Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Protecting surveilla ...

 Tips

Recently, the Edina Police Department (Minneapolis, U.S.A.) issued a remarkable warning to residents. Following the investigation of nine apartment burglaries, the police concluded that thieves were disrupting the Wi-Fi connection in the apartments. They did this to prevent the homes smart surveillance cameras from   show more ...

alerting the owners of the danger and transmitting video to them. Is such a technologically advanced burglary really possible? It is. Are there other ways to attack smart-home security systems? Definitely. What can be done about it? Great question. Lets find out! Defenseless defenders Protection devices — whether they be locks, cameras, alarms, or anything else — should, in theory, be completely secure against any kind of hostile action. After all, they could be deliberately targeted by attackers hoping to break in! Unfortunately, in practice, manufacturers are not always prudent. They make various mistakes: in smart locks, the mechanical part is often not made reliable enough; in cameras, video streams are transmitted openly, allowing unauthorized persons to view or even interfere with them; and in alarms, control channels are poorly protected. This is in addition to other smart-home vulnerabilities that weve written about before. Whats even more worrying is that many of these devices are vulnerable to two really simple attacks: power disruption and communication disruption. Home Wi-Fi can be disrupted in various ways — from crudely jamming the entire radio-wave frequency range to more specialized attacks on a specific network or Wi-Fi client. There are other ways besides messing with radio waves, too. The internet in a home is usually connected through one of four easily recognizable cables: fiber optic, telephone, twisted pair (Ethernet), or coaxial television. One can reliably disrupt the connection simply by cutting these cables. In case the entire security system relies on the power grid without backup sources, simply cutting off the power to the apartment can easily knock out the smart protection. Improving protection performance Most of the problems described above can be dealt with. As with any security measures, none of the solutions below guarantees 100% protection, but they will significantly reduce the likelihood of a burglary. Choose the right equipment. All of the issues mentioned above should be considered before purchasing any security systems. This way, you can formulate additional requirements for the equipment: an autonomous power supply the ability to transmit information without Wi-Fi an adequate level of mechanical protection the manufacturers compliance with high cybersecurity standards The first two requirements are perfectly combined in cameras that operate using Power over Ethernet (PoE) technology. Both data and power are transmitted through a single cable. You just need to buy either a PoE-enabled Ethernet router/hub or a separate PoE converter and connect it to the power grid using an uninterruptible power supply (UPS). This will make the internet in the home, the functionality of the cameras and sensors, and their connection to the router resistant to power outages and Wi-Fi interference. If its not suitable for you to have Ethernet cables running through your home, you could consider cameras with an autonomous power supply (batteries) or, at worst, cameras connected through a capacious power bank. This would protect against power outages, but the problem of attackers interfering with Wi-Fi would remain. To protect against this, you could choose devices that operate on 3G/4G/5G. Its worth noting that theyre usually designed for houses rather than apartments, so they often have outdoor features: waterproof casing, long-range IR illumination, and so on. Many cameras have the ability to record to an SD card, but this doesnt help much in quickly responding to an incident. A sufficient level of mechanical security is mainly important for locks, but its also relevant for cameras, doorbells and sensors, which are directly accessible to intruders. The level of security is difficult to assess before purchasing, but you can search the internet for tests for burglary and vandalism resistance, as well as customer reviews. Assessing the cybersecurity level of a specific camera or doorbell is also not easy: youd have to carefully study the manufacturers website and its reputation in terms of technical support and release of updates. Weve given some useful tips on this topic before. Implement redundancy. Even if youve already bought some equipment, some additional measures would help improve home security. Its highly advisable to provide redundancy for the internet channel. Depending on the situation, the backup channel could be launched either through a 4G modem or using a second wired connection and a second router. The main difficulty is configuring the router and the rest of the equipment so that the connection automatically switches to the backup channel when the main one goes down. In some routers this isnt difficult — the function is called backup channel — while in others its impossible. Of course, both routers (if there are two of them) would need power through a UPS. If you dont already have uninterrupted power, its time to get some. If its difficult to provide redundancy for the internet channel and automatic switching at the router level, as a relatively simple alternative, you could install a redundant camera: one would operate through the main internet channel, while the other — through the backup one. Protect against cyberattacks. To hinder targeted attacks on security devices, its important to follow the main rules of cybersecurity, which weve written about many times: protect your router, choose strong Wi-Fi passwords, regularly update the firmware of smart devices and the router, and use a comprehensive security solution for all computers, smartphones, and smart devices in your home network.

image for Mr. Green Gaming Suf ...

