October 18, 2024 at 10:49AM The FCC’s 2024 K-12 Cybersecurity Pilot Program, funded with $200 million, aims to enhance cybersecurity in U.S. schools and libraries facing increasing threats. Institutions can apply if they meet specific criteria, with emphasis on long-term sustainability. Cynet Security offers support in audits, planning, and implementing effective cybersecurity strategies. ### Meeting … Read more
October 18, 2024 at 08:00AM Australian, Canadian, and U.S. cybersecurity agencies revealed a year-long Iranian cyber campaign targeting critical infrastructure, employing brute-force and password spraying attacks. Techniques like MFA prompt bombing were used for infiltrating systems in healthcare, government, and energy sectors, aiming to acquire credentials for further cybercriminal activities. ### Meeting Takeaways – October … Read more
October 18, 2024 at 07:00AM Threat actors are using fake Google Meet pages in the ClickFix malware campaign to deliver infostealers for Windows and macOS. Users are tricked into executing malicious PowerShell commands through deceptive error messages. The campaign is linked to two groups, raising concerns about unknown cybercrime services facilitating these operations. ### Meeting … Read more
October 18, 2024 at 06:01AM SANS’ 2024 State of ICS/OT Cybersecurity report highlights insights from over 530 professionals in critical infrastructure. It reveals that organizations are improving in detecting OT incidents more quickly, yet their response capabilities remain inadequate. ### Meeting Takeaways: 1. **Publication**: SANS has released the 2024 State of ICS/OT Cybersecurity report. 2. … Read more
October 17, 2024 at 07:37PM Globe Life faces an extortion attempt involving stolen customer data, affecting approximately 5,000 clients. The insurer reports no financial information was compromised and claims the incident is not linked to recent system vulnerabilities. This situation coincides with ongoing legal troubles and shareholder lawsuits regarding alleged company misconduct. **Meeting Takeaways on … Read more
October 17, 2024 at 02:53PM Email phishing is a common threat, but lesser-known techniques are on the rise. Many new phishing websites are emerging, highlighting the need to be aware of these underrated phishing methods, which can be easily underestimated yet pose significant risks. **Meeting Takeaways: Key Points on Underestimated Phishing Techniques** 1. **Prevalence of … Read more
October 17, 2024 at 01:55PM A federal grand jury indicted two Sudanese nationals for operating Anonymous Sudan, responsible for over 35,000 DDoS attacks globally. Ahmed Omer, 22, and Alaa Omer, 27, face conspiracy charges, with potential sentences ranging from five years to life. Their group, linked to pro-Russian activities, was shut down during Operation PowerOFF. … Read more
October 16, 2024 at 07:22PM Iranian hackers are infiltrating critical infrastructure sectors, including healthcare and government, using brute-force methods to acquire credentials for resale on criminal forums. A joint advisory from U.S., Canadian, and Australian cybersecurity agencies details these tactics, emphasizing the need for organizations to enhance security measures and monitor for unusual login activities. … Read more
October 16, 2024 at 05:39PM The 8Base ransomware group claims to have stolen extensive confidential files from Volkswagen and plans to publish them. A spokesperson for Volkswagen stated they are not affected and are monitoring the situation. This incident follows previous data theft issues involving the company. No ransom demand has been confirmed. **Meeting Takeaways: … Read more
October 16, 2024 at 10:34AM The FBI, CISA, NSA, and other agencies warn of Iranian cyber actors exploiting brute force techniques to breach critical infrastructure sectors. These actors aim to obtain credentials for malicious activities. The advisory outlines their tactics and offers mitigation strategies, emphasizing strong passwords and multifactor authentication for enhanced cybersecurity. ### Meeting … Read more