Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon DBIR Threats – Again

On June 3, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Hacks, Malware, Web Security

Deja-Vu data from this year's DBIR report feels like we are stuck in the movie 'Groundhog Day.'Read more

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

On May 31, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomwareRead more

Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover

On May 19, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,00Read more

Threat Actors Use Telegram to Spread ‘Eternity’ Malware-as-a-Service

On May 13, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Malware, Web Security

An account promoting the project—which offers a range of threat activity from info-stealing to cryptRead more

Millions of Java Apps Remain Vulnerable to Log4Shell

On April 27, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

Four months after the critical flaw was discovered, attackers have a massive attack surface from whiRead more

Google: 2021 was a Banner Year for Exploited 0-Day Bugs

On April 20, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes.Read more

Protect Your Executives’ Cybersecurity Amidst Global Cyberwar

On April 19, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Cloud Security, Mobile Security, Privacy, Sponsored, Web Security

In this time of unprecedented cyberwar, organizations must protect the personal digital lives of theRead more

Cyberattackers Put the Pedal to the Medal: Podcast

On April 18, 2022Source: Web Security – ThreatpostBy Tara Seals
Categories: Cloud Security, Critical Infrastructure, Malware, Podcasts, Sponsored, Vulnerabilities, Web Security

Fortinet's Derek Manky discusses the exponential increase in the speed that attackers weaponize fresRead more

Karakurt Ensnares Conti, Diavol Ransomware Groups in Its Web

On April 15, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Malware, Web Security

Connections that show the cybercriminal teams are working together signal shifts in their respectiveRead more

Feds Shut Down RaidForums Hacking Marketplace

On April 13, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Web Security

The DoJ is charging its founder, 21-year-old Portuguese citizen Diogo Santos Coelho, on six criminalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 64, column 8

Motherboard

Microsoft Compares Russian Hacks of Ukraine to Assassination That Started World War I

On June 24, 2022Source: VICE US - MotherboardBy Jules Roscoe
Categories: Ukraine, russia, Hacking, microsoft

In a newly released report, Microsoft details Russia’s cyber threats to Ukraine, and its president gRead more

DALL-E Is Now Generating Realistic Faces of Fake People

On June 24, 2022Source: VICE US - MotherboardBy Janus Rose
Categories: Artificial Intelligence, AI, deepfakes, DALL-E

Things are about to get really weird in the world of image-generating AI.Read more

It's 'Penis Flower' Bloom Season

On June 24, 2022Source: VICE US - MotherboardBy Samantha Cole
Categories: penis, corpse flower, Flower, penis flowers

Two "corpse flowers" or "penis flowers" bloomed in California this month.Read more

Raising Rents at a Landlord Convention

On June 24, 2022Source: VICE US - MotherboardBy Matthew Gault
Categories: Tech

At the 21st Annual Mr. Landlord.com National Landlord Convention, rents on on the rise and life is gRead more

Fringe COVID Doctors Say They’re Under Attack by Medical Certification Board

On June 24, 2022Source: VICE US - MotherboardBy Anna Merlan
Categories: medical misinformation, covid, ivermectin, pierre kory, flccc, COVID misinformation, peter mccullough, american board of internal medicine

They’ve promptly spun the situation into more bait for their fans, support from a senator, and a newRead more

Data Breeches

https://www.databreaches.net/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 64, column 8

Cyberscoop

Supreme Court's Roe v. Wade reversal sparks calls for strengthening privacy

On June 24, 2022Source: CyberScoopBy Tonya Riley
Categories: Government, Privacy, abortion, Bernie Sanders, Center for Democracy and Technology, Congress, data brokers, Electronic Frontier Foundation, Elizabeth Warren, Patty Murray, privacy, Ron Wyden, Sheldon Whitehouse, Supreme Court, U.S. courts, U.S. Supreme Court

Data collected by tech companies could be used to prosecute abortion seekers, they warn. The post SuRead more

Lawmakers want to restrict user data sales to nations like China, Russia

On June 23, 2022Source: CyberScoopBy Tonya Riley
Categories: Policy, Privacy, atlantic council, Bill Cassidy, Bill Hagerty, China, Commerce Department, Cynthia Lummis, data brokers, data security, Elizabeth Warren, espionage, marco rubio, Ron Wyden, Russia, Sheldon Whitehouse

The bill tasks the Department of Commerce with creating new export rules. The post Lawmakers want toRead more

Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan

On June 23, 2022Source: CyberScoopBy AJ Vicens
Categories: Threats, Google Project Zero, Google Threat Analysis Group, Italy, RCS Labs, spyware

The campaign is just the latest example of the increasingly sophisticated world of private zero-dayRead more

Research questions potentially dangerous implications of Ukraine's IT Army

On June 22, 2022Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, Threats, Center for Security Studies, Council on Foreign Relations, DDoS, European Union, hacktivism, National Security Council (NSC), NATO, RAND, Russia, Ukraine, Ukraine IT Army, Victor Zhora

Volunteer hacking efforts could unwittingly pull countries or private companies into a murky geopoliRead more

CISA advisory panel wants agency to act on election disinformation, multifactor authentication

On June 22, 2022Source: CyberScoopBy Tim Starks
Categories: Government, Policy, contractors, cybersecurity advisory committee, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), disinformation, election security, influence operations, multi-factor authentication (MFA), vulnerability disclosure

CISA's director has 90 days to respond to the suggestions. The post CISA advisory panel wants agencyRead more

FedScoop announces the Best Bosses in Federal IT 2022

On June 22, 2022Source: CyberScoopBy Mike Hilario
Categories: Special, awards, bosses, federal

