Security News Bundle

"Cybersecurity in race to unmask new wave of AI-borne deep fakes."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 11 May 2024, 1402 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895/Security Bundle.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

203

MOST POPULAR

TODAY

A cyberattack hit the US healthcare giant Ascension
Ascension Hospitals face cyberattacks disruptions
Security Affairs 3h
A cyberattack hit the US Healthcare giant Ascension and is causing disruption of the systems at hospitals in the country. Ascension is one of the largest private healthcare systems in the United States, ranking second in the United States by the number of hospitals as of 2019. The organization was hit by a ransomware attack that severely impacted operations at hospitals in the country. Impacted s

YESTERDAY

FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
10 TTPs
36The Hacker News 6h
FIN7 exploits Google Ads
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall
Forget AI: Physical threats are biggest risk facing the 2024 election
CyberScoop 17h
SAN FRANCISCO — 2024 could turn out to be the year in which artificial intelligence upends the U.S. election, but at America’s largest cybersecurity conference, federal officials charged with protecting the vote said they are most concerned with a far more analog threat: physical violence directed at election administrators. While many election officials are concerned about issues of disinformati
House panel leaders call on Microsoft president to testify over security shortcomings
House committee summons Microsoft President
CyberScoop 19h
Leaders of the House Homeland Security Committee want Microsoft President Brad Smith to testify before their panel in the aftermath of accumulating cybersecurity incidents that have drawn ample negative attention to the tech giant. In particular, the committee is zeroing in on a Cyber Safety Review Board report that faulted Microsoft for “a cascade of security failures” that abetted Chinese gover
Dark Reading 'Drops' Its First Podcast
Dark Reading 22h
Our brand-new podcast, Dark Reading Confidential, has officially launched. You don't want to miss our first episode with the CISO and chief legal officer from Reddit and a cybersecurity attorney, who share their thoughts and advice for CISOs on the new SEC breach disclosure rules.
North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms
3 TTPs
79The Hacker News 22h
The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. "Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads, and exfiltration of files,"
Boeing refused to pay $200 million LockBit ransomware demand
Boeing confirms $200M ransomware extortion
Graham Cluley 1d
Boeing has confirmed that it received a demand for a massive $200 million after a ransomware attack by the notorious LockBit hacking group in October 2023. The company confirmed its link to the indictment of Dmitry Yuryevich Khoroshev, who was identified this week by the US Department of Justice as the true identity of LockBitSupp, the kingpin of the LockBit gang. Read more in my article on the Ho
CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)
48The Hacker News 1d
Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, "The Future of Threat Hunting is Powered by Generative AI," where you'll explore how AI tools are shaping the future of cybersecurity defenses. During the session, Censys Security Researcher Aidan Holland will
Google fixes fifth actively exploited Chrome zero-day this year
20Security Affairs 1d
Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. Google this week released security updates to address a zero-day flaw, tracked as CVE-2024-467, in Chrome browser. The vulnerability is the fifth zero-day flaw in the Google browser that is exploited in the wild since the start of the year. The vulnerability is
Russia-linked APT28 targets government Polish institutions
IoC > 2 domains
Security Affairs 1d
9 TTPs
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28. CERT Polska and CSIRT MON teams issued a warning about a large-scale malware campaign targeting Polish government institutions, allegedly orchestrated by the Russia-linked APT28 group. The attribution of the attacks to the Russian APT is based on similarities with TTPs empl
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
100+The Hacker News 1d
Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024. Use-after-free bugs, which arise when a program
What's the Right EDR for You?
23The Hacker News 1d
A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint
Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials
81The Hacker News 1d
Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users' credentials from compromised devices. "This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices," the SonicWall Capture Labs threat research team said in a recent report. The

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more