Study - Technical - LMS-SFC (EN) - Cyber Security - News
Cyber Security - News
Today and Yesterday, in cyber security news - March 2023
30.03.2023
- News from cyber security.
- The week's cybersecurity
news (30.03.2023). (to
the original material)
- Right of Boom: CISA
Region 3 Meets with Government Partners to Discuss Cyber
Incident Response. (to
the original material)
- Joint Statement on the
Strategic Dialogue on Cybersecurity of Civil Society Under
Threat of Transnational Repression. (to
the original material)
- CISA Adds Ten Known
Exploited Vulnerabilities to Catalog. (to
the original material)
- Supply Chain Attack
Against 3CXDesktopApp. (to
the original material)
- Hitachi Energy IEC 61850
MMS-Server. (to
the original material)
- CISA Releases One
Industrial Control Systems Advisory. (to
the original material)
29.03.2023
- News from cyber security.
- QNAP fixed Sudo privilege
escalation bug in NAS devices. (to
the original material)
- Australia’s Casino Giant
Crown Resorts disclosed data breach after Clop ransomware
attack. (to
the original material)
- OpenAI quickly fixed
account takeover bugs in ChatGPT. (to
the original material)
- Google TAG shares details
about exploit chains used to install commercial spyware. (to
the original material)
- Clipper attacks use
Trojanized TOR Browser installers. (to
the original material)
28.03.2023
- News from cyber security.
- Diagnose your SME’s
Cybersecurity and Scan for Recommendations. (to
the original material)
- SAFECOM Publishes Updated
SAFECOM Fact Sheet. (to
the original material)
- Apple Releases Security
Updates for Multiple Products. (to
the original material)
- Toyota Italy accidentally
leaked sensitive data. (to
the original material)
- Bitter APT group targets
China’s nuclear energy sector. (to
the original material)
- Latitude Data breach is
worse than initially estimated. 14 million individuals
impacted. (to
the original material)
- Europol warns of criminal
use of ChatGPT. (to
the original material)
- Telecom giant Lumen
suffered a ransomware attack and disclose a second incident.
(to
the original material)
27.03.2023
- News from cyber security.
- NCSWIC PTE Committee
Releases Hotwash (10-4) Comment Card. (to
the original material)
- Vulnerability Summary for
the Week of March 20, 2023. (to
the original material)
- Every Cloud Cybersecurity
Market has a Silver Lining. (to
the original material)
- Apple fixes recently
disclosed CVE-2023-23529 zero-day on older devices. (to
the original material)
- New MacStealer macOS
malware appears in the cybercrime underground. (to
the original material)
- Updates from the MaaS:
new threats delivered through NullMixer. (to
the original material)
- Technical analysis of
China-linked Earth Preta APT’s infection chain. (to
the original material)
- Malicious Python Package
uses Unicode support to evade detection. (to
the original material)
26.03.2023
- News from cyber security.
- OpenAI: A Redis bug
caused a recent ChatGPT data exposure incident. (to
the original material)
- Security Affairs
newsletter Round 412 by Pierluigi Paganini – International
edition. (to
the original material)
- Microsoft shares guidance
for investigating attacks exploiting CVE-2023-23397. (to
the original material)
- Vice Society claims
attack on Puerto Rico Aqueduct and Sewer Authority. (to
the original material)
25.03.2023
- News from cyber security.
- NCA (The UK National
Crime Agency) infiltrates the cybercriminal underground with
fake DDoS-for-hire sites. (to
the original material)
- Pwn2Own Vancouver 2023
awarded $1,035,000 and a Tesla for 27 0-days. (to
the original material)
24.03.2023
- News from cyber security.
- Critical vulnerabilities
affecting Android mobile devices. (to
the original material)
- CIRCIA at One Year: A
Look Behind the Scenes. (to
the original material)
- CISA announced the
Pre-Ransomware Notifications initiative. (to
the original material)
- China-linked hackers
target telecommunication providers in the Middle East. (to
the original material)
- City of Toronto is one of
the victims hacked by Clop gang using GoAnywhere zero-day. (to
the original material)
- Critical flaw in
WooCommerce Payments plugin allows site takeover. (to
the original material)
- Pwn2Own Vancouver 2023
Day 2: Microsoft Teams, Oracle VirtualBox, and Tesla hacked.
(to
the original material)
23.03.2023
- News from cyber security.
- Cybersecurity news of the
week (23.03.2023). (to
the original material)
- Getting Ahead of the
Ransomware Epidemic: CISA’s Pre-Ransomware Notifications
Help Organizations Stop Attacks Before Damage Occurs. (to
the original material)
- ProPump and Controls
Osprey Pump Controller. (to
the original material)
- ABB Pulsar Plus
Controller. (to
the original material)
- Cisco Releases Security
Advisories for Multiple Products. (to
the original material)
- Schneider Electric IGSS.
