"Hackers could exploit Google Workplace and cloud platform for ransomware activities."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 16 November 2023, 1353 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security Bundle" from https://feedly.com).

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

19

MOST POPULAR

Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks

2 TTPs

•

55The Hacker News / 1h

•

weaknesses Google Workspace

A set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. "Starting from a single compromised machine, threat actors could progress in several ways: they could move to other cloned machines with GCPW installed, gain access

Samsung suffered a new data breach

Samsung data breach affects customers

•

Security Affairs / 1h

Samsung Electronics disclosed a data breach that exposed customer personal information to an unauthorized individual. Samsung Electronics suffered a data breach that exposed the personal information of some of its customers to an unauthorized individual. The security breach was discovered on November 13, 2023, and impacted customers who made purchases from the Samsung UK online store between July

Threat Intel: To Share or Not to Share is Not the Question

SecurityWeek / 15min

To share or not to share threat intelligence isn’t the question. It’s how to share, what to share, where and with whom. The post appeared first on SecurityWeek .

TODAY

CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks

6 TTPs

•

26The Hacker News / 42min

The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC). "Observed as a ransomware-as-a-service (RaaS)

Royal Mail’s recovery from ransomware attack will cost business at least $12M

The Register – Security / 1h

First time hard figure given on recovery costs for January incident Royal Mail's parent company has revealed for the first time the infrastructure costs associated with its January ransomware attack.…

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware gang files SEC complaint

•

SecurityWeek / 1h

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers. The post appeared first on SecurityWeek .

SoSafe Pioneers Personalised Approach to Awareness Training

IT Security Guru / 1h

Security awareness and training company SoSafe has announced the launch of the next-generation of personalised learning. The news was revealed at their Human Firewall Conference earlier this week. This latest innovation aims to make secure behaviour second nature for humans. SoSafe’s personalisation engine multiplies the learning effect while saving up to 30% of time investment of employees. User

How to Automate the Hardest Parts of Employee Offboarding

34The Hacker News / 1h

According to recent research on employee offboarding, 70% of IT professionals say they’ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn't deprovisioned, a surprise bill for resources that aren’t in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five hours

YESTERDAY

FBI and CISA warn of attacks by Rhysida ransomware gang

8 TTPs

•

Security Affairs / 4h

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors. FBI and CISA published a joint Cybersecurity Advisory (CSA) to warn of Rhysida ransomware attacks against organizations across multiple industry sectors. The report is part of the ongoing #StopRansomware effort that disseminates advisories about tactics, techniques,

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

Network Denial of Service (Enterprise T1498)

•

91The Hacker News / 7h

Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace," Denmark's SektorCERT said [PDF]. "The

Hundreds of websites cloned to run ads for Chinese football gambling outfits

The Register – Security / 10h

Linked to org that UK authorities found once failed its anti-money-laundering obligations Swedish digital rights organization Qurium has discovered around 250 cloned websites and suggested they exist to drive people to China-linked gambling sites.…

Ransomware gang files SEC complaint over victim’s undisclosed breach

100+BleepingComputer / 11h

The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack. [...]

Clorox CISO flushes self after multimillion-dollar cyberattack

CISO leaves after cyberattack

•

The Register – Security / 13h

Plus: Ransomware crooks file SEC complaint against victim The Clorox Company's chief security officer has left her job in the wake of a corporate network breach that cost the manufacturer hundreds of millions of dollars.…

Smashing Security podcast #348: Hacking for chimp change, and AI chatbot birthday

Graham Cluley / 13h

Who's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Samsung hit by new data breach impacting UK store customers

Samsung Confirms data

•

36BleepingComputer / 14h

Samsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual. [...]

ALTR Closes $25M Series C Financing

ALTR secures $25M for data security

•

Dark Reading / 15h

[no content]

Egress and KnowBe4 Extend Partnership to Offer AI-based Adaptive Email Security and Training

22Dark Reading / 15h

[no content]

Rackspace Ransomware Costs Soar to Nearly $12M

32Dark Reading / 16h

Rackspace's 2022 ransomware attack costs only continue to mount, with lawsuits in the offing — and show the long-tail costs of a cyberattack.

'AlphaLock' Hackers Launch 'Pen-Testing Training' Group

39Dark Reading / 16h

With a two-pronged approach, the group trains its hackers in penetration testing, only to set them free to build a marketplace for pen-testing services.

END OF FEED