 Data Breach News

Mr. Green Gaming, a longstanding online games community established in 2006, has disclosed that they have fallen victim to a data breach. With a reputation for hosting game servers for popular titles such as Multi Theft Auto: San Andreas and Garry’s Mod, Mr. Green Gaming has served as a hub for gamers to   show more ...

connect, compete, and collaborate for over a decade. The Mr. Green Gaming data breach came to light following reports circulating on the Dark Web, suggesting that the database of Mr. Green Gaming had been compromised by threat actors. These reports indicated that sensitive information of approximately 27,000 users had been exposed, including details such as dates of birth, email addresses, geographic locations, addresses, and usernames. Source: Daily Dark Web Mr. Green Gaming Data Breach Confirmed An official statement released on the Mr. Green Gaming website has confirmed a data breach. “Unfortunately, on the 1st of March 2024 we awoke to find our forums compromised,” read the official release. Adding further, the official notice stated, “While they had access to this account, they were able to vandalize the website and, more importantly, obtain confidential information. This information includes Usernames, Email Addresses, IP Addresses used at time of account creation, Birthdays and any other public info” According to the statement released by Mr. Green Gaming, the breach was attributed to the unauthorized access of an inactive administrator account. It appears that malicious actors exploited this account to gain entry into the system, subsequently wreaking havoc by vandalizing the website and exfiltrating sensitive user information. The ramifications of Mr. Green Gaming data breach are far-reaching, as it jeopardizes the privacy and security of thousands of individuals who entrusted their data to the platform. In response to the cyberattack, Mr. Green Gaming has taken aggressive steps to limit the damage and strengthen its defenses. They told customers that the hijacked account did not have access to login credentials or password information kept on their servers, but they nonetheless advised users to change their passwords as a precaution. “We store login information according to best practices, which means that all passwords are salted and hashed in case they managed to accomplish this. Despite this, it is our recommendation that you change your password anywhere you may have used it,” the official notice stated. Online Gaming Community on Radar This incident sheds light on the growing threat landscape facing the gaming industry, which has become an increasingly lucrative target for cybercriminals seeking to exploit vulnerabilities and steal valuable data. Statistics reveal a staggering rise in cyberattacks targeting gamers, with over 4 million cyberattacks reported between July 2022 and July 2023. Mobile gaming communities, in particular, have borne the brunt of these assaults, with popular games like Minecraft and Roblox serving as prime targets for cybercriminals. The breach suffered by Mr. Green Gaming is not an isolated incident but rather part of a disturbing trend plaguing the online gaming ecosystem. In January 2024, two prominent online gaming platforms in India, Teenpatti.com and Mobile Premier League (MPL), allegedly experienced data breaches, with a cybercriminal known as ‘roshtosh’ purportedly selling stolen data from these platforms on the dark web. Furthermore, in December 2023, the Fortnite Game website experienced a temporary outage, leaving players unable to access the platform. While services have since been restored, the cause of the outage remains shrouded in mystery, with speculation ranging from a cyberattack to technical glitches. These incidents serve as a wake-up call for the gaming industry, highlighting the urgent need for enhanced cybersecurity measures to safeguard user data and preserve the integrity of online gaming platforms. As the threat landscape continues to evolve, it is incumbent upon gaming companies to prioritize cybersecurity and invest in proactive measures to thwart cyber threats and protect their user base from harm. Failure to do so not only risks the trust and loyalty of their customers but also exposes them to legal and financial repercussions in the event of a data breach. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for La Bonne Alternance ...

