December 1, 2023 at 08:42AM Recent underreported incidents include hacking attacks on US and European utility sectors, aerospace industry breaches, and the exposure of the leader of the hacker group Killnet. Meeting Takeaways: 1. A discussion took place on a range of underreported stories concerning cybersecurity. 2. There have been attacks on utilities within the … Read more
November 28, 2023 at 02:02PM The global aviation industry has suffered significant losses due to the pandemic, leading airlines to focus on capital preservation and survival. However, as the sector recovers, CEOs and CISOs are looking to invest in long-term growth, with cybersecurity becoming a top priority. Cyberattacks on the aviation industry are increasing, resulting … Read more
November 28, 2023 at 08:53AM A major cybercrime group that had been under investigation for over four years has been dismantled, according to Europol. The joint investigation team, led by French authorities, made five arrests, including the group’s leader and four accomplices. The group, responsible for attacking organizations in 71 countries, used various ransomware strains … Read more
November 28, 2023 at 03:53AM Despite the increasing security risk, passwords are still prevalent in the workplace, with organizations slowly transitioning to passwordless technology. According to a survey, 30% have started the transition, while 36% are one to two years away, and 21% are three to four years away. Weak password practices contribute to the … Read more
November 27, 2023 at 04:07PM General Electric (GE) and the Defense Advanced Research Projects Agency (DARPA) have been breached. Stolen data, including access credentials and military information, is being sold on the Dark Web. GE is aware of the claims and is investigating the issue. The breach raises concerns about cyberattacks on federal agencies and … Read more
November 22, 2023 at 05:00PM The Lumma information-stealer malware, also known as LummaC2, claims to have a new feature that can restore expired Google cookies, allowing cybercriminals to hijack Google accounts. The feature is only available to subscribers of the highest-tier plan, costing $1,000/month. While this capability has not been verified by security researchers or … Read more
November 21, 2023 at 02:41PM A former executive from a healthcare network security firm pleaded guilty to intentionally compromising a Georgia hospital network for sales purposes. He gained unauthorized access to the phone system, causing it to go offline and accessed sensitive patient information. He also sent a message to printers on the network. He … Read more
November 20, 2023 at 03:27PM CISA has introduced a pilot program to offer cybersecurity services to critical infrastructure entities facing increasing cyberattacks. The program includes deploying Protective Domain Name System to participating organizations and hosting roundtables to understand their needs. Initially, the program targets healthcare, water, and K-12 education, with plans to expand to 100 … Read more
November 20, 2023 at 09:42AM APT29, a state-sponsored Russian hacker group, is exploiting the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. The group is using a BMW car sale lure to target embassy entities. The vulnerability allows for execution of malicious code through crafted .RAR and .ZIP archives. APT29 has been using a Ngrok static domain … Read more
November 20, 2023 at 09:33AM Johnson Controls has released patches for a critical vulnerability found in some of its industrial refrigeration products. The flaw, known as CVE-2023-4804, could allow unauthorized access to debug features. Impacted products include control panels used in the food and beverage industry worldwide. The patches fix the vulnerability that could potentially … Read more