Cybersecurity News
-
How bad is the cybersecurity job market today?
After 15 years as a distiller/whiskey maker, I’m ready for a complete career change. I was thinking about taking some of the cybersecurity courses through Cisco and Google but I’m also seeing that there maybe a job shortage. Is this going to be a waste of my time?
- www.bleepingcomputer.com Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs
Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for 150 flaws and sixty-seven remote code execution bugs.
- getpocket.com The Woman Who Smashed Codes: The Untold Story of Cryptography Pioneer Elizebeth Friedman
How an unsung heroine established a new field of science and helped defeat the Nazis with pencil, paper, and perseverance.
- www.theregister.com Record mega breach in France impacts up to 43 million people
Zut alors! Department for registering and helping unemployed people broken into
- www.bleepingcomputer.com Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs
Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws.
- www.cadosecurity.com Spinning YARN - A New Linux Malware Campaign Targets Docker, Apache Hadoop, Redis and Confluence - Cado Security | Cloud Forensics & Incident Response
Introduction Cado Security Labs researchers have recently encountered an emerging malware campaign targeting misconfigured servers running the following web-facing services: The campaign utilises a number of unique and unreported payloads, including four Golang binaries, that serve as tools to autom...
- www.nytimes.com Cyberattack Paralyzes the Largest U.S. Health Care Payment System
The hacking shut down the nation’s biggest health care payment system, causing financial chaos that affected a broad spectrum ranging from large hospitals to single-doctor practices.
- www.theregister.com VMware urges emergency action to blunt hypervisor flaws
Critical vulns in USB under ESXi and desktop hypervisors found by Chinese researchers at cracking contest
- arstechnica.com Hackers exploited Windows 0-day for 6 months after Microsoft knew of it
Technically, Microsoft doesn't consider such bugs vulnerabilities. It patched it anyway.
- arstechnica.com Researchers create AI worms that can spread from one system to another
Worms could potentially steal data and deploy malware.
- www.blackhatethicalhacking.com LiteSpeed Cache Plugin Exposes 5 Million WordPress Sites to Privilege Escalation | Black Hat Ethical Hacking
A critical security vulnerability has been unveiled in the LiteSpeed Cache plugin for WordPress, posing a significant risk of privilege escalation for unauthenticated users. Tracked as CVE-2023-40000, this vulnerability was addressed in October 2023 with the release of version 5.7.0.1 of the plugin.
- www.nist.gov NIST Releases Version 2.0 of Landmark Cybersecurity Framework
The agency has finalized the framework’s first major update since its creation in 2014.
-
The US has overtaken Russia as the most-breached country
www.techspot.com Number of data breaches falls globally, triples in the USThe Global data breach statistics report comes from Surfshark, which counts every leaked email address used to register for online services as a separate user account.
- techcrunch.com Feds hack LockBit, LockBit springs back. Now what? | TechCrunch
Days after it was knocked offline by a sweeping, years-in-the-making law enforcement operation, the notorious Russia-based LockBit ransomware group has
- www.bleepingcomputer.com Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets
Learn how threat actors utilize credentials to break into privileged IT infrastructure to create data breaches and distribute ransomware.
- www.bleepingcomputer.com Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks
Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks.
- www.theregister.com Ivanti zero-day victim count grows as Mandiant weighs in
Snoops had no fewer than five custom bits of malware to hand to backdoor networks
- www.cyber.gc.ca Microsoft security advisory – January 2024 monthly rollup (AV24-018) - Canadian Centre for Cyber Security
Microsoft security advisory – January 2024 monthly rollup (AV24-018)
- www.bleepingcomputer.com Memorial University recovers from cyberattack, delays semester start
The Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus.
- www.theregister.com Swatting: The new normal in ransomware extortion tactics
Remember the good old days when ransomware crooks vowed not to infect medical centers?
