Microsoft has released the Windows 10 KB5025221 and KB5025229 cumulative updates for versions 22H2, version 21H2, version 21H1, and 1809 to fix problems in the operating...
Day: April 11, 2023
Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws
Today is Microsoft’s April 2023 Patch Tuesday, and security updates fix one actively exploited zero-day vulnerability and a total of 97 flaws. Seven vulnerabilities have been...
Kodi discloses data breach after forum database for sale online
The Kodi Foundation has disclosed a data breach after hackers stole the organization’s MyBB forum database containing user data and private messages and attempted to sell...
3CX confirms North Korean hackers behind supply chain attack
VoIP communications company 3CX confirmed today that a North Korean hacking group was behind last month’s supply chain attack. “Based on the Mandiant investigation into the...
Cybercriminals charge $5K to add Android malware to Google Play
Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000, depending on the type of malicious...
Car Thieves Hacking the CAN Bus
HomeBlog Car Thieves Hacking the CAN Bus Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool...
The Practical Side of ZTNA: How it Helps Harden Defenses
By Timothy Liu, CTO and co-founder, Hillstone Networks In the cybersecurity world, buzzwords seem proliferate with the changing of the wind. Currently zero-trust network access, or...
Organizations Have Security Priorities Mismatched as Breaches Continue to Rise
By Tyler Farrar, CISO, Exabeam According to the Exabeam State of the SIEM survey, security professionals remain confident in the face of modernizing adversaries despite rising...
US Scrambles to Investigate Military Intel Leak
Pentagon officials are reportedly racing to identify the source of a leak of military intelligence, which could disrupt Ukraine’s planned spring offensive against Russian troops. Scores...
KFC Owner Discloses Data Breach
A leading US fast food company has been sending out breach notification letters to individuals impacted by a ransomware incident that occurred in January. Yum Brands...
Latitude Financial Refuses to Pay Ransom
A leading Australian lender has refused to pay online extorters demanding a ransom for the personal data they stole on an estimated 14 million customers. Latitude...
Apple released emergency updates to fix recently disclosed zero-day bugs on older devices
Apple released updates to backport patches addressing two actively exploited zero-day vulnerabilities in older iPhones, iPads, and Macs. Apple has released emergency updates to backport security patches that...
A cyber attack hit the water controllers for irrigating fields in the Jordan Valley
A cyber attack paralyzed the water controllers for irrigating fields in the Jordan Valley that are operated by the Galil Sewage Corporation. A cyberattack blocked several...
CISA adds zero-day bugs in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog
US Cybersecurity and Infrastructure Security Agency (CISA) added two flaws in iPhones, Macs, and iPads to its Known Exploited Vulnerabilities catalog. U.S. Cybersecurity and Infrastructure Security...
SD Worx shuts down UK and Ireland services after cyberattack
Belgian HR giant SD Worx was forced to shut down its IT infrastructure for its UK and Ireland services after a cyber attack. HR and payroll...
Sophos patches three issues in the Sophos Web Security appliance, one of them rated as critical
Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw that can lead to code execution. Cybersecurity vendor Sophos addressed three vulnerabilities in Sophos...
Iran-linked MERCURY APT behind destructive attacks on hybrid environments
Iran-linked APT group MERCURY is behind destructive attacks on hybrid environments masquerading as a ransomware operation. The Microsoft Threat Intelligence team observed a series of destructive attacks...
White House Probes Classified Intelligence ‘Discord Leaks’
Critical Infrastructure Security , Government , Industry Specific Leaks Likely as Significant as Snowden Files, Vault 7, Shadow Brokers, Expert Says Mathew J. Schwartz (euroinfosec) •...
How Much Damage Would US Action Against Kaspersky Inflict?
Cyberwarfare / Nation-State Attacks , Endpoint Security , Fraud Management & Cybercrime Enforcement Action Could Deal Fatal Blow to Kaspersky’s North American Business Michael Novinson (MichaelNovinson)...
(Plenary) How to Win Cyberwars With Military Strategies and Techniques
Thank you for registering with ISMG Complete your profile and stay up to date Need help registering? Contact Support
Live Webinar | Understanding 3rd Party App Risk to Google Workspace Data
Nick Harrahill Director of Support, Spin.AI Nick Harrahill is an experienced cyber security and business leader who is Director of Support at Spin.AI. Nick’s industry experience...
Expert Insights: Safeguarding Your Hybrid Workforce with 5 Key SOC Best Practices
Eric Howard Cisco Global Technical Marketing Engineer Eric Howard is a Technical Leader for Cisco’s Threat Intelligence, Detection and Response product team. He leads a team...
ENISA: Software vulnerability prevention initiatives
From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations’ risk management capabilities. But no one is showing them...
Accounting of Disclosures Under the HITECH Act
From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations’ risk management capabilities. But no one is showing them...
FFIEC Final Authentication Guidance
From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations’ risk management capabilities. But no one is showing them...
Annual Report to Congress on Breaches of Unsecured Protected Health Information
From heightened risks to increased regulations, senior leaders at all levels are pressured to improve their organizations’ risk management capabilities. But no one is showing them...
Microsoft Gets Court Order to Sinkhole Cobalt Strike Traffic
Fraud Management & Cybercrime , Healthcare , Industry Specific Order Affects Malicious Domains, Server IP Addresses Hosted by US Data Centers David Perera (@daveperera) • April...
Round-Robin DNS Explained. What It Is and How It Works
The Round-robin DNS is a load-balancing technique that helps manage traffic and avoid overloading servers. Multiple IP addresses are assigned to a single domain name; each...
Oldest Law Practice in NYC Hacked, over 90,000 Clients Impacted
Almost 90,000 clients’ personal information was compromised in the cyberattack on the prestigious law firm Cadwalader, Wickersham & Taft. The law firm informed its clients on...
Apple zero-day spyware patches extended to cover older Macs, iPhones and iPads
Last week, we warned about the appearance of two critical zero-day bugs that were patched in the very latest versions of macOS (version 13, also known...