Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Large-Scale Phishing Campaign Bypasses MFA

On July 13, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers used adversary-in-the-middle attacks to steal passwords, hijack sign-in sessions and skipRead more

‘Callback’ Phishing Campaign Impersonates Security Firms

On July 12, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Victims instructed to make a phone call that will direct them to a link for downloading malware.Read more

Google Patches Actively Exploited Chrome Bug

On July 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 41, column 8

Motherboard

Anti-Vaccine Organization Children’s Health Defense Says It Was Banned from Instagram and Facebook

On August 18, 2022Source: VICE US - MotherboardBy Anna Merlan
Categories: Instagram, Facebook, conspiracy theories, meta, Robert F. Kennedy Jr., COVID-19, covid-19 conspiracy theories, vaccine conspiracy theories, children's health defense, anti-vaccine misinformation

Their founder, Robert F. Kennedy Jr., had his Instagram account deleted last year.Read more

NASA Will Now Go ‘Full Force’ Investigating UFOs, Agency Says

On August 18, 2022Source: VICE US - MotherboardBy Becky Ferreira
Categories: Space, UFOS, ALIENS, nasa, Abstract, UAPs, tech-science, worldnews

The agency is convening a team to examine unidentified flying objects from a scientific perspective.Read more

The Story Behind That Pole Dancer Gender Reveal Party

On August 18, 2022Source: VICE US - MotherboardBy Samantha Cole
Categories: Party, Gender, Pole Dancing, gender reveals

It's less wild than you might assume.Read more

A Private Space Company Is Launching a Probe to Look for Alien Life on Venus

On August 18, 2022Source: VICE US - MotherboardBy Becky Ferreira
Categories: Space, ALIENS, Abstract, venus, Rocket Lab, tech-science, worldnews

Rocket Lab plans to send a mission to Venus as early as May 2023Read more

Free Speech Bastion Substack Fires Editor for Editing a Blog Critical of Substack

On August 18, 2022Source: VICE US - MotherboardBy Tim Marchman
Categories: journalism, The Discourse, Sam Thielman, substack, Hamish Mckenzie

After the mess went public, the company repeatedly said it had "fucked up."Read more

Data Breeches

BlackByte ransomware gang is back with new extortion tactics

On August 18, 2022Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Malware

Lawrence Abrams reports: The BlackByte ransomware is back with version 2.0 of their operation, incluRead more

Ar: Aceitera General Dehezas discloses ransomware attack

On August 18, 2022Source: DataBreaches.netBy chum1ng0
Categories: Business Sector, Malware

Argentinian agribusiness Aceitera General Deheza (AGD) was attacked on August 10. According to a staRead more

WestJet app data breach reveals other people’s personal information

On August 18, 2022Source: DataBreaches.netBy Dissent
Categories: Business Sector, Exposure, Non-U.S.

Stephen Hunt reports: WestJet says it’s investigating a technical glitch on its app that allowRead more

Brazilian police launch investigation targeting Lapsus$ group

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Hack, Non-U.S.

Andrea Peterson reports: Brazil’s Federal Police carried out eight search and seizure warrants TuesdRead more

TX: Methodist McKinny Hospital beat Karakurt to the punch by revealing attack quickly

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Hack, Health Data, U.S.

Yesterday, Karakurt threat actors added the Methodist McKinny Hospital in Texas to their dark web leRead more

New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Legislation, Of Note, State/Local

By Hunton Andrews Kurth’s Privacy and Cybersecurity On June 10, 2022, New York became the first statRead more

GA: Hacker disrupts systems at Forsyth County medical office

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Hack, Health Data, U.S.

On July 25, Forsyth County deputies responded to reports that the computer system of a medical officRead more

Ca: St. Joe’s contacting 230 patients whose health records were faxed to wrong people

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Exposure, Health Data, Non-U.S.

