Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

On October 26, 2021Source: Web Security – ThreatpostBy Lisa Vaas
Categories: Malware, Web Security

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasRead more

Lazarus Attackers Turn to the IT Supply Chain

On October 26, 2021Source: Web Security – ThreatpostBy Lisa Vaas
Categories: Breach, Web Security

Kaspersky researchers saw The North Korean state APT use a new variant of the BlindingCan RAT to breRead more

Attackers Hijack Craigslist Emails to Bypass Security, Deliver Malware

On October 26, 2021Source: Web Security – ThreatpostBy Becky Bracken
Categories: Malware, Web Security

Manipulated Craigslist emails that abuse Microsoft OneDrive warn users that their ads contain ‘inappRead more

Mozilla Firefox Blocks Malicious Add-Ons Installed by 455K Users

On October 26, 2021Source: Web Security – ThreatpostBy Lisa Vaas
Categories: Malware, Web Security

The misbehaving Firefox add-ons were misusing an API that controls how Firefox connects to the interRead more

Millions of Android Users Scammed in SMS Fraud Driven by Tik-Tok Ads

On October 26, 2021Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Malware, Mobile Security, Web Security

UltimaSMS leverages at least 151 apps that have been downloaded collectively more than 10 million tiRead more

Defending Assets You Don’t Know About, Against Cyberattacks

On October 25, 2021Source: Web Security – ThreatpostBy David “moose” Wolpoff
Categories: Cloud Security, Critical Infrastructure, InfoSec Insider, Mobile Security, Vulnerabilities, Web Security

No security defense is perfect, and shadow IT means no company can inventory every single asset thatRead more

Groove Calls for Cyberattacks on US as REvil Payback

On October 25, 2021Source: Web Security – ThreatpostBy Becky Bracken
Categories: Malware, Web Security

The bold move signals a looming clash between Russian ransomware groups and the U.S.Read more

BQE Web Suite Billing App Rigged to Inflict Ransomware

On October 25, 2021Source: Web Security – ThreatpostBy Lisa Vaas
Categories: Hacks, Malware, Vulnerabilities, Web Security

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’Read more

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks

On October 25, 2021Source: Web Security – ThreatpostBy Tara Seals
Categories: Breach, Government, Hacks, Web Security

The Nobelium group, linked to Russia's spy agency, is looking to use resellers as a path to infiltraRead more

CISA Urges Sites to Patch Critical RCE in Discourse

On October 25, 2021Source: Web Security – ThreatpostBy Lisa Vaas
Categories: Vulnerabilities, Web Security

The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whosRead more

Beeping Computer

Iranian gas stations out of service after distribution network hacked

On October 26, 2021Source: BleepingComputerBy Ionut Ilascu
Categories: Security

Gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) have stopped workiRead more

Spammers use Squirrelwaffle malware to drop Cobalt Strike

On October 26, 2021Source: BleepingComputerBy Bill Toulas
Categories: Security

A new malware threat named Squirrelwaffle has emerged in the wild, supporting actors with an initialRead more

Brutal WordPress plugin bug allows subscribers to wipe sites

On October 26, 2021Source: BleepingComputerBy Sergiu Gatlan
Categories: Security

A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can lRead more

Prepare for 5 cybersecurity certifications with this bundle

On October 26, 2021Source: BleepingComputerBy Lawrence Abrams
Categories: Security

With The Ultimate 2021 Cyber Security Survival Training Bundle, you get full prep for five top certiRead more

Windows 10 KB5006738 released with fixes for printing issues

On October 26, 2021Source: BleepingComputerBy Lawrence Abrams
Categories: Microsoft

Microsoft has released the optional KB5006738 Preview cumulative update for Windows 10 2004, WindowsRead more

Motherboard

Why Does FaZe Clan Think It’s Worth $1 Billion?

