Cyber Security News

19 Jan 2024 23:57

Patch ASAP: Max-Critical Atlassian Bug Allows Unauthenticated RCE

There are no mitigations or workarounds available, so admins should apply the latest versions from last month to be fully protected, even if their versions of Confluence aren't exposed to the Internet.

Cloud instances are unaffected.

@Cyber_Security_Channel

Cyber Security News

18 Jan 2024 13:01

Hacker Spins Up 1 million Virtual Servers to Illegally Mine Crypto

Europol says they first learned of the cryptojacking attack in January 2023 from a cloud service provider who was investigating compromised cloud accounts on their platform.

@Cyber_Security_Channel

Cyber Security News

17 Jan 2024 11:15

Information Stealer Exploits Windows SmartScreen Bypass

Following the public disclosure, threat actors have been observed demonstrating the exploitation of this bug, various proof-of-concept (PoC) exploits have been released, and numerous threat actors have incorporated exploits for this vulnerability in their attack chains.

@Cyber_Security_Channel

Cyber Security News

16 Jan 2024 07:12

Cybersecurity Incidents Consistently Increase in UAE

Jake Moore, global security advisor at ESET, agrees that malicious insider threats are "a significant worry" for businesses, but he stresses that "humans also carry an accidental risk in business situations."

@Cyber_Security_Channel

Cyber Security News

14 Jan 2024 17:09

BreachForums Admin Jailed Again for Using a VPN, Unmonitored PC

Fitzpatrick was released one day later on a $300,000 bond and under various pretrial conditions, including not visiting the BreachForums website or having contact with any BreachForums users or co-conspirators unless supervised by counsel.

@Cyber_Security_Channel

Cyber Security News

13 Jan 2024 17:27

QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products

“The specific flaw exists within the dsi_writeinit function.

The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer.

An attacker can leverage this vulnerability to execute code in the context of root,” a NIST advisory reads.

@Cyber_Security_Channel

Cyber Security News

12 Jan 2024 15:20

Law Firm Orrick Reveals Extensive Data Breach, Over Half a Million Affected

The compromised personal information includes:

- Names
- Addresses
- Dates of birth
- Email addresses
- Passport numbers
- Social Security numbers
- Financial account details
- Tax identification numbers
- Online account credentials
- Credit or debit card numbers
- Medical and health information
- Health insurance and healthcare provider details
- Driver’s license or other government ID numbers

@Cyber_Security_Channel

Cyber Security News

11 Jan 2024 15:54

'Black Basta Buster' Exploits Ransomware Bug for File Recovery

Further, files between 5,000 bytes and 1 gigabyte can be recovered; however, for files larger than 1GB, the first 5,000 bytes of the file will be lost, though the rest can be recovered, according to the post.

@Cyber_Security_Channel

Cyber Security News

10 Jan 2024 19:39

Hackers Use LinkedIn to Target UK Nuclear Waste Firm

NWS chief executive, Corhyn Parr, said the government-backed organization has experienced “instances of potential exploitation of ownership change through specific attack vectors, predominantly LinkedIn targeting".

@Cyber_Security_Channel

Cyber Security News

10 Jan 2024 00:16

NASA Releases First Space Cybersecurity Best Practices Guide

The new guidance issued Friday aligns NASA's flight project parlance with security controls outlined in the National Institute of Standards and Technology catalog of security controls for government agencies, known as SP 800-53.

NASA said in its guidance that threat actors can exploit ground systems to gain unauthorized access and maliciously interact with space vehicles and operations.

The agency encouraged organizations to ensure only authenticated and authorized personnel and software are allowed access to space mission systems.

@Cyber_Security_Channel

Cyber Security News

09 Jan 2024 04:02

INC RANSOM Ransomware Gang Claims To Have Breached Xerox Corp

The ransomware group published the images of eight documents, including emails and an invoice, as proof of the hack.

At this time it’s unclear which is the volume of data allegedly stolen from the company.

The INC RANSOM has been active since 2023, it claimed responsibility for the breach of more than 40 organizations to date.