Sebastian Bron reports: About 230 patients at St. Joseph’s Healthcare Hamilton had their health recoRead more

Disrupting SEABORGIUM’s ongoing phishing operations

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Of Note, Other, Phishing

From Microsoft’s Blog: The Microsoft Threat Intelligence Center (MSTIC) has observed and takenRead more

Alberta OIPC’s 2022 PIPA Breach Report – Trends and Key Takeaways

On August 17, 2022Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Non-U.S., Of Note

John Cassell, Imran Ahmad,and Miranda Sharpe of Norton Rose Fulbright write: On July 27, 2022, the ORead more

Cyberscoop

U.S. Cyber Command completes defensive cyber mission in Croatia

On August 18, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Geopolitics, Government, Threats, Cyber Command, international, National Security Agency (NSA)

Cyber National Mission Force deployed to Croatia recently, the latest example of a so-called "hunt fRead more

DEF CON Voting Village takes on election conspiracies, disinformation

On August 17, 2022Source: CyberScoopBy AJ Vicens
Categories: Government, Threats, DefCon, election security, Harri Hursti, Smartmatic

In the era of the "Big Lie," the Voting Village has another — and possibly more challenging — missioRead more

House leaders demand law enforcement agencies provide details on use of private data

On August 17, 2022Source: CyberScoopBy Tonya Riley
Categories: Government, Privacy, Customs and Border Protection, data brokers, Department of Homeland Security (DHS), Department of Justice (DOJ), FBI, House Homeland Security Committee, House Judiciary Committee

Public records and reporting has revealed that federal agencies have spent millions of dollars on coRead more

Pentagon put microgrid technology to the test at DEF CON, drawing on hackers' ingenuity

On August 16, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Government, Technology, Threats, critical infrastructure, cyberthreats, Defense Digital Service, Department of Defense (DOD), electrical grid, U.S. Army

The collaboration unfolded at the cybersecurity conference in Las Vegas where more than 1,700 attendRead more

Why Tornado Cash sanctions are drawing fierce criticism, potential court challenge from crypto group

On August 15, 2022Source: CyberScoopBy Tonya Riley
Categories: Financial, Privacy, cryptocurrency, GitHub, Lazarus Group, sanctions, Treasury Department

Sanctions against the cryptocurrency mixer have ignited concern from industry stakeholders, privacyRead more

CISA expands efforts to fight election disinformation ahead of 'challenging' 2024 vote

On August 12, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Government, Policy, Threats, Cybersecurity and Infrastructure Security Agency (CISA), cyberthreats, election security, information operations, Jen Easterly

CISA Director Jen Easterly said election security has grown more complex as disinformation and threaRead more

Ex-CISA chief Krebs advocates for standalone cyber agency. Experts say that's impractical.

On August 12, 2022Source: CyberScoopBy Suzanne Smalley
Categories: Government, Policy, Threats, Chris Krebs, Cybersecurity and Infrastructure Security Agency (CISA), cyberthreats, Department of Homeland Security (DHS), Office of the National Cyber Director

Former cybersecurity officials said CISA would be less effective if it lost the clout that it gets fRead more

State Department offers $10 million for details on Conti ransomware gang members

On August 11, 2022Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, Threats, Black Hat 2022, Conti, ransomware, State Department

As of January 2022, there were more than 1,000 victims of attacks associated with Conti ransomware aRead more

Russia's digital attacks are haphazard, chaotic, says top Ukrainian cyber official

On August 11, 2022Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, Government, Black Hat 2022, Industroyer2, Russia, Sandworm, Ukraine

Moscow's approach to incorporating cyberattacks into its ongoing assault reflects an "absence of strRead more

FTC will explore new privacy rules to protect consumers from 'hackers and data thieves'

On August 11, 2022Source: CyberScoopBy Tonya Riley
Categories: Privacy, data privacy, FTC, privacy law, surveillance

Concerns about the commercial surveillance industry outlined in the agency's notice include poor datRead more

Krebs On Security

The Hacker News

China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year

On August 18, 2022Source: The Hacker NewsBy

The Chinese advanced persistent threat (APT) actor tracked as Winnti (aka APT41) has targeted at leaRead more

The Chinese advanced persistent threat (APT) actor tracked as Winnti (aka APT41) has targeted at least 13 organizations geographically spanning across the U.S, Taiwan, India, Vietnam, and China against the backdrop of four different campaigns in 2021. "The targeted industries included the public sector, manufacturing, healthcare, logistics, hospitality, education, as well as the media and

Penetration Testing or Vulnerability Scanning? What's the Difference?