(to
the original material)
- Untitled Goose Tool Aids
Hunt and Incident Response in Azure, Azure Active Directory,
and Microsoft 365 Environments. (to
the original material)
- SAUTER EY-modulo 5
Building Automation Stations. (to
the original material)
- CP Plus KVMS Pro. (to
the original material)
- RoboDK. (to
the original material)
- CISA Releases Six
Industrial Control Systems Advisories. (to
the original material)
- JCDC Cultivates
Pre-Ransomware Notification Capability. (to
the original material)
- Experts published PoC
exploit code for Veeam Backup & Replication bug. (to
the original material)
- Cisco fixed multiple
severe vulnerabilities in its IOS and IOS XE software. (to
the original material)
- Nexus, an emerging
Android banking Trojan targets 450 financial apps. (to
the original material)
- Dole discloses data
breach after February ransomware attack. (to
the original material)
- Pwn2Own Vancouver 2023
Day 1: Windows 11 and Tesla hacked. (to
the original material)
22.03.2023
- News from cyber security.
- Lionsgate streaming
platform with 37m subscribers leaks user data. (to
the original material)
- Rogue ChatGPT extension
FakeGPT hijacked Facebook accounts. (to
the original material)
- Experts released PoC
exploits for severe flaws in Netgear Orbi routers. (to
the original material)
- ENISA: Ransomware became
a prominent threat against the transport sector in 2022. (to
the original material)
- BreachForums current
Admin Baphomet shuts down BreachForums. (to
the original material)
- Independent Living
Systems data breach impacts more than 4M individuals. (to
the original material)
21.03.2023
- News from cyber security.
- Understanding Cyber
Threats in Transport. (to
the original material)
- Readout from CISA’s Sixth
Cybersecurity Advisory Committee Meeting. (to
the original material)
- SAFECOM and NCSWIC
Develop Preparing for Technological Transformation in
Emergency Communications Centers. (to
the original material)
- Siemens SCALANCE
Third-Party. (to
the original material)
- Rockwell Automation
ThinManager. (to
the original material)
- VISAM VBASE Automation
Base. (to
the original material)
- Siemens RADIUS Client of
SIPROTEC 5 Devices. (to
the original material)
- CISA and NSA Release
Enduring Security Framework Guidance on Identity and Access
Management. (to
the original material)
- CISA Releases Updated
Cybersecurity Performance Goals. (to
the original material)
- Delta Electronics
InfraSuite Device Master. (to
the original material)
- Keysight N6845A
Geolocation Server. (to
the original material)
- CISA Releases Seven
Industrial Control Systems Advisories. (to
the original material)
- New Bad Magic APT used
CommonMagic framework in the area of Russo-Ukrainian
conflict. (to
the original material)
- New ShellBot bot targets
poorly managed Linux SSH Servers. (to
the original material)
- 2022 Zero-Day
exploitation continues at a worrisome pace. (to
the original material)
- Ferrari confirms data
breach after receiving a ransom demand from an unnamed
extortion group. (to
the original material)
- Crooks stole more than
$1.5M worth of Bitcoin from General Bytes ATMs. (to
the original material)
20.03.2023
- News from cyber security.
- Director Easterly
Announces New Members to Join CISA's Cybersecurity Advisory
Committee. (to
the original material)
- SAFECOM Publishes 2023
SAFECOM Strategic Plan. (to
the original material)
- SAFECOM Publishes 2022
SAFECOM Annual Summary. (to
the original material)
- Vulnerability Summary for
the Week of March 13, 2023. (to
the original material)
- Acropalypse flaw in
Google Pixel’s Markup tool allowed the recovery of edited
images. (to
the original material)
- Threat actors abuse Adobe
Acrobat Sign to distribute RedLine info-stealer. (to
the original material)
- Emotet is back after a
three-month hiatus. (to
the original material)
- Play ransomware gang hit
Dutch shipping firm Royal Dirkzwager. (to
the original material)
19.03.2023
- News from cyber security.
- Scroll through EU
Cybersecurity Certification. (to
the original material)
- Security Affairs
newsletter Round 411 by Pierluigi Paganini. (to
the original material)
- Lowe’s Market chain
leaves client data up for grabs. (to
the original material)
- NBA is warning fans of a
data breach after a third-party newsletter service hack. (to
the original material)
18.03.2023
- News from cyber security.
