Xynik January 10, 2024 at 06:23PM Fidelity National Financial disclosed a cybersecurity incident that led to unauthorized access of 1.3 million customers’ data. The intrusion was attributed to ransomware group ALPHV/BlackCat. FNF’s forensic investigation revealed that certain data was exfiltrated, though it claimed no direct customer impact. The company is providing credit monitoring and identity services … Read more
January 10, 2024 at 05:42PM Consumer electronics manufacturers are rapidly innovating while regulators struggle to keep pace. This innovation has implications for data privacy, which remains in a precarious state. Based on the meeting notes, it is clear that consumer electronics manufacturers are rapidly innovating while regulators are slow to adapt to these changes. The … Read more
January 10, 2024 at 05:26PM Mandiant, a cybersecurity firm and Google subsidiary, had its Twitter account hijacked by a Drainer-as-a-Service gang. The attacker redirected over 123,000 followers to a phishing page to steal cryptocurrency, with an estimated minimum of $900,000 in assets stolen. Verified organizations like the U.S. Securities and Exchange Commission have also been … Read more
January 10, 2024 at 03:46PM Cisco has addressed a critical security flaw in Unity Connection, preventing unauthenticated attackers from gaining root privileges remotely. The vulnerability (CVE-2024-20272) allows execution of commands on the operating system by uploading arbitrary files. Additionally, Cisco patched ten medium-severity vulnerabilities in various products, including a command injection flaw in the WAP371 … Read more
January 10, 2024 at 03:46PM Fidelity National Financial confirmed a cyberattack by the BlackCat ransomware gang on November 19, 2023, affecting 1.3 million customers. The attack prompted containment measures and data exfiltration from breached systems. FNF is providing affected customers with credit monitoring and identity theft services and is prepared to defend against potential lawsuits. … Read more
January 10, 2024 at 03:37PM The White House is expected to propose rules requiring US hospitals to meet cybersecurity standards before receiving federal funding. This move aims to combat ransomware attacks on healthcare facilities. The rules, set to take effect this year, will link hospital IT security with funding. Stakeholders’ feedback will be valued, with … Read more
January 10, 2024 at 03:11PM The SEC’s Twitter account was hacked, leading to a fraudulent post about ETF approval. The SEC launched an investigation, confirming the compromise was due to an unknown individual gaining control of a phone number associated with the account. The incident caused a 5% increase in Bitcoin’s price and underscored the … Read more
January 10, 2024 at 03:01PM The text discusses the complex issue of ransomware and the potential effectiveness of banning ransom payments to curb attacks. It also touches on criminal tactics like threatening to involve police SWAT teams. The piece mentions a colleague’s opinion piece and invites further discussion. The episode features vultures Chris Williams, Brandon … Read more
January 10, 2024 at 02:49PM The pro-Ukraine hacktivist group ‘Blackjack’ claimed a cyberattack on Russian ISP M9com in retaliation for an attack on Ukraine’s Kyivstar mobile operator. The attack disrupted M9com’s services and exposed confidential data. Blackjack promised more attacks as retaliation for the Kyivstar hack. The group is reportedly linked to the Security Service … Read more
January 10, 2024 at 01:59PM Ivanti has disclosed two zero-day vulnerabilities in its Connect Secure (ICS) and Policy Secure products. The CVE-2023-46805 flaw bypasses authentication, while CVE-2024-21887 allows arbitrary command execution. Chaining the two enables attackers to run commands without authentication. Ivanti is working on patches, with mitigation available until then. The company reports limited … Read more