On October 26, 2021Source: VICE US - MotherboardBy Maxwell Strachan
Categories: Gaming, finance, nasdaq, faze clan, spac

The gaming clan, which has inscrutable business lines, is using an inscrutable financial tool in appRead more

This Company Is Selling Shares of a $236,800 Rare Pokémon Card

On October 26, 2021Source: VICE US - MotherboardBy Matthew Gault
Categories: Tech, Pokemon, investments, NFT

For a modest fee, you too can own a fraction of one of the most expensive Pokémon on the market.Read more

US Citizens Sue Company That Processes Billions of Texts For Exposing Their Data

On October 26, 2021Source: VICE US - MotherboardBy Lorenzo Franceschi-Bicchierai
Categories: Hacking, cybersecurity, hackers, CYBER, telecom, Infosec, data breach, class-action, Syniverse, worldnews

The plaintiffs hope to turn their lawsuits into class actions potentially representing millions of pRead more

Hackers Disrupt Gas Stations in Iran and Deface Billboards to Blame Supreme Leader

On October 26, 2021Source: VICE US - MotherboardBy Lorenzo Franceschi-Bicchierai
Categories: Hacking, cybersecurity, CYBER, Infosec, information security, worldnews

Hackers hit Iran's infrastructure for the second time in four months, after disrupting the country'sRead more

Crypto Investors Are Bidding to Touch a 1,784-Pound Tungsten Cube Once a Year

On October 26, 2021Source: VICE US - MotherboardBy Edward Ongweso Jr
Categories: tungsten, crypto, cube, NFT, opensea

You'll have to travel to a storage facility in Willowbrook, Illinois, to touch the forbidden cube.Read more

Data Breeches

CA: Woodlake Unified District student and personnel data dumped after ransomware incident

On October 26, 2021Source: DataBreaches.netBy chum1ng0
Categories: Education Sector, Malware, Of Note, U.S.

Woodlake Unified District in California includes Castle Rock Elementary, Francis J. White Learning CRead more

Central Restaurants Group in Thailand hit by Desorden

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Business Sector, Hack, Non-U.S.

The Desorden threat actors have been busy, it seems, as they have announced an attack on Central ResRead more

Political refuge for terrorists: The Hezbollah incubator in South America is published

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Government Sector, Hack, Non-U.S.

This is a machine translation of an article in Hebrew by Damian Petter: A group of hackers calling tRead more

Cyber attack closes Iran’s petrol stations

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Government Sector, Non-U.S.

Jon Gambrell reports: A cyber attack has targeted petrol stations across Iran, shutting down a goverRead more

FBI: Ranzy Locker ransomware hit at least 30 US companies this year

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Malware

Sergiu Gatlan reports: The FBI said on Monday that Ranzy Locker ransomware operators had compromisedRead more

Justice determines breach of confidentiality of medical records

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Breach Incidents, Lost or Missing

Jenni Smith reports: The court determined the breach of confidentiality of patient records of the heRead more

Viewing website HTML code is not illegal or “hacking,” prof. tells Missouri gov.

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Education Sector

Jon Brodkin reports: The cybersecurity professor who helped uncover the Missouri government’sRead more

Ukrainian police detain gang who laundered funds for Russian hacking groups

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Hack, Malware, Of Note

Catalin Cimpanu reports: Ukraine’s national police detained suspects on Monday for stealing funds frRead more

Nearly 30K former and current CU Boulder students’ personal information hacked

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Education Sector, Hack, Subcontractor, U.S.

Alex Rose reports: The University of Colorado Boulder is sending emails to roughly 30,000 former andRead more

Government data breach exposes Afghans to more danger

On October 26, 2021Source: DataBreaches.netBy Dissent
Categories: Exposure, Government Sector, Non-U.S.

