October 24, 2023 at 01:03PM The University of Michigan confirmed a data breach where personal information of students, applicants, alumni, employees, and others was accessed. The breach occurred between August 23 and 27 and exposed names, Social Security numbers, financial and health information. The university disconnected the campus network from the internet and is offering … Read more
October 24, 2023 at 11:11AM French professional basketball team LDLC ASVEL has confirmed a data breach after being targeted by the NoEscape ransomware gang. The attackers claimed to have stolen 32 GB of data, including personal information and confidential documents. The ransomware group has threatened to publish the stolen data if a ransom is not … Read more
October 24, 2023 at 04:23AM SANS has developed a training and certification program focused on cloud security. They are offering a free webinar called ‘Bridge to the Clouds: Unifying Worlds with Entra ID in Hybrid Landscapes’ on November 7th. The webinar will explore how Microsoft’s Entra ID improves identity and access management in hybrid cloud … Read more
October 23, 2023 at 05:07PM Security researchers have observed a sharp decline in the number of infected Cisco IOS XE systems over the weekend. The reason behind this decline is that the attacker altered the implant, making it no longer visible via previous fingerprinting methods. However, nearly 38,000 devices remain compromised if one knows how … Read more
October 23, 2023 at 04:10PM A Brazilian cybercrime campaign targeting bank customers has expanded from the Americas to Europe, indicating a rise in cybercrime in Brazil. Key Takeaways from Meeting Notes: 1. Brazilian cybercrime is experiencing an increase in activities. 2. A specific campaign focused on targeting bank customers has expanded its reach from the … Read more
October 23, 2023 at 03:41PM Hackers breached the University of Michigan’s network in August, accessing systems with information belonging to students, applicants, alumni, donors, employees, patients, and research study participants. The unauthorized access lasted from August 23-27, and the data exposed included personal, financial, and medical details. The university detected the suspicious activity and isolated … Read more
October 23, 2023 at 03:19PM The US National Association of State Chief Information Officers (NASCIO) released its 2023 State CIO Top Ten Policy and Technology Priorities. The priorities include cybersecurity and risk management, digital government and services, workforce training, legacy modernization, identity and access management, cloud services, consolidation and optimization, data and information management, broadband … Read more
October 23, 2023 at 02:22PM Citrix warns admins to immediately secure NetScaler ADC and Gateway appliances against ongoing attacks exploiting the CVE-2023-4966 vulnerability. The vulnerability allows unauthenticated attackers to remotely exploit systems without user interaction. Mandiant reported that threat actors have been using this zero-day vulnerability to steal authentication sessions and hijack accounts since late … Read more
October 23, 2023 at 02:09PM The Quasar RAT malware is using DLL side-loading to steal data from compromised Windows hosts. The malware disguises itself as legitimate files, such as ctfmon.exe and calc.exe, to avoid detection. It can gather system information, execute commands, and establish remote access. The attack vector is likely phishing emails. Stay vigilant … Read more
October 23, 2023 at 12:42PM US energy services firm BHI Energy disclosed how the Akira ransomware gang breached their network and stole data in a recent attack. The attackers used stolen VPN credentials from a third-party contractor to gain access. They stole 767k files, including personal information such as full names, dates of birth, social … Read more