πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
26.7K subscribers
89.8K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
πŸ“” Ransomware Attack Demands Reach a Staggering $5.2m in 2024 πŸ“”

Comparitech calculated that the average ransom demand was over 5.2m in the first six months of 2024, with 421 confirmed incidents during this period.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Health Tech Execs Get Jail Time For $1bn Fraud Scheme πŸ“”

The former CEO and COO of a health startup will spend years in jail after conducting a largescale fraud scheme.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group πŸ“”

Cisco has patched a zeroday vulnerability exploited by a Chinese APT group to compromise Nexus switches.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
🌊 Email Phishing Playbook – Free PDF 🌊

Phishing emails are a constant threat, targeting employees and exploiting vulnerabilities to steal sensitive data... The post Email Phishing Playbook Free PDF appeared first on UnderDefense.

πŸ“– Read more.

πŸ”— Via "UnderDefense"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Cyber Workforce Numbers Rise for Larger Organizations πŸ•΅οΈβ€β™‚οΈ

Some organizations are also reaching recordhigh levels of cyber maturity, at 80 to 90.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ PTC License Server Bug Needs Immediate Patch Against Critical Flaw πŸ•΅οΈβ€β™‚οΈ

Creo ElementsDirect License Servers, which enable industrial design and modeling software, are exposed to the Internet, leaving critical infrastructure vulnerable to remote code execution.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Fintech Frenzy: Affirm & Others Emerge as Victims in Evolve Breach πŸ•΅οΈβ€β™‚οΈ

A ransomware attack has become a supply chain issue, thanks to the victim's partnerships with other financial services companies.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication πŸ•΅οΈβ€β™‚οΈ

Adversaryinthemiddle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ 3 Ways to Chill Attacks on Snowflake πŸ•΅οΈβ€β™‚οΈ

Multifactor authentication is a good first step, but businesses should look to collect and analyze data to hunt for threats, manage identities more closely, and limit the impact of attacks.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“’ Prudential said 36,000 people were affected in a February data breach – it just revised that number to 2.5 million πŸ“’

Prudential has revised its initial data breach victim count from just over 36,000 to a whopping 2.5 million.

πŸ“– Read more.

πŸ”— Via "ITPro"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ•΅οΈβ€β™‚οΈ South Africa National Healthcare Lab Still Reeling from Ransomware Attack πŸ•΅οΈβ€β™‚οΈ

The cyberattack disrupted national laboratory services, which could slow response to disease outbreaks such as mpox, experts warn.

πŸ“– Read more.

πŸ”— Via "Dark Reading"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 Bitwarden vs KeePass (2024): Battle of the Best – Who Wins? 🦿

Bitwarden vs KeePass Who comes out on top? Dive into our 2024 analysis and make the best decision for your security needs!.

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
🦿 How to Manage User Passwords on Linux 🦿

If youre a Linux admin, you probably take care of any number of servers, all of which contain numerous users. Those users log in via various means or protocols, such as SSH, FTP and HTTP. In order to successfully log in, those users have to have passwords. A single word that sends shivers through ...

πŸ“– Read more.

πŸ”— Via "Tech Republic"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Microsoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware Tool πŸ–‹οΈ

Unknown threat actors have been observed exploiting a nowpatched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks πŸ–‹οΈ

The loaderasaservice LaaS known as FakeBat has become one of the most widespread loader malware families distributed using the driveby download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the nextstage payload, such as IcedID, Lumma, RedLine, SmokeLoader, SectopRAT, and Ursnif," the company said in a Tuesday analysis. Driveby attacks.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks πŸ–‹οΈ

Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publiclyavailable frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, "leverage targetspecific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely on.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ–‹οΈ South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware πŸ–‹οΈ

An unnamed South Korean enterprise resource planning ERP vendor's product update server has been found to be compromised to deliver a Gobased backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center ASEC, which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a subcluster within the.

πŸ“– Read more.

πŸ”— Via "The Hacker News"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸš€ AI in the workplace: The good, the bad, and the algorithmic πŸš€

While AI can liberate us from tedious tasks and even eliminate human error, it's crucial to remember its weaknesses and the unique capabilities that humans bring to the table.

πŸ“– Read more.

πŸ”— Via "ESET - WeLiveSecurity"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” New RUSI Report Exposes Psychological Toll of Ransomware, Urges Action πŸ“”

A new report reveals the hidden mental health toll of ransomware attacks on victims, urging a focus on wellbeing alongside data and system recovery.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” APP Fraud Singled Out as Biggest Financial Crime Threat πŸ“”

Payments professionals have highlighted authorized push payment APP fraud as the top threat facing businesses and consumers.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity
πŸ“” Dozens of Arrests Disrupt €2.5m Vishing Gang πŸ“”

Police have arrested 54 suspected members of a vishing group who stole the life savings of scores of victims.

πŸ“– Read more.

πŸ”— Via "Infosecurity Magazine"

----------
πŸ‘οΈ Seen on @cibsecurity