October 23, 2023 at 04:35AM The District of Columbia Board of Elections (DCBOE) announced that a web server operated by DataNet Systems, a hosting provider, was breached, potentially exposing the personal information of registered voters, including driver’s license numbers, birthdates, social security numbers, and contact information. The DCBOE is investigating the breach with the help … Read more
October 23, 2023 at 03:04AM The Federal Risk and Authorization Management Program (FedRAMP) has approved new Revision 5 (Rev. 5) baselines that align with NIST’s “SP 800-53 Rev. 5.” Changes in FedRAMP include updated security controls, documentation, and templates, as well as new control families and increased focus on privacy and customization. Cloud service providers … Read more
October 22, 2023 at 06:06PM Google is proposing a new “IP Protection” feature for the Chrome browser to enhance users’ privacy by masking their IP addresses. The feature will route third-party traffic through proxies, making the IP addresses invisible to those domains. Initially, it will be an opt-in feature, allowing users to control their privacy. … Read more
October 22, 2023 at 01:42PM The number of Cisco IOS XE devices hacked with a malicious backdoor implant has dramatically decreased from over 50,000 to only a few hundred. It is unclear why this decline has occurred, with researchers speculating that the threat actors may have deployed an update to hide their presence or a … Read more
October 22, 2023 at 01:42PM The TetrisPhantom threat is using compromised secure USB drives to target government systems in the Asia-Pacific region. The attack involves trojanized versions of the UTetris application, which is bundled on unencrypted parts of the USB drives. The attackers use sophisticated tools and techniques, including virtualization-based software obfuscation and self-replicating through … Read more
October 22, 2023 at 01:42PM Microsoft has launched its early access program for Security Copilot, an AI assistant that helps security teams detect and counter threats more efficiently. The assistant, similar to ChatGPT, offers features such as instant incident summaries, simplified language queries, and real-time malware analysis. It integrates with Microsoft’s 365 Defender XDR platform … Read more
October 21, 2023 at 04:14PM Insurance giant American Family Insurance experienced a cyberattack, leading to the shutdown of certain IT systems. The company detected unusual activity and took precautionary measures to protect data. While no compromises to critical systems have been detected, customers faced outages and were unable to access online services. Investigations are ongoing, … Read more
October 21, 2023 at 12:41PM Trigona ransomware suffered a data breach after Ukrainian hacktivists exploited a vulnerability in their server. The hackers breached several sites, taking data and defacing the Tor negotiation and data leak sites. Similarly, law enforcement disrupted the RagnarLocker ransomware operation, seizing the group’s dark websites and arresting a malware developer. In … Read more
October 21, 2023 at 12:41PM The International Criminal Court (ICC) has provided more information about a cyberattack it experienced five weeks ago, stating that it was a targeted operation for espionage. The ICC has taken necessary steps to address any compromise to data and is reinforcing its risk management framework. The impact of the attack … Read more
October 21, 2023 at 10:21AM Europol has successfully taken down the infrastructure associated with the Ragnar Locker ransomware and arrested a key suspect in France. Searches were conducted in Czechia, Spain, and Latvia, resulting in the arrest of the main perpetrator. Five other accomplices were interviewed, and servers and data leak portals were seized in … Read more