"FreeBSD Foundation hands out Beacon gongs for safer software."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 March 2024, 1414 UTC.

Content and Source:   https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895/Security News Bundle.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

22

MOST POPULAR

FreeBSD Foundation hands out Beacon gongs for safer software

The Register – Security / 3h

Multiple CHERI-related projects win money for important research that prizes safety over speed The inaugural Beacon Awards has handed three prizes to projects working on safer software for CHERI-enabled hardware running on the CheriBSD operating system.…

US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities

CISA and FBI urge eliminating SQL injection

•

SecurityWeek / 2h

CISA and the FBI issue a secure-by-design alert on eliminating SQL injection vulnerabilities from software. The post appeared first on SecurityWeek .

Dubious NuGet Package May Portend Chinese Industrial Espionage

Dark Reading / 2h

A .NET package available for download right now is either a stealthy industrial systems backdoor or nothing at all.

TODAY

How New-Age Hackers Are Ditching Old Ethics

Dark Reading / 12min

Staying up to date and informed on threat-actor group behavior is one way both organizations and individuals can best navigate the continually changing security landscape.

UK, New Zealand against China-linked cyber operations

Email Collection (Enterprise T1114)

•

Security Affairs / 40min

•

China cyber attacks target UK

UK, Australia and New Zealand are accusing China-linked threat actors of cyber operations against UK institutions and parliamentarians. GCHQ’s National Cyber Security Centre believes that China-linked cyberespionage group APT31 was responsible for cyber attacks against UK parliamentarians’ emails in 2021. The UK intelligence believes that China-linked threat actors also compromised the UK Elector

Ransomware can mean life or death at hospitals, but DEF CON hackers have a plan

The Register – Security / 53min

ARPA-H joins the challenge, adds $20M to cash rewards Interview As ransomware gangs target critical infrastructure – especially hospitals and other healthcare organizations – DARPA has added another government agency partner to its Artificial Intelligence Cyber Challenge (AIxCC).…

Apple Patches Code Execution Vulnerability in iOS, macOS

Exploitation for Client Execution (Enterprise T1203)

•

SecurityWeek / 1h

Apple has released iOS 17.4.1 and macOS Sonoma 14.4.1 with patches for an arbitrary code execution vulnerability. The post appeared first on SecurityWeek .

U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation

3 TTPs

•

The Hacker News / 1h

•

US accuses China of hacking

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong (

Crafting Shields: Defending Minecraft Servers Against DDoS Attacks

34The Hacker News / 1h

Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains

Award Winning Cyber Start-up Raises £3m Led By Fuel Ventures To Empower Employees To Protect Themselves

IT Security Guru / 2h

Today, Think Cyber Security Ltd has announced that it has raised a £3 million late seed funding round to deliver measurable secure behaviour change. The multi-award winning , National Cyber Security Centre recognised firm offers an innovative and uniquely real-time Redflags® subscription software solution which gently guides and nudges staff to secure behaviours, with measurable impact. UK invest

Expert Insight: DEI and the Recruitment Wall

IT Security Guru / 2h

Diversity, Equity and Inclusion (DEI) initiatives are now well established in cybersecurity with only 8% of businesses saying they did not have any, according to the ISC2 Cybersecurity Workforce Study 2023 . But while these are well-established internally, businesses are still failing to communicate their commitment when recruiting, stacking the odds against applicants from diverse or minority ba

It's Time to Stop Measuring Security in Absolutes

Dark Reading / 3h

All-or-nothing security policies strain resources by aiming for perfection. We need a better way to assess progress.

Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

Command and Scripting Interpreter (Enterprise T1059)

•

SecurityWeek / 3h

CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild. The post appeared first on SecurityWeek .

UK, New Zealand Accuse China of Cyberattacks on Government Entities

Email Collection (Enterprise T1114)

•

SecurityWeek / 3h

•

China breaches NZ parliamentary network

Australia and New Zealand support the UK in condemning Chinese hackers for targeting UK institutions and parliamentarians. The post appeared first on SecurityWeek .

US Treasury Dep announced sanctions against members of China-linked APT31

US, UK sanction Chinese hackers

•

Security Affairs / 3h

The US Treasury Department announced sanctions on two APT31 Chinese hackers linked to attacks against organizations in the US critical infrastructure sector. The US government announced sanctions against a pair of Chinese hackers (Zhao Guangzong and Ni Gaobin), alleged members of the China-