- Kaspersky released a new
decryptor for Conti-based ransomware. (to
the original material)
- US govt agencies released
a joint alert on the Lockbit 3.0 ransomware. (to
the original material)
- Feds arrested
Pompompurin, the alleged owner of BreachForums. (to
the original material)
17.03.2023
- News from cyber security.
- Drupal Releases Security
Advisory to Address Vulnerability in Drupal Core. (to
the original material)
- Hitachi Energy breached
by Clop gang through GoAnywhere Zero-Day exploitation. (to
the original material)
- HinataBot, a new Go-Based
DDoS botnet in the threat landscape. (to
the original material)
- Top 5 Insider Threats to
Look Out For in 2023. (to
the original material)
- China-linked APT likely
linked to Fortinet zero-day attacks. (to
the original material)
- Telegram, WhatsApp
Trojanized to Target Cryptocurrency Wallets. (to
the original material)
- Google Exposes 18
Zero-Day Flaws in Samsung Exynos Chips. (to
the original material)
- Pro-Russian Winter Vivern
APT Targets Governments and Telecom Firm. (to
the original material)
- ICO Reprimands
Metropolitan Police for Data Snafu. (to
the original material)
- Russian Military
Preparing New Destructive Attacks: Microsoft. (to
the original material)
- Vishing Campaign Targets
Social Security Administration. (to
the original material)
- SXSW 2023: Protecting
your digital identity in cyber warfare. (to
the original material)
- OWASP Top 10 API security
risks: 2023 update. (to
the original material)
- Two-Step Authentication:
App or SMS? (to
the original material)
- Free or paid cyber
security? What is the best option? (to
the original material)
- Banking turmoil opens
opportunities for fraud – Week in security with Tony
Anscombe. (to
the original material)
- SVB’s (Silicon Valley
Bank) collapse is a scammer’s dream: Don’t get caught out. (to
the original material)
- Threat Roundup for March
10 to March 17. (to
the original material)
- How Agentless Workloads
Improves Security Velocity. (to
the original material)
16.03.2023
- News from cyber security.
- Cybersecurity news of the
week (16.03.2023). (to
the original material)
- CISA Releases Eight
Industrial Control Systems Advisories. (to
the original material)
- Rockwell Automation
Modbus TCP AOI Server. (to
the original material)
- Honeywell OneWireless
Wireless Device Manager. (to
the original material)
- Siemens Mendix SAML
Module. (to
the original material)
- Siemens SCALANCE W1750D
Devices. (to
the original material)
- What Policymakers Need to
Know About the First Amendment and Section 230. (to
the original material)
- Government Hasn't
Justified a TikTok Ban. (to
the original material)
- Civil Society
Organizations Urge Ghana’s Parliament to Reject Repressive
Anti-LGBTQ+ Bill. (to
the original material)
- Unlimited Device
Connections Now on PIA VPN? Yes, Please! (to
the original material)
- Meta, WordPress and
Others Explore Mastodon: What Does This Mean for Privacy and
the fediverse? (to
the original material)
- Baseband RCE flaws in
Samsung’s Exynos chipsets expose devices to remote hack. (to
the original material)
- Microsoft sheds light on
a year of Russian hybrid warfare in Ukraine. (to
the original material)
- Polish intelligence
dismantled a network of Russian spies. (to
the original material)
- Multiple threat actors
exploited Progress Telerik bug to breach U.S. federal
agency. (to
the original material)
- CISA adds Adobe
ColdFusion bug to Known Exploited Vulnerabilities Catalog. (to
the original material)
- US Government IIS Server
Breached via Telerik Software Flaw. (to
the original material)
- ChipMixer Crypto
Laundromat Shut Down By German, US Authorities. (to
the original material)
- UK Joins US, Canada,
Others in Banning TikTok From Government Devices. (to
the original material)
- NCSC (National Cyber
Security Centre) Calms Fears Over ChatGPT Threat. (to
the original material)
- BEC Volumes Double on
Phishing Surge. (to
the original material)
- Chinese SilkLoader
Malware Sold to Russian Cyber-Criminals. (to
the original material)
- Amazon call scams are on
the rise — here’s what you need to know. (to
the original material)
- Copyright infringement
backlink scam. (to
the original material)
- What is a Headless CMS? (to
the original material)
- Cybersecurity Threat
Advisory: New phishing campaigns related to recent bank
failures. (to
the original material)
- Threat Spotlight: 3 novel
phishing tactics. (to
the original material)
- Beware of Smartwatch
Accessories: The Security Pitfalls of Smart Wearables.
