Xynik

Fake 401K year-end statements used to steal corporate credentials

by

January 10, 2024 at 01:37PM Cybercriminals are using tactics such as fake 401(k) notices, open enrollment communications, and salary adjustment messages to steal employees’ credentials. Despite organizations’ robust email security solutions, phishing emails are still making their way into employees’ inboxes, particularly targeting large enterprises. Cofense advises coordinating and educating personnel to mitigate these attacks … Read more

Adapting Security to Protect AI/ML Systems

by

January 10, 2024 at 01:09PM AI/ML libraries increase attack surfaces, requiring advanced security measures beyond traditional IT capabilities. Based on the meeting notes, the key takeaway is that AI/ML libraries create larger attack surfaces, and traditional IT security lacks some essential capabilities to protect them effectively. Full Article

HMG Healthcare Says Data Breach Impacts 40 Facilities

by

January 10, 2024 at 01:03PM HMG Healthcare has announced a data breach affecting 40 facilities. The compromised information includes names, contact details, dates of birth, health info, medical treatment details, Social Security numbers, and employee records. Based on the meeting notes provided, it appears that the compromised information includes names, contact information, dates of birth, … Read more

Has the Investment Bubble Burst in Israeli Cybersecurity?

by

January 10, 2024 at 12:12PM Funding for Israeli startups decreased by 60% in 2023, reflecting a broader decline in tech investments. The market correction is attributed to inflated valuations. Israeli cybersecurity startups raised $1.89 billion in 2023 compared to $3.22 billion in 2022. Experts anticipate a shift towards more realistic company valuations and increased focus … Read more

Cybercrooks play dress-up as ‘helpful’ researchers in latest ransomware ruse

by

January 10, 2024 at 12:07PM Ransomware victims facing extortion attempts from a third party posing as a security researcher. Arctic Wolf Labs highlighted cases involving victims of Royal and Akira gangs being extorted by an individual or group, requesting a fee of 5 Bitcoin. The victims, US-based SMBs in finance and construction, did not pay … Read more

Windows 10 KB5034441 security update fails with 0x80070643 errors

by

January 10, 2024 at 11:56AM Windows 10 users faced difficulties while installing Microsoft’s January Patch Tuesday updates, encountering 0x80070643 errors for the KB5034441 security update for BitLocker. The update installation fails, displaying a Windows Update error message and may lead to insufficient space errors. Microsoft suggests creating a larger Windows Recovery Partition, although this solution … Read more

Microsoft Exchange 2019 has reached end of mainstream support

by

January 10, 2024 at 11:49AM Microsoft announced the end of mainstream support for Exchange Server 2019 on January 9, 2023, and will no longer accept bug fix requests. However, it will release patches for security issues and two cumulative updates, including support for TLS 1.3 and additional fixes. No details have been provided about the … Read more

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining

by

January 10, 2024 at 11:39AM The new Mirai-based botnet NoaBot is used by threat actors for a crypto mining campaign since 2023. It includes a wormable self-spreader and an SSH key backdoor, and has been linked to a Rust-based malware called P2PInfect. NoaBot’s unique features make it difficult to detect, and it has targeted 849 … Read more

Pikabot Malware Surfaces As Qakbot Replacement for Black Basta Attacks

by

January 10, 2024 at 11:35AM The emerging threat actor, Water Curupira, is using a new, sophisticated loader in thread-jacking phishing campaigns, signaling a precursor to ransomware attacks. Based on the meeting notes, it seems that an emerging threat actor named Water Curupira is using a new and sophisticated loader in thread-jacking phishing campaigns that are … Read more

BEC Gang Conspirator Sentenced to 10 Years in Prison

by

January 10, 2024 at 11:05AM Nigerian national living in the US ordered to pay over $1 million in restitution. Based on the meeting notes provided, it appears that the Nigerian national, who was living in the US, has been ordered to pay over $1 million in restitution. Full Article