December 8, 2023 at 08:36AM The US and UK have charged and imposed sanctions on two hackers affiliated with Russia’s FSB security service. Takeaways from the Meeting: 1. The United States and the United Kingdom have publicly announced charges against two hackers. 2. These two hackers are purported to be collaborating with Russia’s Federal Security … Read more
December 8, 2023 at 06:42AM Cyberattackers disrupted an Irish water utility, resulting in a two-day water outage for residents. (15 words) Meeting Takeaways: – A cyberattack targeted an Irish water utility. – The attack caused significant disruption to services. – The aftermath of the attack left residents without water for a period of two days. … Read more
December 7, 2023 at 06:23PM Cybersixgill has launched new features for its cyber threat intelligence platform, including an Identity Intelligence module for compromised account monitoring, an improved Alerts page for faster threat response, and OSV Support for open-source vulnerability awareness. These tools aim to enhance threat detection, decision-making, and pre-emptive action to protect against cyber-attacks. … Read more
December 7, 2023 at 01:12PM An Apple-commissioned study indicates 2.6 billion personal data records were compromised in breaches over the last two years, underscoring the need for end-to-end encryption. Meeting Takeaways: 1. Apple commissioned a study focusing on data breaches. 2. The study found that 2.6 billion personal data records were compromised over the past … Read more
December 7, 2023 at 10:54AM Five Eyes government agencies issued guidance for developing strategies to address memory safety vulnerabilities. Takeaway from Meeting: – Government agencies from the Five Eye countries (United States, United Kingdom, Canada, Australia, and New Zealand) have released new guidelines to assist in the development of roadmaps for memory safety. – The … Read more
December 7, 2023 at 10:28AM Star Blizzard, believed to be linked to Russia’s FSB, continues targeted spear-phishing attacks for intelligence gathering. They impersonate trusted contacts using researched information to deceive individuals and organizations in the UK and beyond. Numerous cyber security agencies warn of their expanded targeting since 2019, including the defense industry and energy … Read more
December 7, 2023 at 08:54AM The ‘Pool Party’ is a collection of eight novel Windows process injection methods that escape detection by endpoint detection and response (EDR) tools. Takeaways from the meeting notes: 1. “Pool Party” is a name given to a new collection of eight Windows process injection techniques. 2. These techniques are capable … Read more
December 7, 2023 at 07:46AM Over 22,000 patients’ data were exposed by Cambridge University Hospitals NHS Foundation Trust due to errors responding to Freedom of Information requests. Maternity and cancer patient details were inadvertently revealed. The Trust has since audited past FoI responses, improved data security measures, and is cooperating with the ICO. Meeting Takeaways: … Read more
December 6, 2023 at 05:10PM Austal USA, a shipbuilding contractor for the US government, reported a cyberattack by Hunters International to the FBI and NCIS. The ransomware group leaked stolen data online but the company contained the breach with no operational impact reported. No personal or classified data was compromised; investigations are ongoing. Meeting Takeaways: … Read more
December 6, 2023 at 02:48PM At the Black Hat Europe 2023 event, Ollie Whitehouse of the NCSC stated that current cybersecurity is inadequate to counter advanced threats. He criticized security vendors for creating closed ecosystems with up-charges for better security and lacking transparency, especially regarding SaaS vulnerabilities. He advocated for basic security improvements and greater … Read more