Phobos ransomware expands with new FAUST variant. Attackers use an Office document with VBA script to propagate the ransomware. FAUST exhibits persistence mechanisms and encrypts files with a ".faust" extension. User caution and regular updating is crucial. #PhobosRansomware #FAUSTVariant #FilelessAttacks #UserAwareness #Cybersecurity

Infosecurity Magazine

Phobos Ransomware Family Expands With New FAUST Variant

FortiGuard said the variant was found in an Office document using a VBA script

Russian hackers, known as "Midnight Blizzard," targeted Microsoft and other organizations. They used password spray attacks and malicious OAuth applications to gain access to corporate systems. Midnight Blizzard has been active since 2018 and focuses on espionage of foreign interests. Microsoft has started notifying other targeted organizations about the attack. #cyberattack #cybersecurity #cybersecuritynews

Cyber Security News

Russian Hackers Who Hacked Microsoft Also Targeted Other Organizations

On January 12, 2024, Microsoft identified a nation-state threat actor, "Midnight Blizzard," attacking their corporate systems. Upon discovery, Micr...

Control D, powered by Windscribe VPN, has launched "Control D for Organizations" to democratize cybersecurity for businesses of all sizes. This DNS service provides advanced protection and tools tailored for companies, schools, and NGOs. It includes features such as malware blocking, multi-tenancy, modern protocols, custom filtering, and actionable insights. Control D aims to make first-rate cybersecurity accessible to all organizations, regardless of their size or financial prowess. #Cybersecurity #ControlD #DNSsecurity Control D, backed by Windscribe VPN, leverages the largest physical VPN network and an anycast DNS network to deliver unparalleled security and freedom from surveillance on a global scale. It is a pioneer in software security and offers user-centric solutions. Businesses can visit controld.com to learn more and start their journey towards comprehensive digital protection. #ControlD #WindscribeVPN #DigitalProtection

Cyber Security News

Control D Launches Control D for Organizations: Democratizing Cybersecurity for Organizations of All Sizes

In an era where online threats no longer discriminate by business size, Control D, powered by Windscribe VPN's robust security expertise.

Software developers are urged to patch their Jenkins servers due to a critical vulnerability (CVE-2024-23897) that could allow attackers to read arbitrary files on the system. Exploiting this vulnerability could result in the exposure of Jenkins secrets and the execution of arbitrary code. Jenkins is a widely used open source automation server, making it a significant target for attackers. Over 75,000 Jenkins servers worldwide are currently exposed and unpatched. #Jenkins #vulnerability #cybersecurity

Infosecurity Magazine

CI/CD at Risk as Exploits Released For Critical Jenkins Bug

Customers are urged to patch now after exploits are released for critical vulnerability in Jenkins

#CyberSecurity #GDPRCompliance #DataPrivacy #DataProtection #SecurityCompanies #CyberThreats #DataBreach #CyberAttack #AI #DataManagement

Cyber Security News

10 Best GDPR Compliance Security Companies - 2026

Best GDPR Compliance Security Companies : 1. Perimeter 81 2. LogicGate 3. Egnyte 4. Exterro 5. Transcend 6. StandardFusion 7. SolarWinds

Summary: In the age of cyber threats, organizations must prioritize data privacy and safeguard personal identifiable information (PII). The ever-evolving threat landscape requires a holistic approach to cybersecurity that is tailored to an organization's unique needs and risk profiles. Adopting a 'data reduction and minimization' approach can help businesses protect sensitive information and reduce the risk of data breaches. Small businesses should take extra precautions when dealing with customer data and limit the storage of sensitive information. Active data purging is necessary to minimize risk, and businesses must invest in revising their information storage practices. Without addressing these risks, businesses are more likely to experience cyberattacks and issues with storing PII in the future. Hashtags: #DataPrivacy #CyberThreats #DataProtection #PII #DataSecurity

Infosecurity Magazine

Can Businesses Navigate the PII Labyrinth in the Age of Cyber Threats?

With stricter regulations and evolving threats, organizations must re-evaluate how they collect, store, and manage customer data

Summary: 1. Amazing footage of a black-eyed squid carrying thousands of eggs. 2. The squid tends to hang out about 6,200 feet below sea level. 3. Gen Z men and women are growing more divided on political issues. 4. Computer systems and AI can make errors, posing risks to justice. 5. Tech companies are shifting focus to generative AI. 6. URL spoofing is common and can lead to malicious attacks. 7. Linguist Emily M. Bender emphasizes the need for accountability in AI. 8. EU citizens wrongly fined for driving in London's Ulez clean air zone. 9. Transport for London accused of a massive data breach. Hashtags: #squid #blackeyedsquid #oceanlife #genz #genderdivide #technology #AI #computers #security #URLspoofing #accountability #cleanairzone #breach

Schneier on Security

Friday Squid Blogging: Footage of Black-Eyed Squid Brooding Her Eggs - Schneier on Security

Amazing footage of a black-eyed squid (Gonatus onyx) carrying thousands of eggs. They tend to hang out about 6,200 feet below sea level. As usual, ...

Summary: Authorities in Australia, the United Kingdom, and the United States have imposed financial sanctions on Aleksandr Ermakov, a Russian man accused of stealing data on nearly 10 million customers of Medibank, an Australian health insurance company. Ermakov is alleged to have worked with the ransomware group REvil. The allegations against Ermakov mark the first time Australia has sanctioned a cybercriminal. The sanctions suggest that Ermakov operated under multiple aliases on Russian cybercrime forums, including GustaveDore, JimJones, and Blade Runner. The connection between Ermakov and Mr. Shefel, also known as Rescator, was revealed through email and domain name registrations. The REvil group was disrupted by law enforcement in 2021, but there is evidence that Ermakov's group was connected to REvil. Ermakov's alleged association with REvil makes him a target as a person likely to possess significant amounts of cryptocurrency. Hashtags: #Cybercriminal #MedibankHacker #AleksandrErmakov #REvil #Sanctions #RussianCybercrime #Ransomware #Cybersecurity

Who is Alleged Medibank Hacker Aleksandr Ermakov? – Krebs on Security

Summary: - GetBusy is a productivity software company founded in 2017 through the merger of SmartVault and Virtual Cabinet. - Luke Kiely, the CISO of GetBusy, discusses how cybersecurity regulations have influenced their operations. - Supply chain attacks on commodity software are a major concern, particularly for managed service providers. - When faced with compromises, it is important to assess the extent of the compromise and the reliance on a particular platform. - Transparency is crucial in enhancing security measures and compliance. - GetBusy focuses on compliance requirements when operating in different geographies. - The role of a CISO varies depending on the organization and the jurisdiction. - During M&A deals, the security priorities include reviewing and aligning security controls and cultures. - Concerns in cybersecurity today include upcoming compliance requirements, supply chain risk, and general risk management. - Successes in the cybersecurity industry include increased compliance levels and a move towards transparency. - Advice for cybersecurity professionals: be engaged with the workforce, transparent with partners and customers, and adaptable. Hashtags: #Cybersecurity #Compliance #SupplyChainAttacks #Transparency #MergersAndAcquisitions #RiskManagement #CISO

Infosecurity Magazine

GetBusy CISO on How Compliance Has Become a Security Driver

As the general CISO of a group providing productivity software across different geographies, compliance is top of mind for Luke Kiely

Summary: Evidence shows that Iranian intelligence and military services are involved in cyber activities targeting Western countries. Leaks have revealed a network of entities associated with the Islamic Revolutionary Guard Corps (IRGC) engaged in cyber-attacks. Four intelligence and military organizations linked to the IRGC, including the IRGC's Electronic Warfare and Cyber Defense Organization, have been identified. These agencies have relationships with Iran-based cyber contractors and are associated with offensive cyber activities, including targeting major US financial institutions and healthcare providers. The leaks also show that some contractors export their technologies for surveillance and offensive purposes. US government sanctions are making it harder for these cyber companies to evade detection. Hashtags: #IranianIntelligence #CyberCompanies #OffensiveCyberActivities #USFinancialInstitutions #HealthcareProviders #Surveillance