Evan Dyer reports: The names of several hundred vulnerable Afghans seeking refuge from the Taliban wRead more

Cyberscoop

Scammers are emailing waves of unsolicited QR codes, aiming to steal Microsoft users' passwords

On October 26, 2021Source: CyberScoopBy AJ Vicens
Categories: Financial, Technology, Threats, email security, phishing, QR codes

Email fraudsters are seizing on the attention around the quick response codes that have become moreRead more

CISA selects Kim Wyman, GOP official who criticized false election fraud claims, as election security leader

On October 26, 2021Source: CyberScoopBy Tim Starks
Categories: Government, Workforce, Cybersecurity and Infrastructure Security Agency (CISA), election security, Kim Wyman

The Cybersecurity and Infrastructure Security Agency named a Republican secretary of state who has cRead more

Global 'Operation Dark HunTor' dark web sting leads to 150 arrests

On October 26, 2021Source: CyberScoopBy Tonya Riley
Categories: Government, Policy, cybercrime, dark web, Europol, Justice Department

The U.S. Justice Department and Europol announced Tuesday the arrest of 150 individuals allegedly inRead more

Iranian state media blames hack for apparent fuel shortage, the latest incident to draw attention

On October 26, 2021Source: CyberScoopBy Jeff Stone
Categories: Geopolitics, Threats, Check Point, Indra, Iran, wiper malware

Iranian officials say a cyberattack has forced the temporary closure of a government system that manRead more

Latest Russian espionage activity is broader than SolarWinds-style hacking effort, Microsoft's Tom Burt says

On October 25, 2021Source: CyberScoopBy Tim Starks
Categories: Geopolitics, Government, Technology, Threats, Cozy Bear, Microsoft, Nobelium, Russia, SolarWinds, SVR, Tom Burt

An apparent espionage campaign from the same Russian hacking group that breached the U.S. federal coRead more

Russian spies compromised 14 tech providers, aiming to 'piggyback' on customer access, Microsoft says

On October 25, 2021Source: CyberScoopBy Jeff Stone
Categories: Geopolitics, Threats, Cozy Bear, Microsoft, Nobelium, Russia

Suspected Russian spies who exploited a federal contractor to breach nine U.S. government agencies lRead more

Facebook files suit against Ukrainian man who allegedly scraped data about 178 million users

On October 22, 2021Source: CyberScoopBy Tonya Riley
Categories: Privacy, Technology, data scraping, Facebook, U.S. Supreme Court

Facebook filed a lawsuit against a Ukrainian man in a federal court Friday for allegedly using thirdRead more

US warns that Chinese government is using 'wide variety' of methods, some illegal, to steal trade secrets

On October 22, 2021Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, Technology, Threats, AI, China, Huawei, National Counterintelligence and Security Center (NCSC)

The Chinese government’s aggressive push to dominate emerging technology such as artificial inRead more

Internet providers fail to inform Americans about how they use sensitive data for advertising, FTC says

On October 21, 2021Source: CyberScoopBy Tonya Riley
Categories: Government, Privacy, Comcast, data security, Federal Trade Commission (FTC), privacy

Internet service providers fail to disclose to consumers how they use sensitive data, obscure privacRead more

'Bulletproof' hosting operators sentenced for role in aiding spread of Zeus malware, which stole $100 million

On October 21, 2021Source: CyberScoopBy Tim Starks
Categories: Financial, Government, Money, bulletproof hosting, cybercrime, Department of Justice (DOJ), Zeus

A federal judge sentenced two men to multi-year prison terms for their role in providing services toRead more

Krebs On Security

The Hacker News

Over 10 Million Android Users Targeted With Premium SMS Scam Apps

On October 26, 2021Source: The Hacker NewsBy

A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downlRead more

A global fraud campaign has been found leveraging 151 malicious Android apps with 10.5 million downloads to rope users into premium subscription services without their consent and knowledge. The premium SMS scam campaign — dubbed "UltimaSMS" — is believed to commenced in May 2021 and involved apps that cover a wide range of categories, including keyboards, QR code scanners, video and photo