(to
the original material)
- Not‑so‑private messaging:
Trojanized WhatsApp and Telegram apps go after
cryptocurrency wallets. (to
the original material)
- Vulnerability Spotlight:
Node-SQLite3 issue could lead to denial of service in Ghost
CMS. (to
the original material)
- Threat Source newsletter
(March 16, 2023) — A deep dive into Talos' work in Ukraine.
(to
the original material)
15.03.2023
- News from cyber security.
- ALERT: Critical
Vulnerability in Microsoft Outlook. (to
the original material)
- CISA Releases the Marine
Transportation System Resilience Assessment Guide. (to
the original material)
- We want YOU to Help
Defend the Nation from Cyberattacks. (to
the original material)
- The Aftermath of Ola
Bini’s Unanimous Acquittal by Ecuadorian Court. (to
the original material)
- Tell the UK’s House of
Lords: Protect End-to-End Encryption in the Online Safety
Bill. (to
the original material)
- Russia-linked APT29
abuses EU information exchange systems in recent attacks. (to
the original material)
- YoroTrooper APT group
targets CIS countries and embassies. (to
the original material)
- CrowdStrike discovered
the first-ever Dero cryptocurrency mining campaign. (to
the original material)
- Security Firm Rubrik
breached by Clop gang through GoAnywhere Zero-Day
exploitation. (to
the original material)
- Key aerospace player
Safran Group leaks sensitive data. (to
the original material)
- Tick APT Group Hacked
East Asian DLP Software Firm. (to
the original material)
- "FakeCalls" Android
Malware Targets Financial Firms in South Korea. (to
the original material)
- Humans Still More
Effective Than ChatGPT at Phishing. (to
the original material)
- UK Bank Limits Crypto
Payments to Smother Fraud. (to
the original material)
- Phishing Campaigns Use
SVB Collapse to Harvest Crypto. (to
the original material)
- Microsoft Patches Two
Zero Days This Month. (to
the original material)
- (Ab)using Adobe Acrobat
Sign to distribute malware. (to
the original material)
- Why you need to update
iOS and macOS ASAP. (to
the original material)
- Stay ahead of attackers
trying to capitalize on recent bank failures. (to
the original material)
14.03.2023
- News from cyber security.
- Digital Rights Updates
with EFFector 35.3. (to
the original material)
- ADC's New Argentina
Report Flags How ISPs Can Do More for Users’ Data Privacy. (to
the original material)
- What Does a VPN Hide? A
Lot, But Not Everything – PIA VPN. (to
the original material)
- LockBit Ransomware gang
claims to have stolen SpaceX confidential data from Maximum
Industries. (to
the original material)
- Microsoft Patch Tuesday
fix Outlook zero-day actively exploited. (to
the original material)
- Adobe fixed ColdFusion
flaw listed as under active exploit. (to
the original material)
- DEV-1101 AiTM phishing
kit is fueling large-scale phishing campaigns. (to
the original material)
- Advanced actor targets
Fortinet FortiOS in attacks on govt entities. (to
the original material)
- Dissecting the malicious
arsenal of the Makop ransomware gang. (to
the original material)
- YoroTrooper Espionage
Campaigns Target CIS, EU Countries. (to
the original material)
- DEV-1101 Updates Open
Source Phishing Kit. (to
the original material)
- CISA Creates New
Ransomware Vulnerability Warning Program. (to
the original material)
- LA Housing Authority
Suffers Year-Long Breach. (to
the original material)
- UK Crypto Firm Loses
$200m in Cyber-Attack. (to
the original material)
- MI5 Launches New Agency
to Tackle State-Backed Attacks. (to
the original material)
- Stalkerware has grown by
239% worldwide over the past three years. (to
the original material)
- How too-eager-to-please
new employees get scammed. (to
the original material)
- How to Find & Fix:
WordPress Pharma Hack. (to
the original material)
- The slow Tick‑ing time
bomb: Tick APT group compromise of a DLP software developer
in East Asia. (to
the original material)
- Microsoft Patch Tuesday
for March 2023 — Snort rules and prominent vulnerabilities.
(to
the original material)
13.03.2023
- News from cyber security.
