Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 12, column 8

Motherboard

People Are Playing 'Strikle' Instead of 'Wordle' In Solidarity With The New York Times Union Walk-Out

On December 8, 2022Source: VICE US - MotherboardBy Chloe Xiang
Categories: Tech, Union, strike, solidarity, The New York Times, labor

Wordle fans who don't want to cross a picket line can still get their fix thanks to a strike-themedRead more

FTC Sues to Block Microsoft Acquisition of ‘Call of Duty’ Publisher Activision Blizzard

On December 8, 2022Source: VICE US - MotherboardBy Matthew Gault
Categories: Tech, FTC, microsoft, Sony, Call of Duty, Gaming, Business

The almost $69 billion purchase would be the largest in video game history but only if the federal gRead more

“Death From a Thousand Cuts”: ZeniMax QA Workers Share Why They’re Unionizing

On December 8, 2022Source: VICE US - MotherboardBy Jules Roscoe
Categories: Union, unionization, zenimax, microsoft, Gaming, Elder Scrolls

Over 300 workers in the game developer's quality assurance department are hosting a union election tRead more

Guy Who Wrote Minecraft's Ending Poem Makes It Public Domain After Taking Shrooms

On December 8, 2022Source: VICE US - MotherboardBy Matthew Gault
Categories: Tech, Minecraft, Public Domain, Mushrooms, magic mushrooms

The original author’s story is one of love, universal accord, and magic mushrooms.Read more

We Are Watching Elon Musk and His Fans Create a Conspiracy Theory About Wikipedia in Real Time

On December 8, 2022Source: VICE US - MotherboardBy Jason Koebler
Categories: Wikipedia, elon musk, Disinformation

Here’s what actually happened with the ‘Twitter Files’ Wikipedia page.Read more

Data Breeches

https://www.databreaches.net/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 12, column 8

Cyberscoop

White House argues platforms should be liable if algorithms promote harmful content

On December 8, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Government, Policy, Threats, disinformation, Google, Supreme Court, White House, YouTube

The Biden administration argues that companies such as Google should be responsible for harmful contRead more

US National Cyber Director plans Japan trip to bolster digital cooperation

On December 8, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Geopolitics, Government, Policy, Chris Inglis, cyberdefense, Japan, Office of the Director of National Intelligence (ODNI)

Inglis's trip reflects Japan's status as an increasingly important ally on cybersecurity, particularRead more

Ensuring compliance without compromising on IT modernization initiatives

On December 7, 2022Source: CyberScoopBy Julia Weaver
Categories: Government, Sponsored Content, Cloud, compliance, CyberTalks 2022, executive perspective, Google Cloud, Google Cloud 2022, Jeanette Manfra

Cloud providers can play a key role in modernizing how government agencies ensure compliance acrossRead more

Apple will encrypt iCloud backups, addressing longstanding criticism

On December 7, 2022Source: CyberScoopBy Tonya Riley
Categories: Technology, Apple, encryption, hacking, privacy

Privacy groups said the encryption features — which require users to opt in — are welcome but long oRead more

$858 billion defense bill focuses heavily on cyber. These are some highlights.

On December 7, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Government, Policy, Threats, Cyberspace Solarium Commission, Department of Defense (DOD), National Security Agency (NSA), NDAA, U.S. Cyber Command

The National Defense Authorization Act omits some efforts such as one to compel federal contractorsRead more

North Korean hackers exploit Itaewon tragedy to infiltrate South Korean targets

On December 7, 2022Source: CyberScoopBy AJ Vicens
Categories: Threats, APT37, backdoors, Google Threat Analysis Group, North Korea

The notorious hacking group used the Halloween tragedy that killed more than 150 people to trick SouRead more

CISA's 2023 priorities include election security, corporate cyber risk

On December 7, 2022Source: CyberScoopBy Christian Vasquez
Categories: Government, Policy, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), Jen Easterly

Director Jen Easterly said the agency's focus will include working with the C-suite, local officialsRead more

ChatGPT shows promise of using AI to write malware

On December 6, 2022Source: CyberScoopBy Elias Groll
Categories: Research, Technology, artificial intelligence (AI), Cybersecurity, hacking

Large language models pose a major cybersecurity risk, both from the vulnerabilities they risk introRead more

Regulation won't fix internet routing security

On December 6, 2022Source: CyberScoopBy Michael B. Farrell
Categories: Commentary, Uncategorized, FCC, infrastructure, internet, policy, regulation

A push for routing security regulation from U.S. agencies including the FCC won't result in the sortRead more

DHS secretary says US faces 'a new kind of warfare'

On December 5, 2022Source: CyberScoopBy Christian Vasquez
Categories: Government, Policy, Alejandro Mayorkas, critical infrastructure, Department of Homeland Security (DHS)

DHS Secretary Alejandro Mayorkas said in a speech that the convergence of international and nationalRead more

Krebs On Security

The Hacker News

MuddyWater Hackers Target Asian and Middle East Countries with Updated Tactics

On December 9, 2022Source: The Hacker NewsBy

The Iran-linked MuddyWater threat actor has been observed targeting several countries in the MiddleRead more

The Iran-linked MuddyWater threat actor has been observed targeting several countries in the Middle East as well as Central and West Asia as part of a new spear-phishing activity. "The campaign has been observed targeting Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar, Tajikistan, and the United Arab Emirates," Deep Instinct researcher Simon Kenin said in a technical write-up.