Scoop News Group is thrilled to announce the 2022 Best Bosses in Federal IT. The post FedScoop annouRead more

Unpacking key competencies for infosec leaders

On June 21, 2022Source: CyberScoopBy Julia Weaver
Categories: Sponsored Content, CISO, Content Syndication, IANS Research, IANS Research 2022, InfoSec

New research offers insights into how to embed information security and business skills to help drivRead more

Former Mandiant exec tapped to run CTIIC, ODNI's cyber threat intelligence center

On June 21, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Government, Policy, Threats, atlantic council, Cyber Threat Intelligence Integration Center, Erin Joe, FireEye, Mandiant, Office of the Director of National Intelligence (ODNI), Tonya Ugoretz, Ukraine, Victor Zhora

Laura Galante comes to the role after several years of running her own cybersecurity firm. The UkraiRead more

Ukrainian cybersecurity officials disclose two new hacking campaigns

On June 21, 2022Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, APT28, Cybersecurity and Infrastructure Security Agency (CISA), Follina, Russia, TrickBot, Ukraine

Both efforts relied on malicious documents, officials said. The post Ukrainian cybersecurity officiaRead more

Tech companies are selling domains suggesting illegal sales of guns, malware

On June 21, 2022Source: CyberScoopBy Tonya Riley
Categories: Technology, Threats, consumer, consumer protection, covid-19, cybercrime, Digital Citizens Alliance, domains, DomainTools, GoDaddy, Google, malware, Network Solutions, website registration

COVID-19-related domains remain a concern. The post Tech companies are selling domains suggesting ilRead more

Krebs On Security

The Hacker News

Learn NIST Inside Out With 21 Hours of Training @ 86% OFF

On June 25, 2022Source: The Hacker NewsBy

In cybersecurity, many of the best jobs involve working on government projects. To get a security clRead more

In cybersecurity, many of the best jobs involve working on government projects. To get a security clearance, you need to prove that you meet NIST standards. Cybersecurity firms are particularly interested in people who understand the RMF, or Risk Management Framework — a U.S. government guideline for taking care of data. The NIST Cybersecurity & Risk Management Frameworks Course helps you

New 'Quantum' Builder Lets Attackers Easily Create Malicious Windows Shortcuts

On June 25, 2022Source: The Hacker NewsBy

A new malware tool that enables cybercriminal actors to build malicious Windows shortcut (.LNK) fileRead more

A new malware tool that enables cybercriminal actors to build malicious Windows shortcut (.LNK) files has been spotted for sale on cybercrime forums. Dubbed Quantum Lnk Builder, the software makes it possible to spoof any extension and choose from over 300 icons, not to mention support UAC and Windows SmartScreen bypass as well as "multiple payloads per .LNK" file. Also offered are capabilities

Multiple Backdoored Python Libraries Caught Stealing AWS Secrets and Keys

On June 25, 2022Source: The Hacker NewsBy

Researchers have discovered a number of malicious Python packages in the official third-party softwaRead more

Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint. The list of packages includes loglib-modules, pyg-modules, pygrata, pygrata-utils, and hkg-sol-utils, according to Sonatype security researcher Ax Sharma. The packages and as

State-Backed Hackers Using Ransomware as a Decoy for Cyber Espionage Attacks

On June 25, 2022Source: The Hacker NewsBy

A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware faRead more

A China-based advanced persistent threat (APT) group is possibly deploying short-lived ransomware families as a decoy to cover up the true operational and tactical objectives behind its campaigns. The activity cluster, attributed to a hacking group dubbed Bronze Starlight by Secureworks, involves the deployment of post-intrusion ransomware such as LockFile, Atom Silo, Rook, Night Sky, Pandora,

Google Says ISPs Helped Attackers Infect Targeted Smartphones with Hermit Spyware

On June 25, 2022Source: The Hacker NewsBy

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the governmentRead more

A week after it emerged that a sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in malware defense service — to protect all users, Benoit Sevens and Clement Lecigne of Google Threat

Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack

On June 25, 2022Source: The Hacker NewsBy

A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP applianceRead more

A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a previously

Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data

On June 24, 2022Source: The Hacker NewsBy

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber CRead more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with the Coast Guard Cyber Command (CGCYBER), on Thursday released a joint advisory warning of continued attempts on the part of threat actors to exploit the Log4Shell flaw in VMware Horizon servers to breach target networks. "Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched,

Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside

On June 24, 2022Source: The Hacker NewsBy

A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previouRead more

A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber' tool that is most likely illegally distributed in the Chinese-speaking web," Israeli cybersecurity

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

On June 23, 2022Source: The Hacker NewsBy

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lRead more

The beleaguered Israeli surveillanceware vendor NSO Group this week admitted to the European Union lawmakers that its Pegasus tool was used by at least five countries in the region. "We're trying to do the right thing and that's more than other companies working in the industry," Chaim Gelfand, the company's general counsel and chief compliance officer, said, according to a report from Politico.

Manual vs. SSPM: Research on What Streamlines SaaS Security Detection & Remediation

On June 23, 2022Source: The Hacker NewsBy

When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline theRead more

When it comes to keeping SaaS stacks secure, IT and security teams need to be able to streamline the detection and remediation of misconfigurations in order to best protect their SaaS stack from threats. However, while companies adopt more and more apps, their increase in SaaS security tools and staff has lagged behind, as found in the 2022 SaaS Security Survey Report.  The survey report,

How Can We Help?

4 + 15 =

Share This