π Schneider Electric Confirms Data Accessed in Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Schneider Electric Confirms Data Accessed in Ransomware Attack
Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division
π» Apple accuses UK gov't of βunprecedented overreachβ on privacy π»
π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
In the name of security, the UK government may well have put a cybersecurity target on the nations back, with Apple once again warning that proposed changes to the Investigatory Powers Act 2016 are a serious and direct threat to data security and information privacy.We are deeply concerned about the amendments to the Investigatory Powers Bill currently before Parliament, which will put the privacy and security of users at risk," Apple said in a statement. This is an unprecedented overreach by the government and, if implemented, the UK new user protections could be secretly vetoed globally, preventing us from ever delivering them to customers.To read this article in full, please click here.π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
Computerworld
Apple accuses UK gov't of βunprecedented overreachβ on privacy
Apple warns that proposed UK laws are a βserious and direct threat to data security and information privacy.β
βοΈ Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
On Jan. 9, 2024, U.S. authorities arrested a 19yearold Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIMswapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accusedβ¦
𧨠Was the Fake Joe Biden Robocall Created with AI? π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
As voters in the recent New Hampshire primary have found, a fake robocall of President Joe Biden has been making... The post Was the Fake Joe Biden Robocall Created with AI? appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
Was the Fake Joe Biden Robocall Created with AI? | McAfee Blog
As voters in the recent New Hampshire primary have found, a fake robocall of President Joe Biden has been making the rounds. Using AI voice-cloning
π΅οΈββοΈ Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Chinalinked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure
The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.
π΅οΈββοΈ Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity
π΅οΈββοΈ Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.
π΅οΈββοΈ 'Cactus' Ransomware Strikes Schneider Electric π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Schneider's Sustainability division, which provides software and consulting services to enterprises, was felled by cybercriminals in midJanuary.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'Cactus' Ransomware Strikes Schneider Electric
Schneider's Sustainability division, which provides software and consulting services to enterprises, was felled by cybercriminals in mid-January.
π1
π΅οΈββοΈ Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The RCEauth bypass bugs in Connect Secure VPNs have gone unpatched for 20 days as statesponsored groups continue to backdoor Ivanti gear.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Ivanti Zero-Day Patches Delayed as 'KrustyLoader' Attacks Mount
The RCE/auth bypass bugs in Connect Secure VPNs have gone unpatched for 20 days as state-sponsored groups continue to backdoor Ivanti gear.
π1
π’ From complexity to clarity: The channel opportunity in streamlining cyber security π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Upcoming legislation and a rapidly evolving threat landscape means organizations can't afford to lose track of security transformation plans and the channel can play a key role in bolstering defenses.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
From complexity to clarity: The channel opportunity in streamlining cyber security
Upcoming legislation and a rapidly evolving threat landscape means organizations can't afford to lose track of security transformation plans - and the channel can play a key role in bolstering defenses
ποΈ New Glibc Flaw Grants Attackers Root Access on Major Linux Distros ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library aka glibc. Tracked as CVE20236246, the heapbased buffer overflow vulnerability is rooted in glibc's vsysloginternal function, which is used by syslog and vsyslog for system logging purposes. It's said to have been accidentally.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A pair of recently disclosed zeroday flaws in Ivanti Connect Secure ICS virtual private network VPN devices have been exploited to deliver a Rustbased payload called KrustyLoader that's used to drop the opensource Sliver adversary simulation tool. The security vulnerabilities, tracked as CVE202346805 CVSS score 8.2 and CVE202421887 CVSS score 9.1, could be abused.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π City Cyber Taskforce Launches to Secure Corporate Finance π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new initiative led by the ICAEW and NCSC launches today to improve cybersecurity during deals and investments.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
City Cyber Taskforce Launches to Secure Corporate Finance
A new initiative led by the ICAEW and NCSC launches today to help improve cybersecurity during deals and investments
π Citibank Sued For Failing to Protect Fraud Victims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
New York attorney general launches legal case against Citi for failing to reimburse or protect fraud victims.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Citibank Sued For Failing to Protect Fraud Victims
New York attorney general launches legal case against Citi for failing to reimburse or protect fraud victims
π¦Ώ Gift Yourself a Year of Online Protection for Only $50 Through 2/4 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Requesting the removal of your most confidential data from the internet is a complicated process unless you have Incogni, which can do it in a few clicks.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Gift Yourself a Year of Online Protection for Only $50 Through 2/4
Requesting the removal of your most confidential data from the internet is a complicated process unless you have Incogni, which can do it in a few clicks.
ποΈ The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The SEC isnt giving SaaS a free pass. Applicable public companies, known as registrants, are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a breach that was stored onpremise, in the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Googleowned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. "UNC4990 operations generally involve widespread USB infection followed by the deployment of the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Most UK firms pay ransom pay ransomware demands, despite βdo not payβ policies π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
With ransomware attacks on the rise, organizations are paying up but still take weeks to recover.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Most UK firms pay ransomware demands, despite βdo not payβ policies
With ransomware attacks on the rise, organizations are paying up but still take weeks to recover
π’ BCDR buyer's guide for MSPs π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
How to choose a business continuity and disaster recovery solution.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
BCDR buyer's guide for MSPs
How to choose a business continuity and disaster recovery solution
π¨ Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure π¨
π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure ICS and Ivanti Policy Secure IPS gateways CVE202346805, CVE202421887, CVE202421888 and CVE202421893, and follow the latest vendor advice.π Read more.
π Via "UK NCSC"
----------
ποΈ Seen on @cibsecurity
www.ncsc.gov.uk
Exploitation of vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure
Organisations are encouraged to take immediate action to mitigate vulnerabilities affecting Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) gateways (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893, CVE-2024-22024), and followβ¦
π US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US said the two Egyptian nationals provided cybersecurity training and support to ISIS leadership and supporters, as well as helping enable the group to use cryptocurrency.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity
The US said the two Egyptian nationals provided cybersecurity training and support to ISIS leadership and supporters, as well as helping enable the group to use cryptocurrency
π1