Source: www.bleepingcomputer.com – Author: Bill Toulas The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets. APT42 was first documented by Mandiant in September 2022, who reported that the threat actors were active since 2015, having carried […]
Source: www.bleepingcomputer.com – Author: Sergiu Gatlan Image: Midjourney A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the “Always-on VPN” feature was enabled with the “Block connections without VPN” option. “Always-on VPN” is designed to start the VPN service when the device boots and keep it running while the […]
Source: www.cyberdefensemagazine.com – Author: Stevin By Jyoti Bansal, CEO and Co-Founder, Traceable AI In the dynamic world of digital transformation, I’ve observed a paradigm shift that is reshaping the very fabric of cybersecurity: the monumental rise of APIs. As the CEO of Traceable, I’ve witnessed firsthand how APIs, once merely technical facilitators, have evolved into […]
Source: securityaffairs.com – Author: Pierluigi Paganini Blackbasta gang claimed responsibility for Synlab Italia attack The Blackbasta extortion group claimed responsibility for the attack that in April severely impacted the operations of Synlab Italia. Since April 18, Synlab Italia, a major provider of medical diagnosis services, has been experiencing disruptions due to a cyber attack. The […]
Source: www.schneier.com – Author: Bruce Schneier HomeBlog Comments ResearcherZero • May 3, 2024 8:53 PM Journalist killings are at their highest levels in almost a decade. ‘https://www.project-syndicate.org/commentary/attacks-on-journalists-media-indicates-democratic-erosion-by-jodie-ginsberg-2024-05 Governments are not protecting press freedom. At the international level, this year is notable for a clear lack of political will on the part of the international community […]
Source: www.darkreading.com – Author: Dark Reading Staff 1 Min Read Source: Ihor Sveitukha via Alamy Stock Photo The number of ransomware and associated extortion attacks is growing, with reports nearly every day about damage inflicted on organizations. These attacks disrupt business operations and result in significant downtime. In some cases, data is stolen. Educational institutions, […]
Authors/Presenters: Jianhao Xu, Kangjie Lu, Zhengjie Du, Zhu Ding, Linke Li Qiushi Wu, Mathias Payer, Bing Mao
Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access.
Originating from the conference’s events situated at the Anaheim Marriott; and via the organizations YouTube channel.
What is the government if not an organization dedicated to the creation of paperwork? All of that paperwork means something, though, and it can range from trivial to vitally important. One of the more important forms, if it’s required for your business or institution to fill out, is the DD2345 form. What is it, what […]
Source: go.theregister.com – Author: Team Register Dating apps ask people to disclose all kinds of personal information in the hope of them finding love, or at least a hook-up. What many may not know is that the majority of these lonely-hearts corners vacuum up way more user info than they need to, and they also […]
Source: go.theregister.com – Author: Team Register AI built by Russian infosec firm Kaspersky was used in Russian drones for its war on Ukraine, volunteer intelligence gatherers claim. The OSINT analysts at InformNapalm, which sprung up in the wake of Russia’s 2014 annexation of Crimea, made those allegations after poring over 100 GB of data stolen […]
Source: thehackernews.com – Author: . Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S. The Czech Republic’s Ministry of Foreign […]
Organizations that fall victim to a ransomware attack are often caught between a rock and a hard place, grappling with the dilemma of whether to pay up or not
Source: securityboulevard.com – Author: Arun Dhamija Recently, I wrapped up my first work trip with Balbix—a whirlwind tour of customer roundtables in Singapore, Melbourne and Sydney. We were joined by local EY teams that have been working with us for almost an entire year to explore the topic of Cyber Risk Management in the region. […]
Source: securityboulevard.com – Author: Nathan Eddy Failure to properly configure authentication led to malicious actors exploiting the database backups of Airsoftc3.com, a popular Airsoft enthusiast community site, according to Cybernews researchers, who discovered the breach in December. The breach exposed sensitive user data, affecting approximately 75,000 individuals within the community involved with Airsoft, a team-based […]
Source: securityboulevard.com – Author: Shriram Sharma For security leaders heading to RSAC 2024 in need of a refresher on all things SOAR (Security Automation, Orchestration and Response), D3 Security has you covered. Before you hit the expo floor, check out these must-read resources that will equip you with the insights needed to understand the security […]
Source: securityboulevard.com – Author: Alexa Sander We recently hosted Michael Tapia, Chief Technology Director at Clint ISD in Texas, and Kobe Brummet, Cybersecurity Technician at Hawkins School District in Tennessee, for a live webinar. Michael and Kobe volunteered to share with other K-12 tech pros how important cybersecurity and safety monitoring are for Google Workspace, […]
Source: securityboulevard.com – Author: bacohido By Byron V. Acohido SAN FRANCISCO — On the eve of what promises to be a news-packed RSA Conference 2024, opening here on Monday, Microsoft is putting its money where its mouth is. More precisely the software titan is putting money within reach of its senior executives’ mouths. Screenshot In […]
