January 18, 2024 at 01:50PM Kansas State University is managing a cybersecurity incident disrupting VPN, K-State Today emails, and Canvas and Mediasite videos. Its prompt response includes engaging third-party IT forensic experts, providing guidance to maintain educational continuity, and ongoing updates. Email services will resume with limitations on January 18. No data breach has been … Read more
January 18, 2024 at 01:32PM The US is contemplating legislation to make the Cyber Safety Review Board (CSRB) a permanent fixture in cybersecurity. Experts emphasize the need for substantial changes in its organization to ensure detailed and independent reports. Discussion also arose on granting the board subpoena powers, with mixed opinions from industry figures and … Read more
January 18, 2024 at 01:02PM Two cybercriminal groups used a French transportation company’s AWS accounts to send phishing emails, exploiting Amazon Web Services’ Simple Email Service (SES). The attackers bypassed spam filters and took advantage of SES’ features to send high volumes of emails. Cloud email attacks pose challenges in prevention and detection, with potential … Read more
January 18, 2024 at 12:37PM Haier issued a takedown notice to a developer for creating Home Assistant integration plugins for its home appliances on GitHub. The developer received a legal threat demanding the removal of the tools citing unauthorized use and significant economic harm. The plugins, although open-source, may incorporate Haier’s intellectual property. Haier’s actions … Read more
January 18, 2024 at 12:19PM In late 2023, Bangladesh experienced a surge in distributed denial-of-service (DDoS) attacks, particularly targeted towards key industries and the national election. The attacks were aimed at disrupting communication channels and information flow, possibly to manipulate voter communication and compromise the credibility of the electoral process. The Smart Election app, used … Read more
January 18, 2024 at 12:14PM Government modernization of cybersecurity strategies, including FedRAMP adoption and value-driven digital ecosystem development, is crucial to combat evolving cyber threats. Challenges like outdated technology, budget constraints, and disjointed security operations hinder progress. Yet, strategic investments in endpoint detection and response solutions and FedRAMP-authorized products can enhance security operations and empower … Read more
January 18, 2024 at 12:09PM A novel campaign is targeting vulnerable Docker services by deploying XMRig cryptocurrency miner and 9Hits Viewer software to generate revenue. The campaign uses various strategies to drive traffic to websites, breaching servers to deploy malicious containers via Docker API. The impact includes resource exhaustion and potential for a serious breach. … Read more
January 18, 2024 at 12:05PM Ransomware attacks have been linked to psychological and physical illnesses among cybersecurity workers. The Royal United Services Institute’s research uncovered stories of stress-related heart attacks, hospitalizations, and even suicidal thoughts, shedding light on the toll of dealing with these attacks. The report emphasizes the widespread and lasting psychological and social … Read more
January 18, 2024 at 12:04PM The cyber-insurance market is expected to see rising claim volumes due to increasing threat activities, potentially leading to higher premiums in the next 12 to 24 months. Despite recent declines in average prices, industry experts anticipate a shift towards increased costs as the threat landscape evolves. While costs temporarily eased … Read more
January 18, 2024 at 11:12AM The Rapid SCADA open source industrial automation platform has seven unpatched vulnerabilities, including critical and high severity ones, allowing hackers to access sensitive industrial systems, execute arbitrary code, and compromise administrator passwords. The developers have not responded to notifications or requests for comment, leaving organizations vulnerable to potential attacks. Based … Read more