Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 753

Motherboard

WP HTTP Error: A valid URL was not provided.

Data Breeches

No, the 16 billion credentials leak is not a new data breach — a wake-up call about fake news

On June 20, 2025Source: DataBreaches.NetBy Dissent
Categories: Breach Incidents, Commentaries and Analyses, Of Note

Kudos to Lawrence Abrams and Bleeping Computer for calling out Cybernews’ misleading reportingRead more

Tonga’s health system hit by cyberattack

On June 20, 2025Source: DataBreaches.NetBy Dissent
Categories: Breach Incidents

Radio New Zealand reports: A team of Australian cyber experts flew to Tonga this week after the counRead more

Russia Expert Falls Prey to Elite Hackers Disguised as US Officials

On June 20, 2025Source: DataBreaches.NetBy Dissent
Categories: Phishing

Kevin Poireault reports: Keir Giles, a British expert on Russian information operations, has been taRead more

Proposed class action settlement in In re Netgain Technology litigation

On June 20, 2025Source: DataBreaches.NetBy Dissent
Categories: Breach Incidents, Commentaries and Analyses

There’s an update to the Netgain ransomware attack incident that was first reported in 2020 anRead more

Qilin Offers “Call a lawyer” Button For Affiliates Attempting To Extort Ransoms From Victims Who Won’t Pay

On June 20, 2025Source: DataBreaches.NetBy Dissent
Categories: Commentaries and Analyses, Malware

Graham Cluley reports: Imagine for one moment that you are a cybercriminal. You have compromised anRead more

Ireland’s Data Protection Commission publishes 2024 Annual Report

On June 19, 2025Source: DataBreaches.NetBy Dissent
Categories: Commentaries and Analyses

The Data Protection Commission has today launched its Annual Report for 2024 and released the resultRead more

The headlines suggested Freedman Healthcare suffered a ransomware attack that affected patient data. The reality was quite different.

On June 19, 2025Source: DataBreaches.NetBy Dissent
Categories: Commentaries and Analyses

Today’s post is a reminder why maybe we should all wait a bit before just repeating criminalsRead more

Runsafe report: Medical device cyberattacks threaten patient care, strain budgets, top concern for healthcare sector

On June 19, 2025Source: DataBreaches.NetBy Dissent
Categories: Commentaries and Analyses, Health Data

Industrial Cyber reports: A new report from Runsafe Security highlights how medical device cybersecuRead more

Ryuk ransomware’s initial access expert extradited to the U.S. from Ukraine

On June 19, 2025Source: DataBreaches.NetBy Dissent
Categories: Breach Incidents, Malware

Bill Toulas reports: A member of the notorious Ryuk ransomware operation who specialized in gainingRead more

Alleged Geisinger hacker will defend himself pro se.

On June 18, 2025Source: DataBreaches.NetBy Dissent
Categories: Breach Incidents, Commentaries and Analyses, Health Data, Insider, Subcontractor, U.S.

John Beauge reports: The man accused of downloading protected information of more than 1.2 million GRead more

Cyberscoop

Iran’s financial sector takes another hit as largest crypto exchange is targeted

On June 18, 2025Source: CyberScoopBy Matt Kapko
Categories: Cybersecurity, Financial, Geopolitics, crypto, cryptocurrency, finance, financial, hacktivism, hacktivists, Iran, IRGC, Israel

A $90 million crypto theft from Nobitex marks the second cyberattack on Iran’s financial systems inRead more

Unusually patient suspected Russian hackers pose as State Department in ‘sophisticated’ attacks on researchers

On June 18, 2025Source: CyberScoopBy Tim Starks
Categories: Privacy, Technology, Threats, academia, application specific passwords, APT29, Citizen Lab, Google, Google Threat Intelligence Group, Keir Giles, multi-factor authentication (MFA), Russia

They weren’t in any hurry, according to Citizen Lab, and used an interesting attack vector. Google TRead more

Researchers say AI hacking tools sold online were powered by Grok, Mixtral

On June 17, 2025Source: CyberScoopBy djohnson
Categories: AI, Cybersecurity, Research, Breach Forums, cybercrime, Grok, Mistral AI

A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI aRead more

Iran’s Bank Sepah disrupted by cyberattack claimed by pro-Israel hacktivist group

On June 17, 2025Source: CyberScoopBy Matt Kapko
Categories: Cybersecurity, Financial, Geopolitics, financial, Iran, Israel, finance, IRGC, Google Threat Intelligence Group

The attack introduces a clear cyber element with immediate consequences for the country’s critical iRead more

Cyber experts call for supercharging volunteer network to protect community organizations

On June 17, 2025Source: CyberScoopBy djohnson
Categories: Research, Exclusive, Ransomware, Cybersecurity, Technology, Money, Policy, Threats, Center for Long Term Cybersecurity, University of California Berkeley, Cyber Resilience Corps, CyberPeace Institute, research, CISA, public-private partnership, critical infrastructure

To defend “target rich, resource poor” critical infrastructure from cyberattacks, the U.S. must expaRead more

Federal cyber insurance backstop should be tied to expiring terrorism insurance law, report recommends

On June 17, 2025Source: CyberScoopBy Tim Starks
Categories: Financial, Money, Policy, Congress, terrorism, cyber insurance, Foundation for Defense of Democracies, Office of the National Cyber Director, Institute for Security and Technology

Congress should use renewal of an expiring terrorism insurance program to create a federal backstopRead more

Scattered Spider, fresh off retail sector attack spree, pivots to insurance industry

On June 16, 2025Source: CyberScoopBy Matt Kapko
Categories: Cybercrime, Cybersecurity, Ransomware, Threats, cybercrime, insurance, ransomware