Source: securityboulevard.com – Author: Michael Vizard Palo Alto Networks this week extended its secure access service edge (SASE) platform to make it possible to apply cybersecurity policies to unmanaged devices. Anand Oswal, senior vice president and general manager for network security for Palo Alto Networks, said Prisma SASE 3.0 will make it simpler to broadly […]
Source: securityboulevard.com – Author: Marc Handelman Security Bloggers Network Home » Security Bloggers Network » USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations by Marc Handelman on May 3, 2024 Authors/Presenters: Tarun Kumar Yadav, Devashish Gosain, Kent Seamons Many thanks to USENIX for publishing their outstanding USENIX Security ’23 […]
Source: securityboulevard.com – Author: Jamie Coleman Recently, I chatted with developers from a customer in a heavily regulated industry. They were manually updating their open source dependencies and wanted to find a better solution to save time. Keeping their dependencies up-to-date was very time-consuming but something they identified as crucial for their business. *** This […]
Source: securityboulevard.com – Author: Matthew Rosenquist This year, virtual CISOs must begin making a difference in our industry. For the longest time, small and medium businesses (SMBs) have been abandoned by the cybersecurity industry. But, SMBs need security leaders to guide them through the maze of cyber risk and craft practical strategies that align with […]
Source: securityboulevard.com – Author: Mackenzie Jackson In this blog series, we look at a new CVE each month and discuss its impact, discovery, and remediation. This month we are diving into the JetBrains TeamCity vulnerabilities which will allow hackers to take control over CI/CD servers by bypassing authentication. We will discuss the technical details of […]
Recently, I wrapped up my first work trip with Balbix—a whirlwind tour of customer roundtables in Singapore, Melbourne and Sydney. We were joined by local EY teams that have been working with us for almost an entire year to explore the topic of Cyber Risk Management in the region. EY has launched a new managed …
We recently hosted Michael Tapia, Chief Technology Director at Clint ISD in Texas, and Kobe Brummet, Cybersecurity Technician at Hawkins School District in Tennessee, for a live webinar. Michael and Kobe volunteered to share with other K-12 tech pros how important cybersecurity and safety monitoring are for Google Workspace, Microsoft 365, and online browsing. They […]
This month we dive into CVE-2024-27198 for JetBrains TeamCity and the controversy surrounding the patching process that contributed to it being exploited in the wild.
Source: www.databreachtoday.com – Author: 1 Next-Generation Technologies & Secure Development , Threat Hunting , Threat Intelligence Why Customers Benefit From Bringing Threat Hunting and Threat Intelligence Together Michael Novinson (MichaelNovinson) • May 3, 2024 Jason Passwaters, CEO, Intel 471 (Image: Intel 471) Intel 471 has purchased a threat hunting startup led by a […]
Source: www.databreachtoday.com – Author: 1 The White House released the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence on Oct 20, and since then cybersecurity professionals have been discussing the directives in it, whether it is possible to accomplish them and if so, how to do that. The mission […]
Source: www.databreachtoday.com – Author: 1 While fewer healthcare websites appear to be using online trackers now than a year ago, nearly 1 in 3 firms are still using Meta Pixel and similar technologies despite warnings from regulators and a rise in civil class action litigation alleging privacy violations related to these tools, said Ian Cohen, […]
Source: www.databreachtoday.com – Author: 1 Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Social Engineering Mandiant Says APT42 Members Have Been Posing as Journalists to Steal Troves of Data Chris Riotta (@chrisriotta) • May 3, 2024 Iranian hackers posed as journalists from well-known outlets including The Washington Post. (Image: Shutterstock) Members […]
Source: www.databreachtoday.com – Author: 1 Will Gragido SVP, Product Management and Intelligence, NetWitness Will Gragido’s journey in technology started in the early 1990s when he left college and joined the United States Marine Corps. He quickly ushered into the emerging world of data communications, where he received training in internetworking, information security, communications intelligence, and […]
Source: www.databreachtoday.com – Author: 1 Endpoint Security , Governance & Risk Management , Internet of Things Security FortiGuard Labs Identifies Botnet Exploiting Decade-Old D-Link Vulnerability Prajeet Nair (@prajeetspeaks) • May 3, 2024 D-Link DIR-645 routers such as this one are being used in a new botnet. (Image: D-Link) Hackers are taking advantage of […]
Source: www.databreachtoday.com – Author: 1 Events , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Also: Insights From Verizon’s Data Breach Investigations Report; Investment Trends Anna Delaney (annamadeline) • May 3, 2024 Clockwise, from top left: Anna Delaney, Tom Field, Mathew Schwartz and Michael Novinson In the latest weekly update, Information […]
Source: www.cyberdefensemagazine.com – Author: Stevin By Milica D. Djekic There are a plenty of methods to determine someone’s identity and the most convenient cases are through fingerprint, iris detection, DNA and so on, while some of those indicators have become part of the biometrics IDs which serve in accurately being confident about who someone is, […]
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S.