Researchers Uncover Darknet Service Allowing Hackers to Trojanize Legit Android Apps

On December 8, 2022Source: The Hacker NewsBy

Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operRead more

Researchers have shed light on a new hybrid malware campaign targeting both Android and Windows operating systems in a bid to expand its pool of victims. The attacks entail the use of different malware such as ERMAC, Erbium, Aurora, and Laplas, according to a ThreatFabric report shared with The Hacker News. "This campaign resulted in thousands of victims," the Dutch cybersecurity company said,

COVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped Computers

On December 8, 2022Source: The Hacker NewsBy

An unconventional data exfiltration method leverages a previously undocumented covert channel to leaRead more

An unconventional data exfiltration method leverages a previously undocumented covert channel to leak sensitive information from air-gapped systems. "The information emanates from the air-gapped computer over the air to a distance of 2 m and more and can be picked up by a nearby insider or spy with a mobile phone or laptop," Dr. Mordechai Guri, the head of R&D in the Cyber Security Research

Apple Boosts Security With New iMessage, Apple ID, and iCloud Protections

On December 8, 2022Source: The Hacker NewsBy

Apple on Wednesday announced a raft of security measures, including an Advanced Data Protection settRead more

Apple on Wednesday announced a raft of security measures, including an Advanced Data Protection setting that enables end-to-end encrypted (E2EE) data backups in its iCloud service. The headlining feature, when turned on, is expected to secure 23 data categories using E2EE, including device and message backups, iCloud Drive, Notes, Photos, Reminders, Voice Memos, Safari Bookmarks, Siri Shortcuts,

Best Year-End Cybersecurity Deals from Uptycs, SANS Institute, and Bitdefender

On December 8, 2022Source: The Hacker NewsBy

Looking to up your cybersecurity game in the new year? Do not just buy electronics this vacation seaRead more

Looking to up your cybersecurity game in the new year? Do not just buy electronics this vacation season, improve your cybersecurity! The end of the year is a great time to re-evaluate your cybersecurity strategy and make some important investments in protecting your personal and professional data. Cyber threats are constantly evolving and becoming more sophisticated, so it's important to stay on

Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers

On December 8, 2022Source: The Hacker NewsBy

An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor toRead more

An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to target South Korean users by capitalizing on the recent Itaewon Halloween crowd crush to trick users into downloading malware. The discovery, reported by Google Threat Analysis Group researchers Benoît Sevens and Clément Lecigne, is the latest set of attacks perpetrated by ScarCruft, which is

Iranian Hackers Strike Diamond Industry with Data-Wiping Malware in Supply-Chain Attack

On December 8, 2022Source: The Hacker NewsBy

An Iranian advanced persistent threat (APT) actor known as Agrius has been attributed as behind a seRead more

An Iranian advanced persistent threat (APT) actor known as Agrius has been attributed as behind a set of data wiper attacks aimed at diamond industries in South Africa, Israel, and Hong Kong. The wiper, referred to as Fantasy by ESET, is believed to have been delivered via a supply-chain attack targeting an Israeli software suite developer as part of a campaign that began in February 2022.

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

On December 7, 2022Source: The Hacker NewsBy

The Vice Society cybercrime group has disproportionately targeted educational institutions, accountiRead more

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments, manufacturing, retail, and legal services, according to an analysis of leak site data by Palo Alto Networks

How XDR Helps Protect Critical Infrastructure

On December 7, 2022Source: The Hacker NewsBy

Critical infrastructure is important for societal existence, growth, and development. Societies areRead more

Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Safety and security are necessary for the optimal operation of these critical infrastructures. Critical infrastructure is made up of digital

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

On December 7, 2022Source: The Hacker NewsBy

The China-linked nation-state hacking group referred to as Mustang Panda is using lures related to tRead more

The China-linked nation-state hacking group referred to as Mustang Panda is using lures related to the ongoing Russo-Ukrainian War to attack entities in Europe and the Asia Pacific. That's according to the BlackBerry Research and Intelligence Team, which analyzed a RAR archive file titled "Political Guidance for the new EU approach towards Russia.rar." Some of the targeted countries include

How Can We Help?

8 + 4 =

Share This