@Cyber_Security_Channel

Cyber Security News

08 Jan 2024 09:59

Skynet Ahoy? What to Expect for Next-Gen AI Security Risks

Large language models (LLMs), powered by sophisticated algorithms and massive data sets, demonstrate remarkable language understanding and humanlike conversational capabilities.

Because LLMs require access to vast amounts of data to provide accurate and contextually relevant outputs, sensitive information can be inadvertently revealed or misused.

@Cyber_Security_Channel

Cyber Security News

07 Jan 2024 13:42

Reversible Data Hiding in Encrypted Images With Multi-Prediction and Adaptive Huffman Encoding

Reversible data hiding in encrypted images (RDHEI) is a privacy-preserving method that embeds protected data in an encrypted domain and accurately extracts the embedded data without affecting the original content.

An adaptive Huffman coding is designed to compress the generated labels in order to reduce the embedding length of the auxiliary information used for the extraction and recovery.

@Cyber_Security_Channel

Cyber Security News

05 Jan 2024 16:42

‘Operation Triangulation’ Spyware Attackers Bypass iPhone Memory Protections

This week, the team presented their most recent findings at the 37th Chaos Communication Congress in Hamburg, Germany, calling it " the most sophisticated attack chain" they had yet seen being used in the operation.

@Cyber_Security_Channel

Cyber Security News

04 Jan 2024 14:56

Panasonic Discloses Data Breach after December 2022 Cyberattack

Information impacted during the breach includes the affected individuals' names, contact details (email address, mailing address, and telephone number), dates of birth, medical and health insurance information, financial account numbers, company employment status, and government identifiers, such as Social Security numbers.

@Cyber_Security_Channel

Cyber Security News

19 Jan 2024 11:24

Data Breach: It’s Not If But When

And according to an IBM's 2022 research, the average cost of a data breach worldwide is more over $13 million.

Breach scenarios can have an impact on organisations of all kinds and types, including public and private enterprises, Devolved and National governments, non-profit organisations, and large and small firms.

@Cyber_Security_Channel

Cyber Security News

17 Jan 2024 23:03

Framework Discloses Data Breach After Accountant Gets Phished

Framework says its Head of Finance notified Keating Consulting's leadership of the attack once he became aware of the breach roughly 29 minutes after the external accountant replied to the attacker's emails at 8:42 AM PST on January 11th.

@Cyber_Security_Channel

Cyber Security News

16 Jan 2024 21:02

Newly Discovered Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

Patrice Auffret, is a founder, chief executive officer and chief technology officer at ONYPHE, a French cyber defense search engine dedicated to attack surface discovery and attack surface management.

They told TechRepublic in an email interview earlier that 29,664 Ivanti Secure VPN appliances are connected to the internet, with more than 40% of the exposed systems being in the U.S., followed by Japan (14.3%) and Germany (8.48%).

@Cyber_Security_Channel

Cyber Security News

15 Jan 2024 09:05

🤤 Imagine Progressing Through 2024 With Total Peace of Mind, and in Control of Your Cyber Security?

↳ 2024 GDPR & Cybersecurity Epic Bundle has all the resources to make it happen!

What Tools Are Available?

✔️ IT Assets
✔️ 3 Guides
✔️ 5 eBooks
✔️ User Permissions Tracking
✔️ Internet Security Fundamentals
✔️ GDPR Data Classification & Cyber Security Template

🔥 The bundle is currently 55% OFF from original price!

Take the opportunity before the deal expires:

→ https://gumroad.com/a/710907859/fzdoc

(Limited time only)

Cyber Security News

14 Jan 2024 01:35

⚡️Cyber Breach: Netgear and Hyundai MEA Twitter Accounts Hacked

While Hyundai MEA has successfully regained control of its Twitter account and removed any links leading users to malicious websites, Netgear is still in the process of recovering, leaving some of the attackers’ tweets untouched.

@Cyber_Security_Channel

Cyber Security News

13 Jan 2024 00:56

NIST Warns of Security and Privacy Risks from Rapid AI System Deployment

As AI systems become integrated into online services at a rapid pace, in part driven by the emergence of generative AI systems like OpenAI's ChatGPT and Google's Bard, models powering these technologies face a number of threats at various stages of the machine learning operations.