The Czech Republic's Ministry of Foreign Affairs (MFA), in a statement, said some unnamed
A cyberattack targeting a Victorian company has resulted in the exposure of personal data belonging to thousands of victims of family violence and sexual assault, as well as about 60,000 current and former students at Melbourne Polytechnic.
Monash Health Data Breach
Monash Health, the state's largest health service, confirmed it was caught in the cross-hairs of a data breach, which also affected government entities that were clients of the company ZircoDATA.
Monash Health, Victoria's largest health service, found itself entangled in the aftermath of a data breach, which compromised sensitive information collected by family violence and sexual support units between 1970 and 1993.
The breach, attributed to an unauthorized third party gaining access to the systems of document-scanning business ZircoDATA, impacted approximately 4000 individuals who had sought support from these vital services.
The disclosure of details about the sexual violence and assault support units has been deeply distressing for affected victim-survivors. The breach, which involved personal data collected over decades, has raised concerns about the safety and privacy of those who relied on these support services during times of vulnerability.
Amid the fallout from the breach, efforts have been underway to mitigate the risks and support those affected. Monash Health, in collaboration with relevant authorities, has been diligently verifying the identities and addresses of the impacted individuals before initiating contact, ensuring that victims are not inadvertently exposed to further harm.
“The majority of these entities are still in the process of working with ZircoDATA to identify impacted data and any victims, and are yet to begin notifying impacted individuals,” newly appointed coordinator Lieutenant-General Michelle McGuinness said in a statement on X.
In addition to Monash Health, other government entities that were clients of ZircoDATA have also been affected by the breach but “the impact for most government entities is likely to be minimal,” the National Cyber Security Coordinator said.
The breach has prompted federal authorities, including the Australian Federal Police, to launch investigations and coordinate responses to address the scope of the incident and safeguard affected individuals.
ZircoDATA Breach Also Impacts Melbourne Polytechnic
Meanwhile, Melbourne Polytechnic, a prominent educational institution, announced that enrollment information for 60,000 past and present students, stored by ZircoDATA, had been accessed in the breach. Although the breach primarily involved "low-risk identity attributes," the institution has taken proactive steps to offer affected individuals access to cyber support and identity services.
The cybersecurity landscape continues to evolve rapidly, with healthcare emerging as one of the sectors most vulnerable to cyberattacks. A recent report by cybersecurity firm Sophos revealed that healthcare was one of only five sectors to report an increase in cyberattacks over the last year, highlighting the urgent need for heightened vigilance and resilience in safeguarding sensitive data and critical infrastructure.
As organizations grapple with the aftermath of data breaches, there is a pressing need to strengthen cybersecurity measures and response protocols to effectively mitigate risks and protect individuals' privacy and security.
Collaborative efforts between government agencies, healthcare providers, educational institutions, and cybersecurity experts are essential in addressing the complex challenges posed by cyber threats and ensuring the resilience of our digital infrastructure.
In the wake of this cyberattack, authorities have emphasized the importance of transparency, accountability, and support for those affected. By prioritizing the safety and well-being of individuals impacted by data breaches, we can collectively work towards building a more secure and resilient digital ecosystem that safeguards the privacy and security of all stakeholders.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
The digital world continues to spin at breakneck speed, and this week's TCE Cyberwatch brings you the latest updates on the ever-present dance between innovation and security. We delve into the exciting possibilities of Artificial Intelligence (AI), from its role in boosting corporate profits to its potential for national security advancements.
However, the path to progress is rarely smooth. In TCE Cyberwatch, we also explore the persistent threat of cybercrime, with recent data breaches and malicious hacking attempts serving as reminders of our vulnerabilities.
Encouragingly, governments around the world are taking a more proactive stance, implementing stricter regulations and pursuing those who exploit weaknesses in our digital infrastructure.
