π½ Daily Leaks β Canada & China π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
In a Telegram group, two important data advertised by threat actors. The first one is 13 million pieces of Canadian homeowners PII. It is claimed that the data includes first name, last name, street Address, address 2, city, province, postal code, phone, income, age, sex, home ownership, language, family status,.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
Be4Sec
Daily Leaks β Canada & China
In a Telegram group, two important data advertised by threat actors. The first one is 13 million pieces of Canadian homeownersβ PII. It is claimed that the data includes first name, last name, streβ¦
π’ Hackers are targeting Windows Quick Assist remote desktop features to deploy ransomware π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Remote access tools such as Windows Quick Assist continue to be a key target for threat actors, with Microsoft issuing another warning about the risk of ransomware attacks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added two security flaws impacting DLink routers to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows CVE2014100005 A crosssite request forgery CSRF vulnerability impacting DLink DIR600 routers that allows an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Why siloed thinking could be undermining your zero trust strategy π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Despite the majority of businesses now moving towards a zero trust strategy, a siloed view of security means many are unable to fully embrace everything the technology has to offer.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Why siloed thinking could be undermining your zero trust strategy
Despite the majority of businesses now moving towards a zero trust strategy, a siloed view of security means many are unable to fully embrace everything the technology has to offer
π¦Ώ Restore Damaged Files & Save Your Business for Only $50 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Regardless of how badly your files, or their formats, are damaged, EaseUS Fixo can restore your office files, videos and photos, even in batches. Get a lifetime subscription for 49.99 at TechRepublic Academy.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Restore Damaged Files & Save Your Business for Only $50
Regardless of how badly your files, EaseUS Fixo can restore them, even in batches. Get a lifetime subscription for $49.99.
ποΈ Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Kimsuky aka Springtail advanced persistent threat APT group, which is linked to North Korea's Reconnaissance General Bureau RGB, has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is "structurally almost identical to GoBear, with extensive sharing of code between.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Patient Data at Risk in MediSecure Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Electronic prescriptions provider MediSecure said the attack originated from a thirdparty vendor, and has impacted individuals personal and health information.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Patient Data at Risk in MediSecure Ransomware Attack
Electronic prescriptions provider MediSecure said the attack originated from a third-party vendor, and has impacted individualsβ personal and health information
π¦Ώ Get on Cybersecurity Certification Track With $145 Off These Courses π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
This 50 bundle can get you five courses to enable you to earn CompTIA, NIST and more leading cybersecurity certifications that will help you build a career.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Get on Cybersecurity Certification Track With These Courses
This $50 bundle can get you five courses to enable you to earn CompTIA, NIST and more leading cybersecurity certifications.
π’ Fake invoice scams are still a major threat to enterprises β and theyβre only going to get stealthier π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Fake invoice scams are not a new trend, research shows, but hackers are refining these attacks to make sure they stay an effective entry method.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Fake invoice scams are still a major threat to enterprises β and theyβre only going to get stealthier
Fake invoice scams are not a new trend, research shows, but hackers are refining these attacks to make sure they stay an effective entry method
π΅οΈββοΈ Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever and time is running short before ZDI releases exploit details.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft Has Yet to Patch 7 Pwn2Own Zero-Days
A number of serious Windows bugs still haven't made their way into criminal circles, but that won't remain the case forever β and time is running short before ZDI releases exploit details.
ποΈ New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new report from XM Cyber has found among other insights a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk The State of Exposure Management in 2024, is based on hundreds of thousands of attack path assessments conducted by the XM Cyber.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have shed more light on a remote access trojan RAT known as Deuterbear used by the Chinalinked BlackTech hacking group as part of a cyber espionage campaign targeting the AsiaPacific region this year. "Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including support for shellcode plugins, avoiding handshakes.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ LockBit leader revealed: What it means for ransomware π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
With LockBit's founder having been unveiled publicly and with international law enforcement still digging into detailed attack stats, the group is on high alert.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
LockBit leader revealed: What it means for ransomware
With LockBit's founder having been unveiled publicly and with international law enforcement still digging into detailed attack stats, the group is on high alert
π New Android Banking Trojan Mimics Google Play Update App π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new banking Trojan targeting Android devices shows multifaceted capabilities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Android Banking Trojan Mimics Google Play Update App
A new banking Trojan targeting Android devices shows multifaceted capabilities
π§ How a new wave of deepfake-driven cybercrime targets businesses π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
As deepfake attacks on businesses dominate news headlines, detection experts are gathering valuable insights into how these attacks came into being and the vulnerabilities they exploit. Between 2023 and 2024, frequent phishing and social engineering campaigns led to account hijacking and theft of assets and data, identity theft, and reputational damage to businesses across industries. The post How a new wave of deepfakedriven cybercrime targets businesses appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
How a new wave of deepfake-driven cyber crime targets businesses
Dive into the world of deepfakes β how these attacks came into being and how to detect this dangerous synthesized content.
π¦Ώ Black Basta Ransomware Struck More Than 500 Organizations Worldwide π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Read about Black Basta ransomwares impact and how to mitigate it. Plus, learn about recent ransomware trends.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Black Basta Ransomware Struck More Than 500 Organizations Worldwide
Read about Black Basta ransomwareβs impact and how to mitigate it. Plus, learn about recent ransomware trends.
π UK Councils Warn of Data Breach After Attack on Medical Supplier π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Multiple UK councils have warned that residents personal data may have been compromised following a ransomware attack on NRS Healthcare.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Councils Warn of Data Breach After Attack on Medical Supplier
Multiple UK councils have warned that residentsβ personal data may have been compromised following a ransomware attack on NRS Healthcare
π΅οΈββοΈ Whose Data Is It Anyway? Equitable Access in Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Cybersecurity cannot be solely about defending against threats it must also empower organizations with their data.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Whose Data Is It Anyway? Equitable Access in Cybersecurity
Cybersecurity cannot be solely about defending against threats; it must also empower organizations with their data.
π΅οΈββοΈ CISOs and Their Companies Struggle to Comply With SEC Disclosure Rules π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Most companies still can't determine whether a breach is material within the four days mandated by the SEC, skewing incident response.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CISOs and Their Companies Struggle to Comply With SEC Disclosure Rules
Most companies still can't determine whether a breach is material within the four days mandated by the SEC, skewing incident response.
π΅οΈββοΈ 400K Linux Servers Recruited by Resurrected Ebury Botnet π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Cryptocurrency theft and financial fraud are the new M.O. of the 15yearold malware operation that has hit organizations around the globe.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
400K Linux Servers Recruited by Resurrected Ebury Botnet
Cryptocurrency theft and financial fraud are the new M.O. of the 15-year-old malware operation that has hit organizations around the globe.
π Zeek 6.0.4 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and openscience communities. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Zeek 6.0.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers