.
(to
the original material)
- CISA Releases One
Industrial Control Systems Advisory. (to
the original material)
- High-severity OpenSSL
vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786). (to
the original material)
- What developers want and
how to keep them on your team. (to
the original material)
- Infosec products of the
month: October 2022. (to
the original material)
- Dropbox discloses breach
after hacker stole 130 GitHub repositories. (to
the original material)
- Malicious Android apps
with 1M+ installs found on Google Play. (to
the original material)
- OpenSSL fixes two high
severity vulnerabilities, what you need to know. (to
the original material)
- New SandStrike spyware
infects Android devices via malicious VPN app. (to
the original material)
- Microsoft fixes critical
RCE flaw affecting Azure Cosmos DB. (to
the original material)
- Google ad for GIMP.org
served info-stealing malware via lookalike site. (to
the original material)
- White House Ransomware
Confab Ends With Data Sharing Pledge. (to
the original material)
- Ransomware Attacks Pose
Biggest Threat to UK Organizations. (to
the original material)
- Healthcare Sector Urged
to Address OpenSSL Flaws. (to
the original material)
- Not Heartbleed: OpenSSL
Vulnerability Not 'Critical' Anymore. (to
the original material)
- The Rise of Online Scams,
Why New Security Tools Are Needed. (to
the original material)
- Should Australia's
Medibank Give in to Extortionists? (to
the original material)
- Zero trust and securing
the cloud take center stage at Cisco event. (to
the original material)
- Nearly one-third of
cybersecurity leaders have considered leaving their
organizations. (to
the original material)
- Modernizing data security
within DoD (Department of Defense) requires attribute-based
access control. (to
the original material)
- LockBit 3.0 gang claims
to have stolen data from Thales. (to
the original material)
- Experts warn of critical
RCE in ConnectWise Server Backup Solution. (to
the original material)
- Ransomware activity and
network access sales in Q3 2022. (to
the original material)
- Samsung Galaxy Store flaw
could have allowed installing malicious apps on target
devices. (to
the original material)
- Stop the Copyright Creep.
(to
the original material)
- Threat Advisory: High
Severity OpenSSL Vulnerabilities. (to
the original material)
- The Importance of Having
a Cyber Security Response Plan. (to
the original material)
- Black Friday & Cyber
Monday Ecommerce Security Threats. (to
the original material)
- 5 reasons to keep your
devices and their software up to date. (to
the original material)
- The spy who rented to me?
Throwing the spotlight on hidden cameras in Airbnbs. (to
the original material)
- Adopting IIoT, OT
security in 2022: Interconnectivity makes work easier and
security harder. (to
the original material)
Archive:
Click here to access CMS (Content Management System) in Joomla.
Source:
Note Dorin M.
This site has a double
form, one in HTML and one in Joomla (if you are interested
in the utility behind this effort you can read the "Why
a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
Dorin M - November 30,
2022