As you'll see, this week's TCE Cyberwatch offers a comprehensive look at the current cybersecurity landscape, highlighting both the challenges and the glimmers of hope for a more secure future.
TCE Cyberwatch: A Weekly Round-Up
Keep reading to ensure your safety and stay up to date with the cyber world.
U.S. Charges Four Iranians with Hacking Government Agencies and Defense Contractors
Four Iranians in the U.S. were accused of alleged allegiance with hacking operations which attacked entities like the U.S. Treasury and State departments, defence contractors, and two New York-based companies. The Treasury Department of the U.S. believes that all four individuals have ties to IRGC front companies.
Hossein Harooni, Reza Kazemifar, Komeil Baradaran Salmani, and Alireza Shafie Nasab can face up to five years in prison for computer fraud conspiracy charges and up to 20 years for each count of wire fraud and conspiracy to commit wire fraud.
Speaking on the development, Attorney General Merrick Garland stated,“ Criminal activity originating from Iran poses a grave threat to America’s national security and economic stability… These defendants are alleged to have engaged in a coordinated, multi-year hacking campaign.” Read More
Indian Telecom Giant BSNL Suffers Data Breach, Millions Potentially Affected
Bharat Sanchar Nigam Limited (BSNL), a major telecommunications provider owned by the Indian government, faced a data breach a while ago which has resurfaced and been claimed by threat actor ‘Perell’. They released a database which allegedly belongs to BSNL and contains more than 2.9 million records.
Perell claims that the stolen data includes sensitive information from BSNL, and that although it claimed to be from BSNL in 2024, it actually comes from around 2023. However, it still raises concerns as it is of a large quantity and contains sensitive information. Read More
Cybersecurity Giant Darktrace Acquired by Thoma Bravo for $4.6 Billion
Thoma Bravo, a U.S.-based private equity firm, recently acquired the British cybersecurity giant Darktrace for $4.6 billion. This acquisition carries significant implications for both companies and the cybersecurity industry at large. Following the announcement, Darktrace's shares surged by approximately 19%, demonstrating investor confidence in the deal.
Shareholders of Darktrace could now receive $7.75 for each share they hold, marking a 44.3% increase compared to recent stock prices. Darktrace, renowned for its AI-based cybersecurity solutions, has experienced a surge in demand for its services. Read More
Global Operation Shuts Down LabHost, Arrests 37
An online service called Lab Host, operating in 19 countries, which sells phishing kits to cybercriminals, has recently been shut down. It is alleged that they have made almost a million dollars from this activity and have directly and indirectly attacked thousands of people. Lab Host has been in operation since 2021 and provides tools for hackers to create fake websites that deceive people into revealing sensitive information such as email addresses, passwords, and bank details.
Following the shutdown, 37 people were arrested, and London’s police reported that 2,000 users were registered on the site, paying a monthly subscription fee. Lab Host is reported to have obtained 480,000 bank card numbers, 64,000 PIN numbers, and around 1 million passwords. Read More
Big Fines for AT&T, Verizon, T-Mobile in Privacy Scandal
Major phone carriers AT&T, Sprint, T-Mobile, and Verizon have been fined a total of $200 million for illegal data sharing of customer locations with third parties. T-Mobile, AT&T, and Verizon were fined approximately $80 million, $57 million, and $47 million, respectively. These companies sold customer location data to aggregators, who then resold it to third parties.
AT&T had connections with two aggregators, LocationSmart and Zumigo, which were then linked to third-party location-based service providers. According to the FCC, "In total, AT&T sold access to its customers’ location information (directly or indirectly) to 88 third-party entities." Informally, all three phone carriers stated that the program in question ended about five years ago. Read More
UK Cracks Down on Weak Passwords: "Admin123" No Longer an Option
The UK Government is banning weak passwords such as "admin" or "12345" to bolster cybersecurity. The initiative, named the 'UK Product Security and Telecoms Infrastructure (PSTI) Act 2022', mandates that manufacturers, distributors, and importers of products and services for UK consumers adhere to these new rules.
Manufacturers and other vendors face significant fines for non-compliance. They could be fined up to £10 million, four percent of their global turnover, or £20,000 per day for ongoing violations. This move signals the government's commitment to tackling cybersecurity issues. Read More
ChatGPT Accused of Privacy Violations and Inaccurate Information
ChatGPT has recently faced criticism from a privacy advocacy group, along with the Austrian data protection authority (DSB), for generating inaccurate information that violates European Union privacy regulations.
