CyberSecurity Blog

Breach Roundup: Winter Vivern Hunting For Emails

Also, Cloudflare Records Surge in HTTP DDoS AttacksThis week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage and the Kansas court system still offline. The post Breach Roundup: Winter Vivern…
Read more

Rising Global Tensions Could Portend Destructive Hacks

ICYMI: CISA’s Goldstein Says Critical Infrastructure Should ‘Remain on Heightened Alert’ U.S. government agencies and private sector organizations should “remain on heightened alert” for disruptive cyberattacks targeting critical infrastructure amid a series of escalating global conflicts, a top official for the U.S. Cybersecurity and Infrastructure Security Agency said on Wednesday.http://dlvr.it/Sy0flF

Consumer IoT Security Labels: Transparency Push Intensifies

ICYMI: Vendors Want ‘Clear, Consistent and Actionable Information’ for Device Security Essential, real-time security information about every Internet of Things device should be clearly communicated to consumers before and after purchase, a consortium of technology vendors says in a list of IoT security principles, which recommend the use of “live labels.”http://dlvr.it/SxzlVH

Unpatched Zero-Day Being Exploited in the Wild, Cisco Warns

ICYMI: No Patch Available; Thousands Infected by IOS Software XE Web User Interface FlawCisco issued an urgent warning Monday about a critical vulnerability in one of its modular operating system’s web interfaces that is designed for routers, switches and other appliances. Hackers exploited the IOS XE software UI to gain admin rights that give them…
Read more

Meet Octo Tempest, ‘Most Dangerous Financial’ Hackers

Octo Tempest Hacked Las Vegas, Twilio and Hooked Up With BlackCatA financially motivated hacking group is becoming more aggressive, leading Microsoft to dub it “one of the most dangerous financial criminal groups.” Octo Tempest is the rare English-speaking affiliate of Russian-speaking ransomware group BlackCat. The post Meet Octo Tempest, ‘Most Dangerous Financial’ Hackers appeared first…
Read more

Rising Global Tensions Could Portend Destructive Hacks

CISA’s Goldstein Says Critical Infrastructure Should ‘Remain on Heightened Alert’ U.S. government agencies and private sector organizations should “remain on heightened alert” for disruptive cyberattacks targeting critical infrastructure amid a series of escalating global conflicts, a top official for the U.S. Cybersecurity and Infrastructure Security Agency said on Wednesday.http://dlvr.it/Sxy27G

Consumer IoT Security Labels: Transparency Push Intensifies

Vendors Want ‘Clear, Consistent and Actionable Information’ for Device Security Essential, real-time security information about every Internet of Things device should be clearly communicated to consumers before and after purchase, a consortium of technology vendors says in a list of IoT security principles, which recommend the use of “live labels.”http://dlvr.it/Sxx5k2

New England Biolabs leak sensitive data

New England Biolabs leak sensitive data Pierluigi Paganini October 25, 2023 On September 18th, the Cybernews research team discovered two publicly hosted environment files (.env) attributed to New England Biolabs. Leaving environment files open to the public is one of the simplest mistakes that web admins can make, but it can have disastrous consequences. Despite…
Read more