π½ Public-Private Partnership for Cybersecurity π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
Sixtyeight technology companies have joined the Cybersecurity and Infrastructure Security Agencys CISA Joint Cyber Defense Collaborative JCDC. This publicprivate partnership aims to bolster the nations cyber defenses by fostering collaboration between government agencies and private sector organizations. This significant move comes in response to the increasing frequency and sophistication of.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
Be4Sec
Public-Private Partnership for Cybersecurity
Sixty-eight technology companies have joined the Cybersecurity and Infrastructure Security Agencyβs (CISA) Joint Cyber Defense Collaborative (JCDC). This public-private partnership aims to boβ¦
β€1
ποΈ FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. "The threat actors used malicious websites to impersonate wellknown brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The Wall.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€2
π½ The Future of Information Warfare: LLMs and the Fight for Truth π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
A recent investigation by Recorded Future, a threat intelligence firm, has raised alarms about the use of Large Language Models LLMs as a powerful tool in information warfare. The company uncovered a network called CopyCop, allegedly linked to Russia, which has been leveraging LLMs to manipulate news from mainstream media.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
be4sec
The Future of Information Warfare: LLMs and the Fight for Truth
A recent investigation by Recorded Future, a threat intelligence firm, has raised alarms about the use of Large Language Models (LLMs) as a powerful tool in information warfare. The company uncoverβ¦
β€1
π½ Claiming Access to Zscaler π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
The Englishspeaking actor named IntelBroker claimed that she gained access to Zscaler and that this access information was for sale in Breachforums. Allegedly, the actor has SMTP, certificate and many other access. BreachForums, also known as Breached, was a notorious Englishlanguage hacking forum launched in March 2022 as a successor.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
Be4Sec
Claiming Access to Zscaler
The English-speaking actor named IntelBroker claimed that she gained access to Zscaler and that this access information was for sale in Breachforums. Allegedly, the actor has SMTP, certificate and β¦
π’ 5 takeaways from RSA Conference 2024 π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
RSA racks up hefty roster of keynote speakers to tout 'Art of Possible'.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Five things we learned from the 2024 RSA Conference
Speakers at the 2024 RSA Conference painted a bleak picture for the future of the cyber security industry
β€1
π’ Identity plays a critical role in protecting your business, how will you respond when compromised? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Drawing on experiences from a recent data breach, we look at one companys efforts to reform the industry through a strategic approach to fighting cyberthreats.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Identity plays a critical role in protecting your business, how will you respond when compromised?
Drawing on experiences from a recent data breach, we look at one companyβs efforts to reform the industry through a strategic approach to fighting cyberthreats
ποΈ Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has been found concealing a Golangversion of the Sliver commandandcontrol C2 framework within a PNG image of the project's logo. The package employing this steganographic trickery is requestsdarwinlite, which has been.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Black Basta Ransomware Victim Count Tops 500 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Black Basta Ransomware Victim Count Tops 500
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
π Threat Actor Claims Major Europol Data Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor known as IntelBroker claims to be selling confidential Europol data after a May breach.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Claims Major Europol Data Breach
A threat actor known as IntelBroker claims to be selling confidential Europol data after a May breach
ποΈ SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In the last decade, there has been a growing disconnect between frontline analysts and senior management in IT and Cybersecurity. Welldocumented challenges facing modern analysts revolve around a high volume of alerts, false positives, poor visibility of technical environments, and analysts spending too much time on manual tasks. The Impact of Alert Fatigue and False Positives Analysts.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to access sensitive information and achieve code execution. "These vulnerabilities include critical flaws that permit remote code execution and unauthorized privilege escalation, posing substantial risks to integral communication networks and IoT.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Black Basta ransomwareasaservice RaaS operation has targeted more than 500 private industry and critical infrastructure entities in North America, Europe, and Australia since its emergence in April 2022. In a joint advisory published by the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the Department of Health and Human Services HHS.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ What is a TOAD attack? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Find out what this means for your business, and what you can do to protect it.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
What is a TOAD attack?
Telephone-oriented attack delivery (TOAD) is on the rise β to protect staff, leaders must deploy robust identity controls
ποΈ The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attackers. From account takeovers to malicious extensions to phishing attacks, the browser is a means for stealing sensitive data and accessing organizational systems. Security leaders who are planning their security architecture.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Ascension Ransomware Attack Diverts Ambulances, Delays Appointments π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ascension Ransomware Attack Diverts Ambulances, Delays Appointments
A ransomware attack on US private healthcare provider Ascension has disrupted patient care, with several hospitals currently on diversion
βοΈ How Did Authorities Identify the Alleged Lockbit Boss? βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy, saying the charges don't explain how they connected him to Khoroshev. This post examines the activities of Khoroshev's many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
How Did Authorities Identify the Alleged Lockbit Boss?
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guyβ¦
π’ Whatβs going on with Zscaler? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Zscaler has received praise from cyber professionals for its response to an alleged data breach, but as the saga continues, customer uncertainty remains.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Zscaler praised for swift response amid data breach claims β but what happened?
Zscaler has received praise from cyber professionals for its response to an alleged data breach, but as the saga continues, customer uncertainty remains
π΅οΈββοΈ Why Tokens Are Like Gold for Opportunistic Threat Actors π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
When setting authentication token expiry policies, always lean in to security over employee convenience.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Why Tokens Are Like Gold for Opportunistic Threat Actors
When setting authentication token expiry policies, always lean into security over employee convenience.
π’ Dell hacker claims they had access to systems for nearly three weeks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The hacker trying to sell a Dell database containing 49 million customer records claims he was able to persist on the companys systems for several weeks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Dell hacker claims they had access to systems for nearly three weeks
The hacker trying to sell a Dell database containing 49 million customer records claims he was able to persist on the companyβs systems for several weeks
π¦Ώ Best Encryption Software and Tools π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
This is a comprehensive list of best encryption software and tools, covering their features, pricing and more. Use this guide to determine your best fit.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
The 7 Best Encryption Software Choices for 2024
This is a comprehensive list of the best encryption software and tools, with features, pricing and more. Use this guide to find your best fit.
ποΈ MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The MITRE Corporation has officially made available a new threatmodeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them," the nonprofit said.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity