cyber_security_channel | News and Media

Telegram-канал cyber_security_channel - Cyber Security News

42585

Be Cyber Aware. Our vacancies channel: @CyberSecurityJobs Our chat: t.me/cybersecuritynewschat LinkedIn: https://www.linkedin.com/company/securitynews/ Facebook: https://www.facebook.com/BreakingCyberSecNews 📩 Cooperation: @cybersecadmin

Subscribe to a channel

Cyber Security News

Mandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical Infrastructure

The Volt Typhoon campaign was first flagged by Microsoft with deliberate targeting of critical infrastructure in Guam, a discovery that raised eyebrows because the tiny island is considered an important part of a future China/Taiwan military conflict.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Argentina: AAIP Approves Use of IADPN Model Contractual Clauses for International Transfers of Personal Data

The incorporation of these instruments, in addition to promoting security in data transfers, contributes to regulatory harmonization and consolidates Argentina’s position in the protection of privacy.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Worcester Co. Sheriff’s Office To Implement Radio Encryption; Public Shares Concerns

Crisafulli shared a statement on social media Saturday announcing his agency’s plan to move toward encrypted communication.

His announcement came after the Eastern Shore Undercover Facebook page, known for its monitoring of emergency radio channels, shared the news that Worcester County would soon be encrypting its communications.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Gartner’s Top 10 Strategic Technology Trends for 2024

Many organizations are already working with AI, but it is trending because Gartner surveys this year “indicate that the hype brought by ChatGPT and other GenAI platforms causes 45% of respondents to increase their AI budgets,” Willemsen explained.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

A Threat Actor Is Selling Access To Facebook And Instagram's Police Portal

The threat actor can abuse access to the portal for multiple purposes, including unauthorized data requests, enabling harassment and doxxing, fake law enforcement actions, and the risk of identity theft, all of which pose serious privacy and security concerns for users.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Cisco Finds New Zero Day Bug, Pledges Patches in Days

Cisco also added another clarification from its earlier reporting on the first bug: it was thought in the early response that the threat actor had combined the new zero-day with a known and patched vulnerability from 2021, raising the specter of a patch bypass issue.

But Cisco has now dismissed that theory, according to a statement from the company.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

More Okta Customers Hacked

"Okta has worked with impacted customers to investigate, and has taken measures to protect our customers, including the revocation of embedded session tokens," Bradbury added.

In its blog post, Okta listed IP addresses and user-agents that security teams can use in their threat hunting efforts.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

How to Build Elite Technical Teams
Internally with Cybersecurity Training

Cybersecurity training is a continuous process that should be integrated into your organization’s culture.

Denis emphasized that team members are driven to acquire new skill sets and advance in their careers.

Packetlabs categorizes service offerings into different levels, evaluating their team members’ skills regularly, and upskilling them accordingly.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

The Fake Browser Update Scam Gets a Makeover

Nati Tal, head of security at Guardio Labs, the research unit at Guardio, said the malicious scripts stitched into hacked WordPress sites will create a new smart contract on the BSC Blockchain, starting with a unique, attacker-controlled blockchain address and a set of instructions that defines the contract’s functions and structure.

When that contract is queried by a compromised website, it will return an obfuscated and malicious payload.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Flagstar Bank Suffers a MOVEit Data Breach Impacting Over 800,000 Customers

Flagstar said the data breach occurred between May 27 and 31, 2023, when the vulnerability was still publicly unknown, and was detected on June 3, 2023.

By then, threat actors had copied and transferred some files from the compromised file transfer system.

The stolen files included customer information, which varied between individuals.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

5 Ways Hospitals Can Help Improve Their IoT Security

Besides being difficult to protect, these connected devices present challenges when it comes to complying with the security requirements of laws such as the Health Insurance Portability and Accountability Act (HIPAA).

Luckily, there are several strategies hospitals can leverage to bolster their defenses.

Here are five actionable ways hospitals can help secure medical devices and provide life-saving patient care without disruption.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Critical Vulnerabilities Expose ​​Weintek HMIs to Attacks

Hank Chen, the TXOne Networks researcher credited for finding the vulnerabilities, told SecurityWeek that the flaws could allow an attacker to take complete control of an HMI.

However, Chen noted that while an attacker does not require any special permissions to launch a DoS attack, executing arbitrary commands requires the HMI’s password.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Microsoft Defender Thwarted Akira Ransomware Attack On An Industrial Engineering Firm

“In this attack, the threat actor leveraged devices that were not onboarded to Microsoft Defender for Endpoint for most of the attack stages, a defense evasion tactic we’ve seen in other attacks” reads the analysis published by Microsoft.

“While visibility by our endpoint solution could have blocked the attack earlier in the attack chain and helped to protect the organization’s devices much sooner, Defender for Endpoint nonetheless successfully prevented the ransomware stage, protecting all onboarded devices in the organization from getting encrypted.”

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

The catalog lists more than 1,000 vulnerabilities for which CISA has solid evidence of in-the-wild exploitation, many of which have been targeted in ransomware attacks.

One of the most recent examples of such flaws is CVE-2023-40044, a deserialization of untrusted data bug in Progress Software’s WS_FTP server that could lead to the execution of remote commands on the underlying operating system.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare

Amazon observed and mitigated more than a dozen HTTP/2 Rapid Reset attacks over two days in late August, the strongest one hitting its infrastructures at 155 million requests per second.

Cloudflare reported a peak at 201 million requests per second and mitigated more than 1,100 other attacks with more than 10 million RPS, and 184 attacks greater than the previous DDoS record of 71 million RPS.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

US Energy Firm Shares How Akira Ransomware Hacked Its Systems

The Akira operators revisited the network on June 16, 2023, to enumerate data would be stolen.

Between June 20 and 29, the threat actors stole 767k files containing 690 GB of data, including BHI's Windows Active Directory database.

Finally, on June 29, 2023, having stolen all data they could from BHI's network, the threat actors deployed the Akira ransomware on all devices to encrypt files.

This was when BHI's IT team realized the company had been compromised.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

BlackDice and Landatel Partner to Bring AI-Powered Cybersecurity Solutions to Small Businesses

Paul Hague, CEO and Founder of BlackDice, said, “The partnership with Landatel Communications is a tremendous endorsement of BlackDice’s cybersecurity solutions.

It marks a pivotal milestone in our strategic roadmap positioning us for further growth, as we continue to secure partnerships with key industry players to deliver solutions that address the pressing cybersecurity challenges confronting small businesses.

We’re living in a digital age where over 560,000 new pieces of malware emerge every day.

This alarming statistic underscores the urgency for robust cybersecurity measures, especially for businesses that are now heavily reliant on online operations and hybrid work settings.”

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Telling Small Businesses to Buy Cyber Insurance Isn't Enough

Even for businesses that can get — and afford — cyber insurance, it isn't comprehensive and doesn't cover every possible type of security breach. Instead, policies cover a set of named perils.

An inexperienced buyer may not realize the protection limitations, given the variety of coverages, exceptions, and exclusions in policies.

Policies, for example, may not cover cyber terrorism, state-sponsored attacks, contractual liabilities, or intellectual property infringement, and may have exclusions for war, terrorism, bodily injury, and property damage.

Policies may also have deductibles, co-payments, and sublimits that reduce the amount of coverage.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

China Crackdown on Cyber Scams in Southeast Asia Nets Thousands but Leaves Networks Intact

In August, China, Thailand, Laos and Myanmar agreed to set up a joint police operations center to tackle cyber scams in the region.

On Oct. 10, China’s Ministry of Public Security announced that its “Summer Operation” had successfully brought back 2,317 scam suspects from northern Myanmar to China.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

MI5 Chief Warns of Chinese Cyber Espionage Reached an Unprecedented Scale

Over the past year, British intelligence has observed over 20 cases involving Chinese firms contemplating or actively attempting to access sensitive technology developed by UK entities.

The espionage activity used different means to conceal the involvement of the Chinese government, including financial investments.

The BBC reported the case of an acquisition of a sensitive UK tech company involved in UK military supply chains.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Over 50K Cisco IOS XE Devices Hacked Exploiting Zero-day

Cisco Talos IR and TAC identified a new cluster of unauthorized activity on October 12. An intruder created a “cisco_support” user from a suspicious IP (154.53.56[.]231).

Unlike September, this involved implant deployment (“cisco_service.conf”) for system-level commands.

However, the implant failed to activate in one case.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Philippine Military Ordered to Stop Using Artificial Intelligence Apps Due to Security Risks

Teodoro ordered all defense and military personnel “to refrain from using AI photo generator applications and practice vigilance in sharing information online” and said their actions should adhere to the Philippines Defense Department’s values and policies.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Pro-Iranian Hacktivists Set Sights on Israeli Industrial Control Systems

"In the absence of reported disruptions to Israeli infrastructure, the available NetFlow sample appears to support assessments that SiegedSec's attacks were either unsuccessful or have not yet begun in earnest," the report said.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Tampa Hospital Suffers Recent Data Breach

The standing lawsuit against TGH accuses the facility of violating the Florida Deceptive and Unfair Trade Practices Act and includes allegations of invasion of privacy, unjust enrichment, breach of confidence, fiduciary duty and contract claims.

According to their legal counsel, the plaintiffs are seeking relief in the form of restitution, injunctive relief and significant monetary damages, which remain unspecified at this time.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Software Supply Chain Security Attacks Up 200%: New Sonatype Research

Because of this huge increase in attacks, many open-source systems have implemented new security policies and improvements, such as mandatory multifactor authentication for developers; however, oftentimes, malicious packages are handled the same as packages with vulnerabilities, meaning they’re taken down the same way as vulnerabilities, which is inappropriate for malicious content, as the packages might stay online longer for that reason.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Top 6 Mistakes in Incident Response Tabletop Exercises

Due to the discussion-based nature, most organizations consider a tabletop exercise to be a relatively easy training session that consists of a long conversation while looking at PowerPoint slides.

However, if it's not performed properly, it can be easy to lose the efficiency and value a tabletop exercise can provide.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

EPA Withdraws Water Sector Cybersecurity Rules Due to Lawsuits

“In addition to concerns about the legal process and legality of the rule, the water associations expressed concerns that the rule would create additional cybersecurity vulnerabilities for utilities, as sanitary surveys required in the rule have public notification requirements.

Finally, the rule would have required cybersecurity reviews by state regulatory agencies that lack expertise and resources for cybersecurity oversight,” AWWA and NRWA said in a press release issued last week after the EPA withdrew the rules.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic

ShellBot, aka PerlBot, is a well-known botnet that uses dictionary attacks to compromise servers that have weak SSH credentials.

From there, the server endpoint is marshalled into action to deliver distributed denial-of-service (DDoS) attacks or drop payloads like cryptominers on infected machines.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Stayin’ Alive Campaign Targets High-Profile Asian Government and Telecom Entities. Is It Linked To ToddyCat APT?

The main payload is composed of three primary functionalities, ‘report’, ‘shell’, and ‘file.’ Each functionality is assigned to a different message type that is sent to the C2 server.

Upon execution, the payload initially runs the ‘report’ feature sending basic recon info to the C2, then it creates two separate threads that repeatedly run the shell and file functionalities.

@Cyber_Security_Channel

Читать полностью…

Cyber Security News

Data Thieves Test-Drive Unique Certificate Abuse Tactic

Notably, the malware uses abnormal certificates featuring Subject Name and Issuer Name fields that have unusually long strings, which means they require specific tools or infrastructure to inspect the certificates and are not visible in Windows systems.

Specifically, the signature strings include Arabic, Japanese, and other non-English languages, along with special characters and punctuation marks, diverging from the typical English character string structures, the researchers noted.

@Cyber_Security_Channel

Читать полностью…
Subscribe to a channel