CyberSecurity Blog

North Korean Hackers Repeatedly Target Known Flaws in Legitimate Software North Korea’s state-sponsored hackers are spreading malware through known vulnerabilities in legitimate software. In a new campaign spotted by Kaspersky researchers, the Lazarus group is targeting a version of an unnamed software product with vulnerabilities reported and patches available.http://dlvr.it/Sy6sZ1

ICYMI: A threat actor is selling access to Facebook and Instagram’s Police Portal Pierluigi Paganini October 21, 2023 A threat actor is selling access to Facebook and Instagram’s Police Portal used by law enforcement agencies to request data relating to users under investigation. Cyber security researcher Alon Gal, co-founder & CTO of Hudson Rock, first…
Read more

IT Army of Ukraine disrupted internet providers in territories occupied by Russia Pierluigi Paganini October 29, 2023 IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine group have temporarily disabled internet services in some of…
Read more

Security Affairs newsletter Round 443 by Pierluigi Paganini – INTERNATIONAL EDITION  |  Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023  |  Lockbit ransomware gang claims to have stolen data from Boeing  |  How to Collect Market Intelligence with Residential Proxies?  |  F5 urges to address a critical flaw in BIG-IP  | …
Read more

ICYMI: Also: Cisco IOS XE Vulnerabilities in the Wild, Indonesia’s Data Protection Picture In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.http://dlvr.it/Sy52X8

ICYMI: Non-Banking Institutions Will Be Required to Report Breaches Under Revised Rule. Consumer lenders such as mortgage brokers, auto dealers and payday lenders must soon report data breaches to the Federal Trade Commission under a revised regulation that mandates public disclosure. The new disclosure requirement will become effective in six months.http://dlvr.it/Sy4nkJ

The government says it will protect kids online; critics say it’s a threat to privacy. The post The UK’s problematic Online Safety Act is now law appeared first on DanTechServices, Inc.http://dlvr.it/Sy4Q8C

Bug hunters earned $1,038,250 for 58 unique 0-days at Pwn2Own Toronto 2023 Pierluigi Paganini October 28, 2023 The Pwn2Own Toronto 2023 hacking competition is over, bug hunters earned $1,038,500 for 58 zero-day exploits. The Pwn2Own Toronto 2023 hacking competition is over, the organizers awarded $1,038,250 for 58 unique 0-days. The Team Viettel (@vcslab) won the…
Read more

Also: Cisco IOS XE Vulnerabilities in the Wild, Indonesia’s Data Protection Picture In the latest weekly update, ISMG editors discuss how cybersecurity businesses are building resilience during the Israel-Hamas war, the latest on the hacks of Cisco IOS XE devices, and recommendations for businesses in Indonesia looking to improve their cybersecurity practices.http://dlvr.it/Sy3C5q

Non-Banking Institutions Will Be Required to Report Breaches Under Revised Rule. Consumer lenders such as mortgage brokers, auto dealers and payday lenders must soon report data breaches to the Federal Trade Commission under a revised regulation that mandates public disclosure. The new disclosure requirement will become effective in six months.http://dlvr.it/Sy2skd