Noyb, the privacy advocacy group, pointed out that ChatGPT's method of guessing instead of providing accurate information poses problems. They also claim that OpenAI, the company behind the AI, refuses to correct inaccurate responses and is reluctant to share information about its data processing practices. Read More
Okta Warns of Surge in Password Reuse Attacks
Okta recently issued a warning about a surge in credential stuffing attacks, in which usernames and passwords obtained from previous data breaches and attacks are used to target accounts.
According to Okta, they have "observed an increase in the frequency and scale of credential stuffing attacks targeting online services, facilitated by the broad availability of residential proxy services, lists of previously stolen credentials, and scripting tools."
This spike in credential stuffing attacks is believed to be linked to brute force attacks, as warned by Cisco a few weeks earlier. Cisco had observed a rise in attacks on VPN services, web application authentication interfaces, and others since around March 18.
To address this, Okta recommends blocking requests from suspicious services, ensuring the use of secure passwords, implementing multi-factor authentication (MFA), and remaining vigilant in monitoring any suspicious activity. Read More
To Wrap Up
This week's TCE Cyberwatch painted a vivid picture of the ever-evolving cybersecurity landscape. While advancements like AI offer exciting possibilities, they necessitate enhanced security measures to mitigate potential risks. The increasing focus on regulations and enforcement by governments worldwide signifies a collective effort to combat cybercrime.
Remember, staying informed and practicing safe online habits are crucial in protecting yourself from cyber threats.
TCE Cyberwatch remains committed to keeping you informed about the latest cybersecurity developments. By staying vigilant and taking proactive measures, we can navigate the digital age with greater confidence and security.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
Source: www.cybertalk.org – Author: slandau Gary Landau has been leading IT and information security teams for over 25 years as part of startups as well as large global organizations. He is currently a Field CISO with Unisys Security Services, where he supports companies in many different industries. His mantra is “keep making it better” and […]
Source: www.lastwatchdog.com – Author: bacohido By Byron V. Acohido SAN FRANCISCO — On the eve of what promises to be a news-packed RSA Conference 2024, opening here on Monday, Microsoft is putting its money where its mouth is. Related: Shedding light on LLM vulnerabilities More precisely the software titan is putting money within reach of […]
Source: www.lastwatchdog.com – Author: bacohido At the start, Distributed Denial of Service (DDoS) attacks were often motivated by bragging rights or mischief. Related: The role of ‘dynamic baselining’ DDoS attack methodology and defensive measures have advanced steadily since then. Today, DDoS campaigns are launched by political activists, state-sponsored operatives and even by business rivals. Targets […]
Source: www.lastwatchdog.com – Author: bacohido By Ahmed Abdelhalim Businesses today need protection from increasingly frequent and sophisticated DDoS attacks. Service providers, data center operators, and enterprises delivering critical infrastructure all face risks from attacks. Related: The care and feeding of DDoS defenses But to protect their networks, they’ll need to enable accurate attack detection while […]
Source: www.lastwatchdog.com – Author: cybernewswire Tel Aviv, Israel, May 2, 2024, CyberNewsWire — LayerX, pioneer of the LayerX Browser Security platform, today announced $26 million in Series A funding led by Glilot+, the early-growth fund of Glilot Capital Partners, with participation from Dell Technologies Capital and other investors. Lior Litwak, Managing Partner at Glilot Capital […]
Source: www.darkreading.com – Author: Tara Seals, Managing Editor, News, Dark Reading Source: Image Source Limited via Alamy Stock Photo Welcome to CISO Corner, Dark Reading’s weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we’ll offer articles gleaned from across our news operation, The Edge, DR Technology, DR Global, […]
Source: www.darkreading.com – Author: PRESS RELEASE Dazz, the leader in security remediation, today announced new capabilities in the Dazz Unified Remediation Platform, including automated code-fixes for container vulnerabilities, AI-driven remediation guidance, and new platform connections with industry-leading security tools. These major advancements will enable cybersecurity teams to use AI and automation to prioritize critical issues, […]
Source: www.darkreading.com – Author: PRESS RELEASE SANTA CLARA, Calif., May 2, 2024 /PRNewswire/ — Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, announced its latest innovations to future-proof and transform the workforce with the launch of Prisma® SASE 3.0. Prisma SASE 3.0 now delivers Zero Trust to secure both managed and unmanaged devices with the industry’s first natively integrated […]
Source: www.darkreading.com – Author: PRESS RELEASE New York and Tel Aviv, May 2, 2024 – BioCatch (the “Company”), the global leader in digital fraud detection and financial crime prevention powered by behavioral biometric intelligence, today announced that Permira Growth Opportunities II (the “Fund”), a fund advised by global private equity firm Permira, has agreed to acquire a majority position […]