 Data Breach News

In a concerning development, it has been alleged that the database of La Bonne Alternance, a platform assisting candidates in work-study training, has been leaked. The threat actor responsible for the La Bonne Alternance data breach claims to have exposed 47,808 lines of data, including email addresses, names,   show more ...

surnames, phone numbers, and passwords. At present, the motive behind the La Bonne Alternance data breach remains unclear, raising questions about the potential implications for affected individuals. In-detail: La Bonne Alternance data breach Upon accessing the official website of La Bonne Alternance, it was found to be fully functional, with no apparent signs of foul play. However, to verify the validity of the claim, The Cyber Express team reached out to company officials. As of the time of writing this report, no official response has been received, leaving the situation shrouded in uncertainty. La Bonne Alternance plays a vital role in helping candidates interested in work-study training to find suitable opportunities by connecting them with training programs and potential employers. The platform serves as a bridge between apprenticeship training opportunities and job offers from recruiters, facilitating the process for candidates seeking work-study arrangements. With its extensive network and resources, La Bonne Alternance aims to streamline the search process for both candidates and employers. Source: Daily Dark Web If the claims of the La Bonne Alternance data breach are verified, the implications could be far-reaching due to the sensitive nature of the information exposed. The leaked data, which includes personal details such as email addresses, names, and phone numbers, could potentially be exploited by malicious actors for various purposes, including identity theft and phishing attacks. The surge in Cyberattacks in France France has increasingly become a target for cyberattacks in recent months, with several high-profile incidents highlighting the growing threat posed by cybercriminals. In February 2024, reports emerged of a newly discovered ransomware variant known as JKwerlo, which specifically targeted French and Spanish speakers with sophisticated cyberattacks. This ransomware posed a significant threat to individuals and organizations alike, underscoring the importance of robust cybersecurity measures. In another alarming incident in the same month, the Center Hospitalier Sud Francilien (CHSF) in France fell victim to a ransomware attack, with hackers demanding a ransom of US$10 million. The cyberattack crippled the hospital’s systems, disrupting access to essential services and prompting the transfer of patients to nearby facilities. The incident served as a reminder of the vulnerability of critical infrastructure to cyber threats and the potentially devastating consequences of such attacks. With the alleged data breach at La Bonne Alternance adding to the growing concerns surrounding cybersecurity in France, there is an urgent need for heightened vigilance and proactive measures to protect against cyber threats. As cybercriminals continue to evolve their tactics and target new vulnerabilities, it is essential for individuals and organizations to prioritize cybersecurity and take steps to safeguard sensitive information from exploitation. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

image for Authorities Strike: ...

 Firewall Daily

In a significant development, law enforcement has allegedly seized the newly established ALPHV/BlackCat leak site, dealing a blow to the ransomware group. This action comes shortly after revelations that the group purportedly received a staggering $22 million from Change Healthcare. Cybersecurity analyst and   show more ...

researcher Dominic Alvieri posted an image of the leak site, showcasing the involvement of numerous law enforcement agencies in a joint operation to seize it. With this, both the leak sites operated by the ransomware group have now been confiscated. Notably, these developments come after BlackCat’s recent message on their Tox platform, offering to sell their source code for $5 million. Additionally, there have also been accusations from an affiliate of the hacker collective, alleging “scamming” of fellow group members. Allegations of Scam and Server Shutdown The turmoil began when the BlackCat ransomware gang shut down its servers amidst claims of scamming the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform. Emerging reports suggest that the affiliate involved in the operation was banned, and the $22 million ransom purportedly paid by Change Healthcare was stolen by ALPHV/BlackCat. Source: (@ddd1ms/Twitter) The situation swiftly shifted when messages surfaced on the Tox messaging platform utilized by the ransomware operators, declaring, “Everything is off, we decide.” This statement sparked conjecture about the group’s motives, raising queries about whether they were contemplating an exit scam or pondering a rebranding endeavor. Source: Twitter The reported scam triggered strong reactions from someone claiming to be a longtime affiliate of ALPHV/BlackCat. They accused the group of betrayal, alleging that they had absconded with the ransom funds. The affiliate, operating under the username “notchy,” claimed to possess critical data stolen from Change Healthcare, including information that could impact thousands of clients across various sectors. To substantiate their claims, “notchy” shared details of cryptocurrency transactions totaling over $23 million, allegedly transferred from Optum as ransom payments. BlackCat History of Rebrands and Law Enforcement Pressure The developments surrounding ALPHV/BlackCat are reminiscent of past incidents involving the group, which has undergone multiple rebrands in response to law enforcement pressure. Originally known as DarkSide, the gang gained notoriety for its cyberattack on the Colonial Pipeline in 2021, which resulted in widespread panic and fuel shortages across the United States. Despite facing setbacks, including server breaches and infrastructure shutdowns, the group has repeatedly resurfaced under new aliases, including BlackMatter and ALPHV. Each rebrand has been accompanied by renewed efforts to extort victims and exploit vulnerabilities in cybersecurity defenses. The latest seizure of the ALPHV/BlackCat leak site represents a significant victory for law enforcement agencies grappling with the rising threat of ransomware attacks. However, the incident serves as a reminder of the ongoing challenges posed by cybercriminals and the need for enhanced cybersecurity measures to protect against future threats. As the investigation into ALPHV/BlackCat’s activities continues, authorities are likely to ramp up efforts to dismantle the operation and hold those responsible accountable for their actions. In the meantime, organizations and individuals are urged to remain vigilant and take proactive steps to safeguard their data and infrastructure from ransomware attacks. The fate of ALPHV/BlackCat remains uncertain, but one thing is clear: the battle against ransomware is far from over, and concerted efforts are needed to combat this pervasive threat to cybersecurity. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Trends, Reports, Analysis

The OpenSSF has implemented various initiatives to improve open-source software security, including the creation of a Malicious Packages repository and partnering with CISA to develop a security maturity framework for package repositories.

 Threat Actors

The group targeted hundreds of organizations globally with emails containing zipped HTML attachments designed to capture NTLM hashes. This method could enable password cracking or "Pass-The-Hash" attacks.

 Feed

Ubuntu Security Notice 6653-4 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the   show more ...

AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

 Feed

Debian Linux Security Advisory 5635-1 - Aviv Keller discovered that the frames.html file generated by YARD, a documentation generation tool for the Ruby programming language, was vulnerable to cross-site scripting.

 Feed

Ubuntu Security Notice 6674-2 - USN-6674-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

 Feed

Ubuntu Security Notice 6674-1 - Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

 Feed

Red Hat Security Advisory 2024-1092-03 - An update for tomcat is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a HTTP request smuggling vulnerability.

 Feed

Red Hat Security Advisory 2024-1086-03 - An update for libfastjson is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include integer overflow and out of bounds write vulnerabilities.

 Feed

Red Hat Security Advisory 2024-1074-03 - An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a heap overflow vulnerability.

 Feed

Red Hat Security Advisory 2024-1071-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.

 Firewall Daily

In today’s digital landscape, the threat of cyberattacks looms large, with organizations facing increasingly sophisticated threats. According to research conducted by STX Next, a global leader in IT consulting, human error emerges as the primary cybersecurity threat faced by organizations, surpassing the   show more ...

potential risks posed by ransomware and phishing attacks. The survey, which polled 500 global Chief Technology Officers (CTOs), revealed that a staggering six in ten (59%) CTOs identified human error as the most significant cybersecurity risk within their organizations. Human error encompasses a range of actions, from inadvertently downloading malware-infected attachments to neglecting to use robust passwords. Addressing Human Error: Strategies and Solutions In response to this growing concern, CTOs are implementing various strategies to safeguard their teams and broader organizations. The adoption of multi-factor authentication (MFA) stands out as a prevalent tactic, with 94% of companies surveyed having deployed MFA. Additionally, 91% are leveraging identity access management technology (IAM), 58% are utilizing security information and event management (SIEM) technology, and 86% have implemented single sign-on (SSO) solutions. Identifying Vulnerabilities: Challenges and Opportunities Despite these proactive measures, the survey also uncovered areas of vulnerability. A quarter (24%) of CTOs cited security as their primary organizational challenge, yet only 49% of companies reported having a cyber insurance policy in place. Furthermore, while 59% of businesses have implemented ransomware protection solutions, in-house security teams remain a minority, with just 36% of companies having a dedicated security team or department. Krzysztof Olejniczak, Chief Information Security Officer (CISO) at STX Next, emphasized the critical role of employee awareness and preparedness in mitigating cyber risks. “The data from this year’s survey indicates that employees are still the weakest point of company security. Despite the deployment of comprehensive technology, poor implementation, substandard support processes or lack of governance can render these efforts useless. In recent years, the frequency and severity of cyberattacks across all industries have risen extraordinarily, and employees are often carrying the burden of being an organization’s first line of defence,” said Olejniczak. Olejniczak stressed the necessity of not only educating employees on identifying and responding to threats but also regularly assessing their resilience through simulated attacks and training exercises. Additionally, he advocated for the adoption of solutions such as MFA, IAM, and SSO as standard practices to bolster defenses against human error. Furthermore, Olejniczak highlighted the disparity in cybersecurity resources among organizations, particularly smaller firms with limited resources. To address this gap, he suggested leveraging specialized cybersecurity solutions or providers, including virtual Chief Information Security Officer (vCISO) services. In conclusion, as cyber threats continue to evolve, organizations must prioritize cybersecurity preparedness and resilience. Whether through in-house initiatives or outsourced solutions, CTOs and CISOs play a pivotal role in supporting their teams and fortifying defenses against the inevitability of cyberattacks. By addressing the human factor and implementing comprehensive security measures, organizations can better protect themselves and their stakeholders from potential harm. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Data Breach News

American Express, a prominent American bank holding and financial services company, has issued a notification to its customers concerning a data breach linked to a third-party service provider. Contrary to initial reports, an American Express spokesperson clarified that these incidents did not constitute a breach of   show more ...

American Express or any of its third-party vendors. Instead, they occurred within the infrastructure of a merchant or merchant processor, entities commonly engaged by numerous merchants rather than directly by American Express. “The incidents that you are inquiring about occurred at a merchant or merchant processor and were not an attack on American Express or an American Express service provider, as some media outlets have erroneously reported. Because customer data was impacted, American Express provided notice of the incidents to Massachusetts agencies and impacted customers who reside in Massachusetts, told the American Express Spokesperson to The Cyber Express, regarding the nature of the data breach. This disclosure of the American Express data breach was made in a notification filed with the state of Massachusetts. American Express Data Breach: Precautionary Measures In light of this data breach, American Express is actively implementing measures to minimize the risk of fraudulent activities. Affected users are being advised to remain vigilant and to take necessary precautions to safeguard their accounts. Importantly, American Express reassures its cardholders that they are not liable for any fraudulent charges incurred on their accounts. The company employs advanced monitoring systems and internal safeguards to detect and respond to suspicious activities promptly. Furthermore, customers are encouraged to regularly monitor their account activity and report any suspicious incidents immediately. Additionally, American Express is committed to providing ongoing support to affected customers, especially those with multiple Amex cards involved in the breach. The company will continue to communicate with customers regarding any developments related to the incident. For enhanced security, customers can opt to receive free fraud and account activity alerts via email, SMS text messaging, and notifications through the Amex app. “If we see there is unusual activity that may be fraud, we will take protective actions. We also recommend customers regularly review and monitor their account activity, and immediately contact us if they detect any suspicious activity. For added protection, customers can receive free fraud and account activity alerts via email, SMS text messaging, and/or notifications through our app,” Amex Spokesperson told further to The Cyber Express. Affected customers are advised to review their accounts for any signs of fraudulent activity regularly. American Express recommends monitoring account statements closely over the next 12 to 24 months to detect any unauthorized transactions promptly. The company is closely monitoring accounts for any signs of fraud and has implemented additional security measures to prevent future breaches. Staying Vigilant Against Cyber Threats The third party Amex data breach serves as a reminder of the ongoing threat posed by cyberattacks and highlights the importance of enhanced cybersecurity measures for both companies and consumers. American Express remains dedicated to safeguarding its card members’ personal and financial information and encourages customers to take proactive steps to protect themselves against the risks of fraud and identity theft. As part of its commitment to transparency and accountability, American Express has provided additional resources and guidance to affected customers to help them navigate the aftermath of the Amex data breach. The company is committed to keeping its customers informed about security concerns and will continue to prioritize the security and privacy of its card members’ information. By working together to implement strengthened security measures and staying informed about emerging threats, we can collectively combat cybercrime and protect against data breaches. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

 Feed

A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3. “The

 Feed

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report. At least two campaigns taking advantage of this

 Feed

Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem assets. While there has been a bit of a backswing against the pricing and lock-in presented when using

 Feed

A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. “Savvy Seahorse is a DNS threat actor who convinces victims to create accounts on fake investment platforms, make deposits to a personal account, and then transfers those deposits to a bank in Russia,” Infoblox said in a report

 Feed

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware. “The number of infected devices decreased slightly in mid- and late

 Feed

North Korean threat actors have exploited the recently disclosed security flaws in ConnectWise ScreenConnect to deploy a new malware called TODDLERSHARK. According to a report shared by Kroll with The Hacker News, TODDLERSHARK overlaps with known Kimsuky malware such as BabyShark and ReconShark. “The threat actor gained access to the victim workstation by exploiting the exposed setup wizard

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Ukraine’s GUR hacked the Russian Ministry of Defense The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of   show more ...

Defense announced it had breached the Russian Ministry of Defense servers as part […] La entrada Ukraine’s GUR hacked the Russian Ministry of Defense – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Some American Express customers’ data exposed in a third-party data breach American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies   show more ...

customers that their credit card information has been compromised in a data breach […] La entrada Some American Express customers’ data exposed in a third-party data breach – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini META hit with privacy complaints by EU consumer groups This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanction   show more ...

the company Meta – which […] La entrada META hit with privacy complaints by EU consumer groups – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini New GTPDOOR backdoor is designed to target telecom carrier networks Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously   show more ...

undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile […] La entrada New GTPDOOR backdoor is designed to target telecom carrier networks – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Threat actors hacked Taiwan-based Chunghwa Telecom Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company, Ltd. (literally Chinese Telecom   show more ...

Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier […] La entrada Threat actors hacked Taiwan-based Chunghwa Telecom – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini New Linux variant of BIFROSE RAT uses deceptive domain strategies A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant   show more ...

of Bifrost (aka Bifrose) RAT that uses a deceptive […] La entrada New Linux variant of BIFROSE RAT uses deceptive domain strategies – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Blog

Source: securityboulevard.com – Author: Michelle Ofir Geveye “AI is too important not to regulate—and too important not to regulate well,” asserts Google, capturing the sentiment resonating across the global tech landscape. Indeed, the regulation of Artificial Intelligence looms large on the horizon, and   show more ...

in many ways, it’s already underway.  Take the European Union’s ambitious AI […] La entrada Overview of AI Regulations and Regulatory Proposals of 2023 – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Nicholas Tan A recent successful cyberattack on a large technology provider for hospitals and pharmacies in the US has left patients unable to obtain their medication. This attack is a reminder that healthcare cyberattacks are not stopping, and a successful attack will   show more ...

have severe consequences. In this blog, we’ll briefly analyze […] La entrada Prevention & Cure: Countermeasures Against Healthcare Cyberattacks – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Nicholas Tan A pioneer of LogRhythm’s Asia Pacific operations, Joanne Wong’s appointment reinforces LogRhythm’s commitment to employee advancement through strategic internal promotions SINGAPORE, 5 March 2024 – LogRhythm, the company helping security teams stop   show more ...

breaches by turning disconnected data and signals into trustworthy insights, today announced the appointment of Joanne Wong […] La entrada LogRhythm Promotes Joanne Wong to Interim Chief Marketing Officer – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: securityboulevard.com – Author: Erin Crapser Wright Joins TrustCloud as the company expands solutions for customers, partners and auditors, and invests in its own security program Boston MA — March 5, 2024 — TrustCloud, the Trust Assurance platform using AI to upgrade GRC into a profit center, today   show more ...

announced the appointment of Dixon Wright as […] La entrada TrustCloud Welcomes Security and Compliance Expert Dixon Wright as VP GRC Transformation – Source: securityboulevard.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 claims

Source: www.infosecurity-magazine.com – Author: 1 Hackers operating from Ukraine’s Main Intelligence Directorate (GUR) have claimed another scalp; the Russian Ministry of Defense (MoD). The GUR, part of Kyiv’s Ministry of Defense, said a “special operation” enabled it to breach the servers of the   show more ...

Russian MoD (Minoborony) to obtain sensitive documents. These included orders and reports […] La entrada Ukraine Claims it Hacked Russian MoD – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: 1 Software developer JetBrains has warned users of its popular TeamCity CI/CD tool that they should prioritize patching of two new vulnerabilities or risk compromise. Discovered by Rapid7 last month, the bugs are listed as CVE-2024-27198 and CVE-2024-27199. The   show more ...

security vendor has now released exploit details, which makes patching more urgent. […] La entrada TeamCity Users Urged to Patch Critical Vulnerabilities – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2024-03
Aggregator history
Tuesday, March 05
FRI
SAT
SUN
MON
TUE
WED
THU
MarchAprilMay