On August 18, 2022Source: The Hacker NewsBy

Pentesting and vulnerability scanning are often confused for the same service. The problem is, businRead more

Pentesting and vulnerability scanning are often confused for the same service. The problem is, business owners often use one when they really need the other. Let's dive in and explain the differences. People frequently confuse penetration testing and vulnerability scanning, and it's easy to see why. Both look for weaknesses in your IT infrastructure by exploring your systems in the same way an

Hackers Using Bumblebee Loader to Compromise Active Directory Services

On August 18, 2022Source: The Hacker NewsBy

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated witRead more

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. "Bumblebee operators conduct intensive reconnaissance activities and redirect the output of executed commands to files for exfiltration," Cybereason researchers Meroujan Antonyan and

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware

On August 18, 2022Source: The Hacker NewsBy

The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable ofRead more

The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. Slovak cybersecurity firm ESET linked it to a campaign dubbed "Operation In(ter)ception" that was first disclosed in June 2020 and involved using social engineering tactics to trick employees working in the aerospace and military sectors into

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

On August 18, 2022Source: The Hacker NewsBy

Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zRead more

Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices. The list of issues is below - CVE-2022-32893 - An out-of-bounds issue in WebKit which could lead to the execution of arbitrary code by processing a specially crafted web content CVE-2022-32894 - An

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

On August 18, 2022Source: The Hacker NewsBy

In a sign that malicious actors continue to find ways to work around Google Play Store security protRead more

In a sign that malicious actors continue to find ways to work around Google Play Store security protections, researchers have spotted a previously undocumented Android dropper trojan that's currently in development. "This new malware tries to abuse devices using a novel technique, not seen before in Android malware, to spread the extremely dangerous Xenomorph banking trojan, allowing criminals

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

On August 18, 2022Source: The Hacker NewsBy

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could beRead more

Security flaws have been identified in Xiaomi Redmi Note 9T and Redmi Note 11 models, which could be exploited to disable the mobile payment mechanism and even forge transactions via a rogue Android app installed on the devices. Check Point said it found the flaws in devices powered by MediaTek chipsets during a security analysis of the Chinese handset maker's Trusted Execution Environment (TEE)

Malicious Browser Extensions Targeted Over a Million Users So Far This Year

On August 18, 2022Source: The Hacker NewsBy

More than 1.31 million users attempted to install malicious or unwanted web browser extensions at leRead more

More than 1.31 million users attempted to install malicious or unwanted web browser extensions at least once, new findings from cybersecurity firm Kaspersky show. "From January 2020 to June 2022, more than 4.3 million unique users were attacked by adware hiding in browser extensions, which is approximately 70% of all users affected by malicious and unwanted add-ons," the company said. As many as

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

On August 17, 2022Source: The Hacker NewsBy

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploiteRead more

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild. Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on

Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers

On August 17, 2022Source: The Hacker NewsBy

A Chinese state-sponsored threat activity group named RedAlpha has been attributed to a multi-year mRead more

A Chinese state-sponsored threat activity group named RedAlpha has been attributed to a multi-year mass credential theft campaign aimed at global humanitarian, think tank, and government organizations. "In this activity, RedAlpha very likely sought to gain access to email accounts and other online communications of targeted individuals and organizations," Recorded Future disclosed in a new

How Can We Help?

10 + 9 =

Share This