📸 The Hacker News

@Cyber_Security_Channel

Cyber Security News

12 Jan 2024 01:38

Network Encryption Market Size Worth USD 8.56 Million in 2032 | Emergen Research

However, lack of knowledge about security threats leads to unregulated devices is a key factor, which could restrain market revenue growth.

This might pose a bigger danger if suitable security measures are not implemented, as possibility of containing malware is high.

@Cyber_Security_Channel

Cyber Security News

11 Jan 2024 06:20

SentinelOne Acquires PingSafe to Drive Cloud Security Capabilities

For customers, that means access to a unified security offering that features advanced, real-time, AI-powered security operations capable of protecting the entire enterprise across endpoints, identities, and clouds, the company said.

@Cyber_Security_Channel

Cyber Security News

10 Jan 2024 10:57

Cybercriminals Share Millions of Stolen Records During Holiday Break

That's the assessment of cybersecurity firm Resecurity after its researchers spotted several threat actors releasing substantial data dumps nearly simultaneously on and just before Christmas Eve.

Some of the data appeared to be from past data breaches but several of the other dumps were from new breaches, stolen, or copied from users all around the world.

@Cyber_Security_Channel

Cyber Security News

09 Jan 2024 16:04

Fallon Ambulance Service Data Breach Impacts 911K Individuals

NYC Health + Hospitals/Kings County notified patients of a potential protected health information (PHI) disclosure that occurred between October 2021 and August 2023.

A Kings County volunteer improperly accessed a laboratory to assist in the processing of lab test specimens for Kings County patients, despite not being authorized to work in the lab.

@Cyber_Security_Channel

Cyber Security News

08 Jan 2024 18:43

The Dark Side of AI: Large-scale Scam Campaigns Made Possible By Generative AI

LLMs can provide a wealth of knowledge with simple prompts, making it possible for anyone with minimal coding experience to write code.

With the help of interactive prompt engineering, one can generate a simple scam website and fake images.

While AI continues to bring about positive changes in our world, the rising trend of its misuse in the form of AI-generated scams cannot be ignored.

At Sophos, we are fully aware of the new opportunities and risks presented by generative AI models.

To counteract these threats, we are developing our security co-pilot AI model, which is designed to identify these new threats and automate our security operations.

@Cyber_Security_Channel

Cyber Security News

07 Jan 2024 22:47

Welltok Announces Data Breach That May Affect CHI Memorial Patients

Welltok mailed a notice to people whose information may have been in the affected files.

If you did not receive a letter, but want to make sure you aren't affected you can call Welltok's assistance line 800-628-2141.

@Cyber_Security_Channel

Cyber Security News

06 Jan 2024 18:49

💻 Useful Learning Opportunity to Make the Most from Your Holidays

ReactJS | Programming Notes and Flashcards

Our partners shared a special offer for our community:

→ 40+ pages and 225+ flashcards on every major concept of ReactJS

The Basics

- Modules, Props Children
- JSX, Components, Styling
- Routing, Links and Navigation
- Context, Component composition
- Props, JSX expressions, Events, State
- Submission, Navigating Programtically
- General, SPA , NodeJS NPM and NVM, Setup

Advanced

- Routing
- Tailwind
- Material UI
- Prop Types
- Virtual DOM
- HTTP Client
- Major Hooks
- Framer Motion
- Custom Hooks
- Chakra UI / React Icons

😎 Grab all of the above material with just one click:

→ https://gumroad.com/a/94518995/yxnaoo

Cyber Security News

04 Jan 2024 23:32

National Amusements Reveals Data Breach Amid Backlash Affecting 82,000+

The breach, which went unnoticed for months, was finally reported to the Maine Attorney General.

According to the company’s statement, an “unauthorized individual” accessed the company network on December 13, 2022.

However, National Amusements only became aware of the intrusion two days later.

@Cyber_Security_Channel

Cyber Security News

04 Jan 2024 01:28

Hackers in an Integris Health Data Breach Are Emailing Victims. What to Do if You Receive One

"We have contacted Integris Health, but they refuse to resolve this issue," the unknown sender wrote.

The emails threatened data breach victims by saying if they don't pay $50 worth of Bitcoin, their information will be sold to data brokers who operate on the dark web.

@Cyber_Security_Channel