- CISA Establishes
Ransomware Vulnerability Warning Pilot Program. (to
the original material)
- Vulnerability Summary for
the Week of March 6, 2023. (to
the original material)
- Even Rep. LaHood Likely
Can't Sue the NSA or FBI to Protect His Rights. (to
the original material)
- This Texas Bill Would
Systematically Silence Anyone Who Dares to Talk About
Abortion Pills. (to
the original material)
- Why We’re Suing to
Protect the Right of Incarcerated People to Receive Physical
Mail. (to
the original material)
- Golang-Based Botnet
GoBruteforcer targets web servers. (to
the original material)
- CISA adds Plex Media
Server bug, exploited in LastPass attack, to Known Exploited
Vulnerabilities Catalog. (to
the original material)
- Dark Pink APT targets
Govt entities in South Asia. (to
the original material)
- The risk of pasting
confidential company data into ChatGPT. (to
the original material)
- Remote Code Execution and
Camera Access Flaws Found in Smart Intercoms. (to
the original material)
- Dark Pink APT Group
Deploys KamiKakaBot Against South Asian Entities. (to
the original material)
- Infostealers Spread Via
AI-Generated YouTube Videos. (to
the original material)
- Unlocking the Benefits
and Trade-Offs of Agentless Cloud Security. (to
the original material)
- Final Three Sentenced in
£70m Money Laundering Case. (to
the original material)
- Investment Fraud is Now
Biggest Cybercrime Earner. (to
the original material)
- Blackbaud Settles $3m
Charge Over Ransomware Attack. (to
the original material)
- How to secure your smart
home. (to
the original material)
- What is cyber liability
insurance? (to
the original material)
- 5 signs that you have
fallen into the trap of a scam and what to do in this case.
(to
the original material)
- 5 signs you’ve fallen for
a scam – and what to do next. (to
the original material)
12.03.2023
- News from cyber security.
- Security Affairs
newsletter Round 410 by Pierluigi Paganini. (to
the o0riginal material)
- Acronis states that only
one customer’s account has been compromised. Much ado about
nothing. (to
the original material)
- Cisco fixed
CVE-2023-20049 DoS flaw affecting enterprise routers. (to
the original material)
11.03.2023
- News from cyber security.
- PlugX malware delivered
by exploiting flaws in Chinese programs. (to
the original material)
- Prometei botnet evolves
and infected +10,000 systems since November 2022. (to
the original material)
- CISA adds VMware’s Cloud
Foundation bug to Known Exploited Vulnerabilities Catalog. (to
the original material)
10.03.2023
- News from cyber security.
- DNSC tenders consulting
services in the field of public procurement for the
implementation of the measures of Component C7 of PNRR –
Digital transformation. (to
the original material)
- The Cost of Unsafe
Technology and What We Can Do About It. (to
the original material)
- BMW exposes data of
clients in Italy, experts warn. (to
the original material)
- Law enforcement seized
the website selling the NetWire RAT and arrested a Croatian
man. (to
the original material)
- Latest version of
Xenomorph Android malware targets 400 banks. (to
the original material)
- AT&T is notifying
millions of customers of data breach after a third-party
vendor hack. (to
the original material)
- Hadoken Security Group
Upgrades Xenomorph Mobile Malware. (to
the original material)
- White House Allocates
$3.1bn to Cybersecurity in New Budget. (to
the original material)
- IceFire Ransomware
Targets Linux Enterprise Networks. (to
the original material)
- FBI Warns of
Crypto-Stealing Play-to-Earn Games. (to
the original material)
- UK's New Privacy Bill
Could Mean More Work for Firms. (to
the original material)
- Global Cops Take Down
NetWire RAT. (to
the original material)
- How cybercriminals steal
funds from bank cards — and how to protect yourself from
such theft. (to
the original material)
- Secured.22: XDR,
SOC-as-a-Service, and the Log4J vulnerability. (to
the original material)
- City of Oakland
ransomware attack results in massive data breach. (to
the original material)
- The 5 most common scams
on WhatsApp and how to avoid them. (to
the original material)
- APT hackers set a
honeytrap to ensnare victims – Week in security with Tony
Anscombe. (to
the original material)
- Common WhatsApp scams and
how to avoid them. (to
the original material)
09.03.2023
- News from cyber security.
