CISA released nine Industrial Control Systems (ICS) advisories on April 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations. Source link lol
Read MoreToday, CISA publicly issued Emergency Directive (ED) 24-02 to address the recent campaign by Russian state-sponsored cyber actor Midnight Blizzard to exfiltrate email correspondence of Federal Civilian Executive Branch (FCEB) agencies through a successful compromise of Microsoft corporate email accounts. This Directive rhttps://www.cisa.gov/news-events/directives/ed-24-02-mitigating-significant-risk-nation-state-compromise-microsoft-corporate-email-systemequires agencies to analyze the content of exfiltrated emails, reset compromised credentials, and…
Read MoreOuch. On 7 March 2024, the UK’s Leicester City Council had its systems disrupted by a devastating cyber attack, forcing it to shut down its IT systems and phone lines. Among those affected were care home workers and the homeless. Sign up to our free newsletter.Security news, advice, and tips. By the end of March,…
Read MoreWhat’s going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways – locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with…
Read MoreThe East Central University (ECU) of Ada, Oklahoma, has revealed that a ransomware gang launched an attack against its systems that left some computers and servers encrypted and may have also seen sensitive information stolen. In an advisory posted on its website, ECU claims that the BlackSuit ransomware gang was unsuccessful in taking down the…
Read MoreARC Labs and Binary Defense are actively monitoring a compromise of data associated with Sisense, a company that provides data analytic product and services. At this point, it is unknown if the Sisense’s network was compromised but independent researchers and government organizations indicate that data impacting Sisense has been discovered outside of an authorized space.…
Read MoreCISA is collaborating with private industry partners to respond to a recent compromise discovered by independent security researchers impacting Sisense, a company that provides data analytics services. CISA urges Sisense customers to: Reset credentials and secrets potentially exposed to, or used to access, Sisense services. Investigate—and report to CISA—any suspicious activity involving credentials potentially exposed…
Read MoreApr 11, 2024The Hacker NewsSoftware Security / Programming GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets…
Read MoreApr 11, 2024NewsroomEndpoint Security / Ransomware A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. “This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors,” Proofpoint said. “Additionally,…
Read MoreBackdoor in XZ Utils That Almost Happened Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It’s a catastrophe that didn’t happen, so it won’t get much attention—but it should. There’s an important moral to the story of the attack and its discovery: The security of the…
Read More