ποΈ New macOS Malware TodoSwift Linked to North Korean Hacking Groups ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that originated in North Korea DPRK specifically the threat actor known as BlueNoroff such as KANDYKORN and RustBucket," Kandji security.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π CISA to Get New Headquarters as $524M Contract Awarded π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The building, located in Washington, DC, will be the new home of the US Cybersecurity and Infrastructure Security.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
CISA to Get New Headquarters as $524M Contract Awarded
The building, located in Washington, DC, will be the new home of the US Cybersecurity and Infrastructure Security
π Healthcare Hit by a Fifth of Ransomware Incidents π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Healthcare has been the most targeted sector according to Barracuda analysis of 200 reported ransomware incidents from August 2023 to July 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Healthcare Hit by a Fifth of Ransomware Incidents
Healthcare has been the most targeted sector according to Barracuda analysis of 200 reported ransomware incidents from August 2023 to July 2024
π Most Ransomware Attacks Now Happen at Night π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Malwarebytes report warns security teams to be on high alert for ransomware attacks at night.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Most Ransomware Attacks Now Happen at Night
Malwarebytes report warns security teams to be on high alert for ransomware attacks at night
π Microchip Technology Says IT Incident Impacted Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
US chip firm Microchip reveals operational disruption stemming from cyber incident.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microchip Technology Says IT Incident Impacted Operations
US chip firm Microchip reveals operational disruption stemming from cyber incident
π’ The top API risks of 2024 and how to mitigate them π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
While APIs are the backbone of online applications, they can offer a backdoor to sensitive information making API monitoring by IT teams an absolute imperative.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
The top API risks of 2024 and how to mitigate them
While APIs are the backbone of online applications, they can offer a backdoor to sensitive information β making API monitoring by IT teams an absolute imperative
π’ NIS2 is a double-edged sword for the IT channel π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
NIS2 presents demanding new compliance obligations for channel partners, but it's vital if they are going to build the resilience they need in today's threat landscape.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
channelpro
NIS2 is a double-edged sword for the IT channel
NIS2 presents demanding new compliance obligations for channel partners, but it's vital if they are going to build the resilience they need in today's threat landscape
π’ Toyotaβs cyber woes continue as latest breach marks fifth major IT incident in two years π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Toyota is once again in the headlines after a hacker collective claimed to have exfiltrated 240GB of sensitive data from the car manufacturers internal systems.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Toyotaβs cyber woes continue as latest breach marks fifth major IT incident in two years
Toyota is once again in the headlines after a hacker collective claimed to have exfiltrated 240GB of sensitive data from the car manufacturerβs internal systems
π’ Ransomware gangs are rolling in cash, with hackers taking home $459.8 million in the first half of 2024 alone π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Ransomware criminals are ramping up attacks globally and reaping the financial rewards.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Ransomware gangs are rolling in cash, with hackers taking home $459.8 million in the first half of 2024 alone
Ransomware criminals are ramping up attacks globally and reaping the financial rewards
π Australia Calls Off Clearview AI Investigation Despite Lack of Compliance π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Australias data protection watchdog has decided to stop its investigation into US facial recognition company Clearview AI.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Australia Calls Off Clearview AI Investigation Despite Lack of Compliance
Australiaβs data protection watchdog has decided to stop its investigation into US facial recognition company Clearview AI
π Oregon Zoo Warns Over 100,000 Customers of Payment Card Compromise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Oregon Zoo revealed that an unauthorized actor potentially obtained payment card information used in transactions over six months.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Oregon Zoo Warns Over 100,000 Customers of Payment Card Compromise
Oregon Zoo revealed that an unauthorized actor potentially obtained payment card information used in transactions over six months
π¦Ώ More than 3 in 4 Tech Leaders Worry About SaaS Security Threats, New Survey Reveals π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The average enterprise uses 130 different SaaS applications today, up from 80 in 2020, according to Onymos.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
More than 3 in 4 Tech Leaders Worry About SaaS Security Threats, New Survey Reveals
A new survey found that 78% of tech leaders are worried about SaaS security threats β and their concerns could worsen as more SaaS apps find their way into the enterprise.
π New MoonPeak RAT Linked to North Korean Threat Group UAT-5394 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The MoonPeak RAT as used by UAT5394 showed a possible connection to North Korean threat Kimsuky.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New MoonPeak RAT Linked to North Korean Threat Group UAT-5394
The MoonPeak RAT as used by UAT-5394 showed a possible connection to North Korean threat Kimsuky
π1
ποΈ Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE202438206 CVSS score 8.5, the vulnerability has been described as an information disclosure bug stemming from a serverside request forgery SSRF attack. "An authenticated attacker can bypass ServerSide Request.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new remote access trojan called MoonPeak has been discovered as being used by a statesponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT5394, which it said exhibits some level of tactical overlaps with a known nationstate actor codenamed Kimsuky. MoonPeak, under active development.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New MoonPeak RAT Linked to North Korean Threat Group UAT-5394 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The MoonPeak RAT as used by UAT5394 showed a possible connection to North Korean threat Kimsuky.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New MoonPeak RAT Linked to North Korean Threat Group UAT-5394
The MoonPeak RAT as used by UAT-5394 showed a possible connection to North Korean threat Kimsuky
π Critical LiteSpeed Cache Plugin Flaw Exposes WordPress Sites π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The LiteSpeed Cache flaw may expose millions of WordPress sites to severe security risks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Critical LiteSpeed Cache Plugin Flaw Exposes WordPress Sites
The LiteSpeed Cache flaw may expose millions of WordPress sites to severe security risks
ποΈ New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have unpacked a new malware strain dubbed PGMEM that's designed to mine cryptocurrency after bruteforcing their way into PostgreSQL database instances. "Bruteforce attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report. ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has rolled out security fixes to address a highseverity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE20247971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. "Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. "The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE20246800, and carries a CVSS score of 9.5. "On GitHub Enterprise Server instances that use SAML single signon SSO.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity