October 28, 2024 at 08:33AM Cybersecurity news reveals new threats including a critical Fortinet flaw under exploitation, severe cryptographic issues in cloud services, and North Korean Lazarus Group exploiting a Chrome vulnerability. Notably, Delta Air Lines sued CrowdStrike for a major outage, while CISA investigates unauthorized telecom access by Chinese threat actors. Stay informed and … Read more
October 28, 2024 at 07:26AM Cybersecurity researchers warn of a rise in phishing attacks utilizing Webflow, targeting sensitive crypto wallet information and webmail credentials. Over 120 organizations, primarily in North America and Asia, are affected. Attackers exploit legitimate services to create deceptive phishing pages, increasing their success in stealing user credentials. ### Meeting Takeaways 1. … Read more
October 28, 2024 at 07:17AM Chinese hackers conducted an espionage operation targeting the cellphones of Donald Trump, JD Vance, and individuals associated with Kamala Harris’s campaign, highlighting concerns over cybersecurity and political privacy. **Meeting Takeaways:** 1. **Main Event:** Chinese hackers are involved in an extensive espionage operation. 2. **Targets:** – High-profile individuals targeted include: – … Read more
October 28, 2024 at 06:40AM Four members of the REvil ransomware group, arrested in 2022, were sentenced to prison by a Russian court last week. **Meeting Notes Takeaways:** 1. Four members of the REvil ransomware group were arrested in 2022. 2. These individuals have recently been sentenced to prison by a Russian court. 3. The … Read more
October 27, 2024 at 05:47PM Fog and Akira ransomware operators are exploiting a critical vulnerability in SonicWall VPN accounts, leading to at least 30 network intrusions. Most cases involve Akira, with shared infrastructure indicating collaboration. Organizations lacked multi-factor authentication and used unpatched versions of SonicOS, resulting in rapid data encryption and theft following initial access. … Read more
October 25, 2024 at 05:31PM On October 24, LinkedIn was fined €310 million by EU regulators for violating GDPR data privacy rules. The Data Protection Commission found LinkedIn unlawfully processed user data for targeted advertising. Despite asserting compliance, LinkedIn will work to align its practices with regulations following this reprimand and order for compliance. ### … Read more
October 25, 2024 at 05:12PM Black Basta ransomware has shifted its social engineering tactics to Microsoft Teams, impersonating IT help desks to exploit employees. After inundating inboxes with emails, attackers contact users directly via Teams. Their goal is to trick employees into installing remote access tools, risking corporate networks. Organizations are advised to restrict external … Read more
October 25, 2024 at 04:57PM Black Basta ransomware is evolving, using Microsoft Teams for social engineering attacks by impersonating IT help desk personnel. Attackers overwhelm employees’ inboxes, then contact them via Teams to gain remote access and install malicious payloads, ultimately deploying ransomware. Organizations are advised to restrict external communication in Teams and enable logging. … Read more
October 25, 2024 at 04:06PM United Healthcare revealed that 100 million individuals were affected by the Change Healthcare ransomware attack in February. The breach, attributed to BlackCat/ALPHV, prompted Change Healthcare to pay $22 million in ransom. Subsequently, a second attack occurred by RansomHub. The incidents highlight significant cybersecurity vulnerabilities in the healthcare sector. ### Meeting … Read more
October 25, 2024 at 09:47AM LinkedIn has been fined 310 million euros by Ireland’s Data Protection Commission for violations related to data privacy. This enforcement action highlights ongoing concerns about compliance with data protection regulations. **Meeting Notes Takeaways:** – LinkedIn has been fined 310 million euros. – The fine was imposed by Ireland’s Data Protection … Read more