Novant Health admits leak of 1.3m patients' info to FacebookBut don't worry, Zuck would never misuse this type of sensitive data Novant Health confirmed that it...
Day: August 30, 2022
If you haven’t patched Zimbra holes by now, assume you’re toast
If you haven't patched Zimbra holes by now, assume you're toastHere's how to detect an intrusion via vulnerable email systems Organizations that didn't immediately patch their...
Microsoft finds critical hole in operating system that for once isn’t Windows
Microsoft finds critical hole in operating system that for once isn't WindowsOh wow, get a load of Google using strcpy() all wrong – strcpy! Haha, you'll...
Smartphone gyroscopes threaten air-gapped systems, researcher finds
Smartphone gyroscopes threaten air-gapped systems, researcher findsNetwork interface card LEDs are a risk too by blinking in Morse code An Israeli security researcher known for foiling...
Twitter savaged by former security boss Mudge in whistleblower complaint
Twitter savaged by former security boss Mudge in whistleblower complaintLoose access to production systems, out of date software, and more claimed Twitter's former security chief Peiter...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Register
Lloyd’s to exclude certain nation-state attacks from cyber insurance policies
Lloyd's to exclude certain nation-state attacks from cyber insurance policiesKim Jong-un has entered the chat Updated Lloyd's of London insurance policies will stop covering losses from...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Register
Attacker snags account details from streaming service Plex
Attacker snags account details from streaming service Plex'Limited subset' of users have emails, usernames, and hashed passwords stolen from the platform Users of popular streaming and...
VMware confirms Carbon Black causes BSODs, boot loops on Windows
VMware confirms Carbon Black causes BSODs, boot loops on WindowsWell, you can't be attacked if your PC won't start VMware has admitted an update on some...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Proofpoint Threat Insights
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors
Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel SectorsContenido de la entradaLeer másProofpoint News Feed
80,000 internet-connected cameras still vulnerable after critical patch offered
80,000 internet-connected cameras still vulnerable after critical patch offeredJust more IoT conscripts for the botnet armies Tens of thousands of internet-facing IP cameras made by China-based...
Block sued after ex-staffer siphons customer data
Block sued after ex-staffer siphons customer data'Don't be such a Square' hits different these days Block – the digital payments giant formerly known as Square –...
0 - CT 0 - CT - SOC - CSIRT Operations - Malware & Ransomware 0 – CT – Cybersecurity Events & Conferences – Black Hat – US Cyber Security News The Register
Shout-out to whoever went to Black Hat and had North Korean malware on their PC
Shout-out to whoever went to Black Hat and had North Korean malware on their PCI am the one who NOCs The folks tasked with defending the...
Ever present danger
Ever present dangerRecognizing the signs of an impending ransomware attack with Red Canary Webinar It's no surprise that there has been an explosion in ransomware following...
Twitter, Meta kill hundreds of pro-Western troll accounts
Twitter, Meta kill hundreds of pro-Western troll accountsIt turns out online chicanery aiming to destabilize foreign nations is a two-way street Well known for an abundance...
Crooks target top execs on Office 365 with MFA-bypass scheme
Crooks target top execs on Office 365 with MFA-bypass scheme'Widespread' campaign hunts for multimillion-dollar transactions A business email compromise scheme targeting CEOs and CFOs using Microsoft...
LastPass source code, blueprints stolen by intruder
LastPass source code, blueprints stolen by intruderYour passwords are still safe, biz says Internal source code and documents have been stolen from LastPass by a cyber-thief.…...
Announcing Google’s Open Source Software Vulnerability Rewards Program
Announcing Google’s Open Source Software Vulnerability Rewards ProgramPosted by Francis Perron, Open Source Security Technical Program Manager, and Krzysztof Kotowicz, Information Security Engineer Today, we are...
0 - CT 0 - CT - Cyberattacks - Phishing 0 - CT - Cybersecurity Vendors - Cloudflare Cyber Security News The Register
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign
Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaignThis, this is more like what we mean by a sophisticated cyberattack Updated Criminals behind...
NIST’s Expanding International Engagement on Cybersecurity
NIST’s Expanding International Engagement on CybersecurityIn providing a foundation for cybersecurity advancements over the years, NIST has taken the global context into account when determining priorities...
0 - CT 0 - CT - Cyberattacks - Phishing 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Register
Now Oktapus gets access to some DoorDash customer info via phishing attack
Now Oktapus gets access to some DoorDash customer info via phishing attackDouble check who exactly you're sending your username and password to, eh? DoorDash has confirmed...
Google launches open-source software bug bounty program
Google launches open-source software bug bounty programGoogle will now pay security researchers to find and report bugs in the latest versions of Google-released open-source software (Google...
6 different types of CISOs and the environments they thrive in
6 different types of CISOs and the environments they thrive inEXECUTIVE SUMMARY: The CISO’s role is to protect the business from cyber threats, but often times...
0 - CT 0 - CT - Cybersecurity Vendors - RSA Security 0 - CT - Vulnerabilities Database Notepad - CVEs Haxf4rall Security
CVE-2022-2560: CompleteFTP Directory Traversal Arbitrary File Deletion Flaw
CVE-2022-2560: CompleteFTP Directory Traversal Arbitrary File Deletion FlawA high EnterpriseDT CompleteFTP vulnerability (CVE-2022-2560), which was discovered by rgod on Jun 7, 2022, just goes public today...
PyPI warns of first-ever phishing campaign against its users
PyPI warns of first-ever phishing campaign against its usersOn the bright side, top devs are getting hardware security keys The Python Package Index, better known among...
CVE-2022-31656: critical auth bypass flaw in multiple VMware products
CVE-2022-31656: critical auth bypass flaw in multiple VMware productsVMware on Tuesday announced patches for several critical and high-severity vulnerabilities affecting VMware Workspace ONE Access, Identity Manager,...
77% of security leaders fear we’re in perpetual cyberwar from now on
77% of security leaders fear we’re in perpetual cyberwar from now onAlso, Charming Kittens from Iran scrape email inboxes, France could fine Google again, and more...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad BLEEPINGCOMPUTER The Last Watchdog
GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers
GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email serversWeb application attacks directed at organizations’ web and mail servers continue...
0 - CT 0 - CT - Cybersecurity Vendors - RSA Security 0 – CT – Cybersecurity Events & Conferences – Black Hat – US BLEEPINGCOMPUTER The Last Watchdog
Black Hat Fireside Chat: Taking the fight to the adversaries — with continuous, proactive ‘pen tests’
Black Hat Fireside Chat: Taking the fight to the adversaries — with continuous, proactive ‘pen tests’Penetration testing – pen tests – traditionally have been something companies...
Receipt for €8M iOS Zero-Day Sale Pops Up on Dark Web
Receipt for €8M iOS Zero-Day Sale Pops Up on Dark WebDocuments appear to show that Israeli spyware company Intellexa sold a full suite of services around...
0 - CT 0 - CT - Cybersecurity Organizations - CISA 0 – CT – Cybersecurity Architecture – Crypto Security Cyber Security News DARKReading
A Peek Into CISA’s Post-Quantum Cryptography Roadmap
A Peek Into CISA's Post-Quantum Cryptography RoadmapTo help organizations with their plans, NIST and the Department of Homeland Security developed the Post-Quantum Cryptography Roadmap.Leer másDark ReadingTo...