Malicious Firefox Add-ons Block Browser From Downloading Security Updates

On October 26, 2021Source: The Hacker NewsBy

Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users thatRead more

Mozilla on Monday disclosed it blocked two malicious Firefox add-ons installed by 455,000 users that were found misusing the Proxy API to impede downloading updates to the browser. The two extensions in question, named Bypass and Bypass XM, "interfered with Firefox in a way that prevented users who had installed them from downloading updates, accessing updated blocklists, and updating remotely

Hackers Exploited Popular BillQuick Billing Software to Deploy Ransomware

On October 26, 2021Source: The Hacker NewsBy

Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versiRead more

Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that's being actively exploited by threat actors to deploy ransomware on vulnerable systems. CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully

New Attack Lets Hackers Collect and Spoof Browser's Digital Fingerprints

On October 26, 2021Source: The Hacker NewsBy

A "potentially devastating and hard-to-detect threat" could be abused by attackers to collect users'Read more

A "potentially devastating and hard-to-detect threat" could be abused by attackers to collect users' browser fingerprinting information with the goal of spoofing the victims without their knowledge, thus effectively compromising their privacy. Academics from Texas A&M University dubbed the attack system "Gummy Browsers," likening it to a nearly 20-year-old "Gummy Fingers" technique that can

Hardware-grade enterprise authentication without hardware: new SIM security solution for IAM

On October 25, 2021Source: The Hacker NewsBy

The average cost of a data breach, according to the latest research by IBM, now stands at USD 4.24 mRead more

The average cost of a data breach, according to the latest research by IBM, now stands at USD 4.24 million, the highest reported. The leading cause? Compromised credentials, often caused by human error. Although these findings continue to show an upward trend in the wrong direction, the challenge itself is not new. What is new is the unprecedented and accelerated complexity of securing the

Microsoft Warns of Continued Supply-Chain Attacks by the Nobelium Hacker Group

On October 25, 2021Source: The Hacker NewsBy

Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind a newRead more

Nobelium, the threat actor behind the SolarWinds compromise in December 2020, has been behind a new wave of attacks that compromised 14 downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations, illustrating the adversary's continuing interest in targeting the supply chain via the "compromise-one-to-compromise-many"

NYT Journalist Repeatedly Hacked with Pegasus after Reporting on Saudi Arabia

On October 25, 2021Source: The Hacker NewsBy

The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group's Pegasus sRead more

The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group's Pegasus spyware tool over a three-year period stretching between June 2018 to June 2021, resulting in infections twice in July 2020 and June 2021. The University of Toronto's Citizen Lab, which publicized the findings on Sunday, said the "targeting took place while he was reporting on Saudi Arabia, and

Popular NPM Package Hijacked to Publish Crypto-mining Malware

On October 24, 2021Source: The Hacker NewsBy

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and passRead more

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining and password-stealing malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to get rid of three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source

Microsoft Warns of TodayZoo Phishing Kit Used in Extensive Credential Stealing Attacks

On October 23, 2021Source: The Hacker NewsBy

Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes adRead more

Microsoft on Thursday disclosed an "extensive series of credential phishing campaigns" that takes advantage of a custom phishing kit that stitched together components from at least five different widely circulated ones with the goal of siphoning user login information. The tech giant's Microsoft 365 Defender Threat Intelligence Team, which detected the first instances of the tool in the wild in

Feds Reportedly Hacked REvil Ransomware Group and Forced it Offline

On October 23, 2021Source: The Hacker NewsBy

The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operatioRead more

The Russian-led REvil ransomware gang was felled by an active multi-country law enforcement operation that resulted in its infrastructure being hacked and taken offline for a second time earlier this week, in what's the latest action taken by governments to disrupt the lucrative ecosystem. The takedown was first reported by Reuters, quoting multiple private-sector cyber experts working with the

How Can We Help?

7 + 7 =

Share This