October 23, 2023 at 02:09PM The Quasar RAT malware is using DLL side-loading to steal data from compromised Windows hosts. The malware disguises itself as legitimate files, such as ctfmon.exe and calc.exe, to avoid detection. It can gather system information, execute commands, and establish remote access. The attack vector is likely phishing emails. Stay vigilant … Read more
October 23, 2023 at 01:46PM US organizations hiring freelance and temporary IT workers must be cautious of individuals working for the North Korean government. North Korea has infiltrated the freelance market, using skilled IT workers to secretly fund its nuclear weapons program. The workers, based in Russia and China, hide their true identities and locations. … Read more
October 23, 2023 at 12:42PM US energy services firm BHI Energy disclosed how the Akira ransomware gang breached their network and stole data in a recent attack. The attackers used stolen VPN credentials from a third-party contractor to gain access. They stole 767k files, including personal information such as full names, dates of birth, social … Read more
October 23, 2023 at 11:07AM The Spanish National Police dismantled a cybercriminal organization involved in various computer scams, stealing and selling the data of over four million people. Law enforcement conducted raids in multiple cities, resulting in the arrest of 34 individuals. The group used phishing techniques, made distress calls, and exploited insider positions to … Read more
October 23, 2023 at 10:09AM Cisco has released a free software update to address two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise over 50,000 IOS XE devices. The first fixed release available is 17.9.4a, with updates for other releases to be disclosed later. The vulnerabilities are in the web UI of Cisco devices … Read more
October 23, 2023 at 10:02AM The Federal Trade Commission (FTC) and the National Association of Insurance Commissioners (NAIC) have emphasized the importance of cyber insurance as a way to protect against cyberattacks. However, simply suggesting cyber insurance is not enough. The government should ensure its availability and affordability, particularly for small businesses. Businesses should also … Read more
October 23, 2023 at 09:25AM QNAP has successfully taken down a malicious server used in widespread brute-force attacks on NAS devices with weak passwords. With the help of Digital Ocean, they quickly identified and blocked the command-and-control server within 48 hours. QNAP urges customers to implement security measures, including changing default access port numbers and … Read more
October 23, 2023 at 09:08AM Microsoft is launching the early access program for Security Copilot, an AI cybersecurity tool embedded in the Microsoft 365 Defender XDR platform. The tool aims to save time for security teams by providing step-by-step instructions on managing incidents and offering insights to upskill existing staff. It can generate natural language … Read more
October 23, 2023 at 08:53AM HPE and Zerto have partnered to redefine data protection, offering integrated solutions for backup and disaster recovery. Their portfolio covers on-premises, cloud-based, and SaaS data, ensuring comprehensive defense against cyber threats. Attend the webinar on October 26th to learn about the benefits of this approach and how it provides business … Read more
October 23, 2023 at 05:32AM The City of Philadelphia is investigating a data breach that occurred in May, where attackers may have gained access to personal and protected health information. The breach notice states that unauthorized actors may have accessed certain City email accounts between May 26 and July 28, 2023. Impacted individuals’ information includes … Read more