Security News Bundle

"Student's flimsy bin bags blamed for latest NHS data breach."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 June 2024, 1414 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895/Security News Bundle.

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

24

MOST POPULAR

Men’s Mental Health Week: Resource Guide
Men's Mental Health Month awareness
IT Security Guru 16min
10 th – 16 th June 2024 is International Men’s Mental Health Week. It may feel like there are too many ‘awareness dates’, however this week is especially important. Men are far less likely to talk about mental health than women (it is thought that only 36% of referrals to NHS talking therapies are for men and 40% of men have never spoken about their mental health). This is despite the fact that t

TODAY

GAO reminds White House of cyber backlog
CyberScoop 16min
A congressional watchdog is sending a reminder to the White House that it has a long laundry list of cybersecurity regulations to address as the 2024 election draws near. The Government Accountability Office is breaking biennial tradition with the latest update to its “high-risk list,” a term the watchdog uses to denote areas that are “vulnerable to waste, fraud, abuse, or mismanagement, or in ne
Why SaaS Security is Suddenly Hot: Racing to Defend and Comply
38The Hacker News 2h
Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries are expected to follow. Many companies still don’t have efficient methods to manage related time-sensitive SaaS security and compliance tasks. Free SaaS risk assessment tools are an easy and practical way to bring visibility and initial
Pakistan-linked Malware Campaign Evolves to Target Windows, Android, and macOS
2 TTPs
32The Hacker News 3h
Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are administered using another standalone tool referred to as GravityAdmin. The
Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware
7 TTPs
32The Hacker News 3h
SSLoad malware uses MSI installer
The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer. "The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing self-modifying techniques to evade detection," security researchers Nicole Fishbein and Ryan Robinson said in

YESTERDAY

Multiple flaws in Fortinet FortiOS fixed
2 TTPs
Security Affairs 4h
Fortinet released security updates to address multiple vulnerabilities in FortiOS, including a high-severity code execution security issue. Fortinet addressed multiple vulnerabilities in FortiOS and other products, including some code execution flaws. The company states that multiple stack-based buffer overflow vulnerabilities in the command line interpreter of FortiOS [CWE-121], collectively tra
Ukraine Police Arrest Suspect Linked to LockBit and Conti Ransomware Groups
Data Encrypted for Impact (Enterprise T1486)
52The Hacker News 5h
Ukraine police arrest ransomware developer
The Cyber Police of Ukraine has announced the arrest of a local man who is suspected to have offered their services to LockBit and Conti ransomware groups. The unnamed 28-year-old native of the Kharkiv region allegedly specialized in the development of crypters to encrypt and obfuscate malicious payloads in order to evade detection by security programs. The product is believed to have been
Google Warns of Pixel Firmware Security Flaw Exploited as Zero-Day
62The Hacker News 6h
Google has warned that a security flaw impacting Pixel Firmware has been exploited in the wild as a zero-day. The high-severity vulnerability, tagged as CVE-2024-32896, has been described as an elevation of privilege issue in Pixel Firmware. The company did not share any additional details related to the nature of attacks exploiting it, but noted "there are indications that CVE-2024-32896 may be
New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems
5 TTPs
34The Hacker News 7h
Chinese hackers use Noodle RAT
A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said "this backdoor is not merely a variant of existing malware, but is a new type altogether."
Time to zero in on Zero Trust?
The Register – Security 11h
Recently discovered vulnerabilities in VPN services should push ASEAN organizations to rethink their perimeter security approach Sponsored Post Companies the ASEAN region have long relied on a virtual private network (VPN) to help encrypt their Internet traffic and protect users' online identities.…

END OF FEED

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more