- www.bitdefender.com 2024 Cybersecurity Forecast: Ransomware's New Tactics and Targets
In the past, cybercriminals often operated with the motive to "do it for lulz," engaging in malicious activities purely for the sake of amusement or creating chaos.
In the past, cybercriminals often operated with the motive to "do it for lulz," engaging in malicious activities purely for the sake of amusement or creating chaos. Today, they’re driven by profit, transforming into rational business entities seeking scalable, repeatable processes for a steady income. This change in motivation has made predicting their behavior somewhat easier, as their actions are now grounded in strategic objectives rather than unpredictable whims.
In 2024, we expect the ransomware threat will continue taking an opportunistic turn—a trend that we first highlighted in 2022, gained momentum throughout 2023 (marked by multiple advisories, culminating in the ongoing CitrixBleed exploitation), and is projected to reach maturity this year.
-
Email addresses are not good 'permanent' identifiers for accounts
Every so often someone needs to create a more or less permanent internal identifier in their system every person's account. Some of the time they look at how authentication systems like OIDC return email addresses among other data and decide that since pretty much everyone is giving them an email address, they'll use the email address as the account's permanent internal identification.
As the famous saying goes, now you have two problems.
- isc.sans.edu Fingerprinting SSH Identification Strings - SANS Internet Storm Center
Fingerprinting SSH Identification Strings, Author: Johannes Ullrich
- www.bleepingcomputer.com The biggest cybersecurity and cyberattack stories of 2023
2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities.
-
Cybersecurity issue affecting Grenfell Campus of Memorial University - IT services at the Marine Institute have been temporarily shut down
gazette.mun.ca IT issueOn Dec. 29, 2023, Memorial University became aware of an issue with the information technology (IT) services at Grenfell Campus.As soon as the issue was discovered, security protocols were put in place to isolate the impacted systems and an investigation was launched. Memorial can now confirm that t...
On Dec. 29, 2023, Memorial University became aware of an issue with the information technology (IT) services at Grenfell Campus.
As soon as the issue was discovered, security protocols were put in place to isolate the impacted systems and an investigation was launched. Memorial can now confirm that the issue is the result of a cybersecurity incident and law enforcement has been notified.
IT services at the Marine Institute have been temporarily shut down as a precaution. There is no indication at this stage that IT services or data on other campuses are impacted.
Memorial is committed to protecting the information entrusted to it and maintaining operations for students, faculty and staff to the fullest extent possible. Memorial is actively working with cybersecurity experts to conduct a forensic investigation to determine the cause and scope of the issue. This investigation is in its early stages and will likely take some time to complete. Memorial will directly notify any individuals whose information may have been affected by this incident.
Memorial’s Emergency Operations Centre has been activated and a team of pan-university experts are working together to mitigate impacts on academic, research and administrative activities.
More information about any changes that impact faculty, staff or students at Grenfell Campus will be shared in advance of the start of the winter 2024 semester. Information will be posted on mun.ca as it becomes available.
- www.theregister.com Kaspersky unknown hardware 'feature' used in iPhone attacks
'This is no ordinary vulnerability' sec pros explain
- www.welivesecurity.com A year in review: 10 of the biggest security incidents of 2023
As we draw the curtain on another eventful year in cybersecurity, let’s review some of the high-profile cyber-incidents that occurred this year3.
- www.wired.com The Worst Hacks of 2023
It was a year of devastating cyberattacks around the globe, from ransomware attacks on casinos to state-sponsored breaches of critical infrastructure.
- techcrunch.com Here we go again: 2023's badly handled data breaches | TechCrunch
Last year, we compiled a list of 2022’s most poorly handled data breaches looking back at the bad behavior of corporate giants when faced with hacks and
-
NASA Issues New Space Security Best Practices Guide - NASA
www.nasa.gov NASA Issues New Space Security Best Practices Guide - NASAAs space missions and technologies grow increasingly interconnected, NASA has released the first iteration of its Space Security Best Practices Guide to