Multiple U.S.-based companies in the insurance sector have already been hit over the past week and aRead more

SEC withdraws cyber rules for investment companies, advisers

On June 16, 2025Source: CyberScoopBy Tim Starks
Categories: Financial, Government, Money, Policy, Bank Policy Institute, Better Markets, Biden administration, Fidelity Investments, financial sector, Prudential, regulation, Securities and Exchange Commission (SEC), Trump administration

The move last week came amid the pullback of other SEC regulations. The post SEC withdraws cyber rulRead more

European authorities disrupt top drug marketplace, arrest leader

On June 16, 2025Source: CyberScoopBy Matt Kapko
Categories: Cybercrime, Arrest, drugs, Europe, Europol

Archetyp Market facilitated high-volume sales of fentanyl, cocaine, MDMA, amphetamines and syntheticRead more

Cybercrime crackdown disrupts malware, infostealers, marketplaces across the globe

On June 16, 2025Source: CyberScoopBy Matt Kapko
Categories: Cybercrime, Cybersecurity, Ransomware, Threats, cybercrime, Department of Justice (DOJ), Europol, Federal Bureau of Investigation (FBI), Flashpoint, Interpol, Proofpoint, ransomware, Unit 42

A burst of global law enforcement actions during the past few weeks marked by a flurry of successfulRead more

Krebs On Security

The Hacker News

Iran's State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist

On June 20, 2025Source: The Hacker NewsBy

Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and aiRead more

Iran's state-owned TV broadcaster was hacked Wednesday night to interrupt regular programming and air videos calling for street protests against the Iranian government, according to multiple reports. It's currently not known who is behind the attack, although Iran pointed fingers at Israel, per Iran International. "If you experience disruptions or irrelevant messages while watching various TV

6 Steps to 24/7 In-House SOC Success

On June 20, 2025Source: The Hacker NewsBy

Hackers never sleep, so why should enterprise defenses? Threat actors prefer to target businesses duRead more

Hackers never sleep, so why should enterprise defenses? Threat actors prefer to target businesses during off-hours. That’s when they can count on fewer security personnel monitoring systems, delaying response and remediation. When retail giant Marks & Spencer experienced a security event over Easter weekend, they were forced to shut down their online operations, which account for

Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider

On June 20, 2025Source: The Hacker NewsBy

Cloudflare on Thursday said it autonomously blocked the largest ever distributed denial-of-service (Read more

Cloudflare on Thursday said it autonomously blocked the largest ever distributed denial-of-service (DDoS) attack ever recorded, which hit a peak of 7.3 terabits per second (Tbps). The attack, which was detected in mid-May 2025, targeted an unnamed hosting provider. "Hosting providers and critical Internet infrastructure have increasingly become targets of DDoS attacks," Cloudflare's Omer

200+ Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers

On June 20, 2025Source: The Hacker NewsBy

Cybersecurity researchers have uncovered a new campaign in which the threat actors have published moRead more

Cybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead. The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as targeting the Python Package

New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft

On June 19, 2025Source: The Hacker NewsBy

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot thatRead more

Cybersecurity researchers have exposed the inner workings of an Android malware called AntiDot that has compromised over 3,775 devices as part of 273 unique campaigns. "Operated by the financially motivated threat actor LARVA-398, AntiDot is actively sold as a Malware-as-a-Service (MaaS) on underground forums and has been linked to a wide range of mobile campaigns," PRODAFT said in a report

BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with macOS Backdoor Malware

On June 19, 2025Source: The Hacker NewsBy

The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee inRead more

The North Korea-aligned threat actor known as BlueNoroff has been observed targeting an employee in the Web3 sector with deceptive Zoom calls featuring deepfaked company executives to trick them into installing malware on their Apple macOS devices. Huntress, which revealed details of the cyber intrusion, said the attack targeted an unnamed cryptocurrency foundation employee, who received a

Secure Vibe Coding: The Complete New Guide

On June 19, 2025Source: The Hacker NewsBy

DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural languRead more

DALL-E for coders? That’s the promise behind vibe coding, a term describing the use of natural language to create software. While this ushers in a new era of AI-generated code, it introduces "silent killer" vulnerabilities: exploitable flaws that evade traditional security tools despite perfect test performance. A detailed analysis of secure vibe coding practices is available here. TL;DR: Secure

Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session

On June 19, 2025Source: The Hacker NewsBy

Most cyberattacks today don’t start with loud alarms or broken firewalls. They start quietly—insideRead more

Most cyberattacks today don’t start with loud alarms or broken firewalls. They start quietly—inside tools and websites your business already trusts. It’s called “Living Off Trusted Sites” (LOTS)—and it’s the new favorite strategy of modern attackers. Instead of breaking in, they blend in. Hackers are using well-known platforms like Google, Microsoft, Dropbox, and Slack as launchpads. They hide

Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

On June 19, 2025Source: The Hacker NewsBy

Threat actors with suspected ties to Russia have been observed taking advantage of a Google accountRead more

Threat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering tactic designed to gain access to victims' emails. Details of the highly targeted campaign were disclosed by Google Threat Intelligence Group (GTIG) and the Citizen Lab, stating the activity

Meta Adds Passkey Login Support to Facebook for Android and iOS Users

On June 19, 2025Source: The Hacker NewsBy

Meta Platforms on Wednesday announced that it's adding support for passkeys, the next-generation pasRead more

Meta Platforms on Wednesday announced that it's adding support for passkeys, the next-generation password standard, on Facebook. "Passkeys are a new way to verify your identity and login to your account that's easier and more secure than traditional passwords," the tech giant said in a post. Support for passkeys is expected to be available "soon" on Android and iOS mobile devices. The feature is

How Can We Help?

13 + 6 =

Share This