- Cybersecurity news of the
week (03/09/2023). (to
the original material)
- Unveiling the Telecom
Cybersecurity Challenges. (to
the original material)
- Under the Promise of
Early Success, CISA Expands its Beta Mobile App Vetting
Service. (to
the original material)
- CISA Releases Five
Industrial Control Systems Advisories. (to
the original material)
- Fortinet Releases March
2023 Vulnerability Advisories. (to
the original material)
- Cisco Releases Security
Advisory for IOS XR Software. (to
the original material)
- Hitachi Energy Relion
670, 650 and SAM600-IO Series. (to
the original material)
- Step Tools Third-Party. (to
the original material)
- B&R Systems
Diagnostics Manager. (to
the original material)
- ABB Ability Symphony
Plus. (to
the original material)
- Akuvox E11. (to
the original material)
- Akamai mitigated a
record-breaking DDoS attack that peaked 900Gbps. (to
the original material)
- SonicWall SMA appliance
infected by a custom malware allegedly developed by Chinese
hackers. (to
the original material)
- Recently discovered
IceFire Ransomware now also targets Linux systems. (to
the original material)
- 8220 Gang used new
ScrubCrypt crypter in recent cryptojacking attacks. (to
the original material)
- CloudBees flaws in
Jenkins server can lead to code execution. (to
the original material)
- Flipper Zero Devices
Being Seized by Brazil’s Telecom Agency. (to
the original material)
- Incarcerated Individuals
& Advocacy Groups Challenge California County’s Policy
of Digitizing and Destroying Jail Mail. (to
the original material)
- Utah's Governor Should
Veto "Social Media Regulations" Bill S.B. 152. (to
the original material)
- TikTok Bans Miss the
Point, But Are Still Great News for Privacy. (to
the original material)
- Remcos Trojan Returns to
Most Wanted Malware List After Ukraine Attacks. (to
the original material)
- 8220 Gang Behind
ScrubCrypt Attack Targeting Oracle Weblogic Server. (to
the original material)
- Acer Confirms
Unauthorized Access But Says No Consumer Data Stolen. (to
the original material)
- TikTok Initiates Project
Clover Amid European Data Security Concerns. (to
the original material)
- Understanding the Shared
Responsibility Model, Critical Step to Ensure Cloud
Security. (to
the original material)
- Tehran Targets Female
Activists in Espionage Campaign. (to
the original material)
- House Members at Risk
After Insurer Data Breach. (to
the original material)
- Fifth of Government
Workers Don't Care if Employer is Hacked. (to
the original material)
- Disable browser
synchronization in the office. (to
the original material)
- How to Know If You’re
Under DDoS Attack. (to
the original material)
- Cybercrime and gender
equality: Women comprise a surprisingly large share of
cybercriminals. (to
the original material)
- Update your cybersecurity
defense with IIJA (Infrastructure Investment and Jobs Act)
funding. (to
the original material)
- Threat Source newsletter
(March 9, 2023) — Stop freaking out about ChatGPT. (to
the original material)
- Prometei botnet improves
modules and exhibits new capabilities in recent updates. (to
the original material)
08.03.2023
- News from cyber security.
- 3 Reasons Why You Should
Work at CISA. (to
the original material)
- CISA and Women in
CyberSecurity Strengthen Partnership to Bridge Gender Gap in
Cyber and Tech. (to
the original material)
- A critical flaw affects
Fortinet FortiOS and FortiProxy, patch it now! (to
the original material)
- Veeam warns to install
patches to fix a bug in its Backup & Replication
product. (to
the original material)
- North Korea-linked
Lazarus APT used a 0-day in a recent attack. (to
the original material)
- CISA adds three new bugs
to Known Exploited Vulnerabilities Catalog. (to
the original material)
- China-linked APT Sharp
Panda targets government entities in Southeast Asia. (to
the original material)
- VMware NSX Manager bugs
actively exploited in the wild since December. (to
the original material)
- US RESTRICT Act Gains
Support, Empowers Biden to Ban Foreign Tech. (to
the original material)
- Lazarus Group
Targets South Korean Finance Firm Via Zero-Day Flaw. (to
the original material)
- SYS01 Stealer
Targets Critical Infrastructure With Google Ads. (to
the original material)
- Officials Targeted
with Romance Scams and Android Trojans. (to
the original material)
- Government Claims
New UK GDPR Will Save Firms Billions. (to
the original material)
- Cyber-Threat
Detections Surge 55% in 2022. (to
the original material)
- ‘A woman from Mars’:
Life in the pursuit of space exploration. (to
the original material)
07.03.2023
- News from cyber security.