Infosecurity Magazine

New Leaks Expose Web of Iranian Intelligence and Cyber Companies

Recorded Future analyzed leaks describing the close relationship between the Iranian government and Iran-aligned APT groups

Summary: - A hacker in Ukraine has been arrested for assisting Russian missile strikes on the city of Kharkiv. - The hacker spied on military sites and provided information to Russia on the location of Ukrainian air defense and artillery positions. - The hacker also planned to carry out DDoS attacks on Ukrainian government websites. - The hacker was recruited by Russia's intelligence service, the FSB, and is now in custody facing up to 12 years in prison. - In the US, a Russian hacker has been sentenced to five years and four months in prison for their role in developing and deploying the Trickbot malware. Hashtags: #Ukraine #Russia #Hacker #MissileStrikes #CyberEspionage #DDoSAttacks #TrickbotMalware #Cybersecurity

Infosecurity Magazine

Ukraine Arrests Hacker for Assisting Russian Missile Strikes

Ukraine’s security services said that the hacker targeted government websites and provided intelligence to Russia to carry out missile strikes

1. Jenkins is an open-source automation server targeted by threat actors for remote code execution. #Jenkins #vulnerability 2. The critical vulnerability, CVE-2024-23897, allows attackers to execute remote code through the CLI in Jenkins. #CVE-2024-23897 #remoteCodeExecution 3. Jenkins' default-enabled parser feature, 'expandAtFiles,' is responsible for the vulnerability. #expandAtFiles #securityvulnerability 4. Attackers can access the file system through the args4j library, compromising the system's security. #args4j #fileSystemAccess 5. Reading binary files with cryptographic keys is possible with restrictions, leading to potential RCE attacks. #RCE #cryptographicKeys 6. The vulnerability enables remote code execution via different methods such as resource root URLs and build logs. #remoteCodeExecution #buildLogs 7. Jenkins has fixed the vulnerability in version 2.442/LTS 2.426.3 but provides a temporary CLI access block as a workaround. #vulnerabilityFix #tempAccessBlock 8. Other vulnerabilities, CVE-2024-23898, CVE-2024-23899, CVE-2023-6148, CVE-2024-23905, CVE-2024-23904, and CVE-2023-6147, have also been detected. #otherVulnerabilities

Cyber Security News

Critical Jenkins Vulnerability Let Attackers Execute Remote Code

The widespread use of it provides an opportunity for threat actors to exploit vulnerabilities and gain unauthorized access to sensitive data.

Cisco Unified Communications and Contact Center Solutions have a critical vulnerability. Attackers can execute arbitrary code on affected devices. The flaw comes from improper processing of user-provided data. Multiple Cisco products are affected. Cisco has released software updates to address the vulnerability. No workarounds are available. Access control lists can be established on intermediary devices to mitigate the risk. The vulnerability has not been publicly disclosed or exploited. #cybersecurity #vulnerability

Cyber Security News

Cisco Unified Communications Flaw Let Attackers Execute Arbitrary Code

Cisco Unified Communications and Contact Center Solutions, known for their robustness, have recently been under scrutiny due to a critical vulnerab...

Summary: 49 unique zero-days were uncovered in the Pwn2Own Automotive event. Synacktiv won the Master of Pwn Trophy, earning 50 Master of Pwn Points and $450,000 for attacking Tesla's infotainment system and modem. Other researchers also earned rewards for exploiting different vulnerabilities in automotive systems. Hashtags: #Pwn2Own #cybersecurity #zerodays #automotive

Cyber Security News

49 Unique Zero-days Uncovered in Pwn2Own Automotive

On the final day of Pwn2Own Automotive 2024 - Day 3, researchers were granted $1,323,750 in rewards for identifying 49 distinct zero-days.

Nozomi Networks unveils wireless security sensor for OT, IoT environments. Guardian Air detects wireless threats in OT and IoT. Frequencies monitored include Bluetooth, cellular, Wi-Fi, Zigbee, LoRaWAN, WirelessHART, and drone RF protocols. Data is sent to Nozomi's cloud-based management system for analysis. Guardian Air enhances wireless security and integrates with Nozomi's Vantage platform. Available this spring. #NozomiNetworks #WirelessSecurity #OT #IoT #Cybersecurity

SecurityWeek

Nozomi Unveils Wireless Security Sensor for OT, IoT Environments

Nozomi extends its offering with Guardian Air, a security sensor designed to help organizations detect wireless threats in OT and IoT.

Outlook PST file corruption can cause downtime and loss of productivity. Common reasons for corruption include large file size, system shutdowns, faulty hardware or software, and virus intrusion. Repair options include using the built-in Inbox Repair Tool (ScanPST.exe) or a third-party Outlook PST repair tool. It is recommended to regularly back up Outlook data and scan PST files for errors. If ScanPST fails, use the advanced tool Stellar Repair for Outlook. #Outlook #PSTrepair

Infosecurity Magazine

How do I Repair Outlook PST File?

Understand the common reasons behind the Outlook PST file corruption and the methods to repair corrupt Outlook PST file

Hackers earned $1.3M for Tesla, EV charger, and infotainment exploits at Pwn2Own Automotive. #Cybersecurity #Hackers #Tesla #EVCharger #Infotainment #Pwn2OwnAutomotive

SecurityWeek

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive

Participants have earned more than $1.3 million for hacking Teslas, EV chargers and infotainment systems at Pwn2Own Automotive.

1. Network security providers for ecommerce are essential for ensuring the safety and integrity of online transactions and customer data. 2. These providers focus on anti-malware, encryption, firewalls, and intrusion detection to protect against cyber threats. 3. They also facilitate secure network connections, VPN connections, and compliance with data security standards. 4. Network security is important for protecting sensitive data, maintaining privacy, ensuring business continuity, and building trust and reputation. 5. Best practices for network security providers include comprehensive risk assessments, strong encryption, regular updates, intrusion detection and prevention, and multi-factor authentication. 6. Choosing the best network security provider involves assessing your needs, considering reputation and experience, verifying compliance and certifications, analyzing technology and features, and ensuring scalability and customization. 7. The 10 best network security providers for ecommerce are Perimeter81, Fortinet, Palo Alto Networks, Cisco, Sophos, Trend Micro, Gen Digital, Zscaler, SonicWall, and Imperva. #NetworkSecurity #Ecommerce #CyberSecurity #DataProtection #Privacy #Firewalls #Encryption #IntrusionDetection #DDoSProtection #Compliance

Cyber Security News

10 Best Network Security Providers for Ecommerce - 2026

Network Security Providers for Ecommerce: 1. Perimeter81 2. Fortinet 3. Palo Alto Networks 4. Cisco 5. Sophos 6. Trend Micro 7. Trend Micro.

HP was hacked by the Russian hacker group 'Cozy Bear'. The breach raised concerns about data security and the future of cybersecurity. The hackers had likely been in the system since May 2023, stealing data from various departments. There is a suspected link between this breach and a previous intrusion in June 2023. HPE has taken action by engaging with law enforcement and assessing the financial and operational impact of the breach. The incident highlights the vulnerabilities of cloud-based systems and the need for improved security measures. It also calls for a reevaluation of existing security protocols and proactive defense strategies. The investigation into the breach raises unanswered questions about the extent of the compromise and the need for collective action in the face of cyber espionage. #cyberattack #cybersecurity #cybersecuritynews

Cyber Security News

HP Hacked by Russian 'Cozy Bear' Hacker Group

HP Hacked by Russian 'Cozy Bear' hacker Group, known as Cozy Bear, had breached its cloud-based email environment.

Hackers participating in the Pwn2Own Automotive hacking contest earned over $700,000 for hacking Tesla, EV chargers, and infotainment systems. #Pwn2Own #Automotive #Hacking #Tesla #EVchargers #InfotainmentExploits

SecurityWeek

Pwn2Own Automotive: Hackers Earn Over $700k for Tesla, EV Charger, Infotainment Exploits

On the first day of Pwn2Own Automotive participants earned over $700,000 for hacking Tesla, EV chargers and infotainment systems.