- SAFECOM and NCSWIC
Release LLA and LLE: Are You Really Secure? (to
the original material)
- CISA Adds Three Known
Exploited Vulnerabilities to Catalog. (to
the original material)
- SYS01 stealer targets
critical government infrastructure. (to
the original material)
- Acer discloses a new data
breach, 160 GB of sensitive data available for sale. (to
the original material)
- Expert released PoC
exploit code for critical Microsoft Word RCE flaw. (to
the original material)
- LastPass hack caused by
an unpatched Plex software on an employee’s PC. (to
the original material)
- Section 702’s
Unconstitutional Domestic Spying Program Must End. (to
the original material)
- EFF Tells Supreme Court:
Trademark Law Doesn’t Trump the First Amendment. (to
the original material)
- EFF Comments to NTIA
(National Telecommunications and Information Administration)
on Privacy and Civil Rights. (to
the original material)
- Podcast Episode: Making
the Invisible Visible. (to
the original material)
- The Best & Worst
States in America for Online Privacy (2023 Update). (to
the original material)
- Sharp Panda Targets
Southeast Asia in Espionage Campaign Expansion. (to
the original material)
- Shein App Accessed
Clipboard Data on Android Devices. (to
the original material)
- Ransomware Attack Against
Barcelona Hospital Disrupts Operations. (to
the original material)
- Russia's Cyber Tactics in
Ukraine Shift to Focus on Espionage. (to
the original material)
- Just 10% of Firms Can
Resolve Cloud Threats in an Hour. (to
the original material)
- Russian Disinformation
Campaign Records High-Profile Individuals on Camera. (to
the original material)
- Brazilian Conglomerate
Suffers 3TB Data Breach: Report. (to
the original material)
- Two-Thirds of European
Firms Have Started Zero Trust. (to
the original material)
- Five reasons not to use
desktop messengers. (to
the original material)
- What is a Website
Defacement? (to
the original material)
- Malicious documents are
dead, long live malicious documents. (to
the original material)
- Love scam or espionage?
Transparent Tribe lures Indian and Pakistani officials. (to
the original material)
06.03.2023
- News from cyber security.
- Vulnerability Summary for
the Week of February 27, 2023. (to
the original material)
- Ransom House ransomware
attack hit Hospital Clinic de Barcelona. (to
the original material)
- European police
dismantled the DoppelPaymer ransomware gang. (to
the original material)
- US government orders
States to conduct cyber security audits of public water
systems. (to
the original material)
- Hatch Bank data breach
caused by the exploitation of the GoAnywhere MFT zero-day. (to
the original material)
- Colour-Blind, a fully
featured info stealer and RAT in PyPI. (to
the original material)
- How to Secure A Facebook
Account in 2023. (to
the original material)
- Almost Half of Industrial
Sector Computers Affected By Malware in 2022. (to
the original material)
- EPA Calls For
Cybersecurity Improvements in Public Water Systems. (to
the original material)
- DoppelPaymer Ransomware
Gang Members Busted in Germany, Ukraine. (to
the original material)
- City of Oakland Faces
Major Data Leak. (to
the original material)
- UK Government Plans
Skills Boost for Public Sector Fraud Fight. (to
the original material)
- FTC Proposes $7.8m Fine
for BetterHelp. (to
the original material)
- The pros and cons of open
source for businesses. (to
the original material)
- 2023 National
Cybersecurity Strategy gets aggressive on ransomware. (to
the original material)
- Top 10 Open-Source
Software risks identified. (to
the original material)
- How can ChatGPT improve
the effectiveness of phishing scams and how can we identify
such scams? (to
the original material)
05.03.2023
- News from cyber security.
- Credential Stuffing
attack on Chick-fil-A impacted +71K users. (to
the original material)
- Play Ransomware gang has
begun to leak data stolen from City of Oakland. (to
the original material)
- Louisiana Mandates ID
Verification for Pornography Online – 11 Other States Follow
Suit. (to
the original material)
04.03.2023
- News from cyber security.
- Security Affairs
newsletter Round 409 by Pierluigi Paganini. (to
the original material)
- FiXS, a new ATM malware
that is targeting Mexican banks. (to
the original material)
- BidenCash leaks 2.1M
stolen credit/debit cards. (to
the original material)
03.03.2023
- News from cyber security.
- Pegasus spyware used to
spy on a Polish mayor. (to
the original material)
- Hundreds of thousands of
websites hacked as part of redirection campaign. (to
the original material)
- MQsTTang, a new backdoor
used by Mustang Panda APT against European entities. (to
the original material)
- Trusted Platform Module
(TPM) 2.0 flaws could impact billions of devices. (to
the original material)
- The U.S. CISA and FBI
warn of Royal ransomware operation. (to
the original material)
- Retailer WH Smith
discloses data breach after a cyberattack. (to
the original material)
- We Need Privacy Laws for
the Metaverse and We Need Them Now. (to
the original material)
- TPM 2.0 Library
Vulnerabilities May Affect Billions of IoT Devices. (to
the original material)
- New Backdoor MQsTTang
Attributed to Mustang Panda Group. (to
the original material)
- CISA Warns Against Royal
Ransomware in New Advisory. (to
the original material)
- NCSC: Twitter Users
Should Find MFA Alternatives. (to
the original material)
- At Least 30% of
"Cyber-Criminals" Are Women: Report. (to
the original material)
- Experts Warn of "SMS
Pumping" Fraud Epidemic. (to
the original material)
- Authentication with
one-time codes: pros and cons. (to
the original material)
- Magbo Spam Injection
Encoded with hex2bin. (to
the original material)
- What does $5,000 buy you
on a hacking forum? – Week in security with Tony Anscombe. (to
the original material)
- Threat Roundup (Feb. 24 -
March 3). (to
the original material)
02.03.2023
- News from cyber security.
- Cybersecurity news of the
week (03/02/2023). (to
the original material)
- ENISA welcomes its new
Advisory Group. (to
the original material)
- CISA Releases Five
Industrial Control Systems Advisories. (to
the original material)
- Cisco Releases Security
Advisory for Cisco IP Phones. (to
the original material)
- Mitsubishi Electric
MELSEC iQ-F Series. (to
the original material)
- Baicells Nova. (to
the original material)
- Rittal CMC III Access
systems. (to
the original material)
- Medtronic Micro Clinician
and InterStim Apps. (to
the original material)
- FBI and CISA Release
#StopRansomware: Royal Ransomware. (to
the original material)
- #StopRansomware: Royal
Ransomware. (to
the original material)
- GunAuction site was
hacked and data of 565k accounts were exposed. (to
the original material)
- Cryptojacking campaign
targets insecure deployments of Redis servers. (to
the original material)
- Cisco fixed a critical
command injection bug in IP Phone Series. (to
the original material)
- Threat actors target law
firms with GootLoader and SocGholish malware. (to
the original material)
- EFF and Student Press Law
Center Urge Supreme Court to Require Government to Show
Subjective Intent in Threat Cases. (to
the original material)
- Report: ICE and the
Secret Service Conducted Illegal Surveillance of Cell
Phones. (to
the original material)
- Coded Resistance, the
Comic! (to
the original material)
- API Security Flaw Found
in Booking.com Allowed Full Account Takeover. (to
the original material)
- White House Launches
National Cybersecurity Strategy. (to
the original material)
- WH Smith Discloses
Cyber-Attack, Company Data Theft. (to
the original material)
- Russian Government Bans
Foreign Messaging Apps. (to
the original material)
- ICO Calls for Review into
Private Message Use by Ministers. (to
the original material)
- Major Phishing Campaign
Targets Trezor Crypto Wallets. (to
the original material)
- All hail our new AI
overlords. (to
the original material)
- 10 Signs You're a Victim
of an Online Scam. (to
the original material)
- MQsTTang: Mustang Panda’s
latest backdoor treads new ground with Qt and MQTT. (to
the original material)
- Threat Source newsletter
(March 2, 2023) — Little victories in the fight against
ransomware. (to
the original material)
01.03.2023
- News from cyber security.
- Helping Cyber Defenders
“Decide” to Use MITRE ATT&CK. (to
the original material)
- CISA Releases Decider Tool
to Help with MITRE ATT&CK Mapping. (to
the original material)
- Canada is going to ban
TikTok on government mobile devices. (to
the original material)
- BlackLotus is the first
bootkit bypassing UEFI Secure Boot on Windows 11. (to
the original material)
- Satellite TV giant Dish
admitted that the recent outage was caused by a ransomware
attack. (to
the original material)
- Parallax RAT used in
attacks aimed at cryptocurrency entities. (to
the original material)
- Google Gmail client-side
encryption is available globally. (to
the original material)
- Can You Get a Perfect March
Madness Bracket This Season? (to
the original material)
- Google Workspace Adds
Client-Side Encryption to Gmail and Calendar. (to
the original material)
- CISA Shares Advice to
Improve Networks' Monitoring and Hardening. (to
the original material)
- Public SaaS Assets Are a
Major Risk For Medium, Large Firms. (to
the original material)
- Record Number of Mobile
Phishing Attacks in 2022. (to
the original material)
- Attacker Breakout Time
Drops to Just 84 Minutes. (to
the original material)
- Dish Network Confirms
Ransomware Outage. (to
the original material)
- Researchers Release
MortalKombat Ransomware Decryptor. (to
the original material)
- The Phantom Menace: how
gamers of different ages are being attacked. (to
the original material)
- A quick review of Security
Service Edge (SSE). (to
the original material)
- The damage security
breaches bring to SMEs. (to
the original material)
- BlackLotus UEFI bootkit:
Myth confirmed. (to
the original material)
Archive:
Click here to access CMS (Content Management System) in Joomla.
Source:
Note Dorin M.
This site has a double
form, one in HTML and one in Joomla (if you are interested
in the utility behind this effort you can read the "Why
a HTML and a CMS (Joomla)" page).
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
That's why I suggest you, depending on your desire, to use the HTML form for simple browsing / information or the Joomla form if you want in-depth studies / searches using the CMS search engine.
Dorin M - March 30,
2023